VAPID verification

This page helps validate or construct VAPID header data. The Headers section accepts existing header values (e.g. ones created by a library or included as part of a subscription update).

The Claims section will create a valid JSON claim, generate a VAPID key pair, and generate the proper header values.

The Exported Keys section provides the keys in DER format which should be readable by many encryption libraries.


The headers are sent with subscription updates. They provide the site information to associate with this feed. PLEASE NOTE: Your private key should be generated on your machine and should NEVER leave your box or control. This page will generate a valid key that can be used, and all functions are local, but this is purely for educational purposes only.

This is the content of the Authorization header included as part of the subscription POST update.
This is included as part of the Crypto-Key header, which is included as part of the subscription POST update. Crypto-Key may contain more than one part. Each part should be separated by a comma (",") (NOTE: For Draft-02, this header is not required)


Claims are the information a site uses to identify itself.

The required administrative email address that can be contacted if there's an issue

Time in seconds for this claim to live. (Default/Max: 24 hours from now)


Note: You can add more claims if you wish. These can include things like, the ID of the originating server (if you have several that may be publishing updates), a proxied customer ID or hash (for privacy reasons, you probably don't want to make this easily determinable), or any other value that may be useful between the Push Server Ops team and yours. Just make the values short so you don't run the risk of the server rejecting a request because the headers are too big.

For example: {'sub': '', 'exp': 1470858133, 'ami_id':'e-1248296','cust_id':'a9afd519s919faio3'}

Claims JSON object:


Exported Keys

Auto-generated keys:

These are ASN.1 DER formatted version of the public and private keys used to generate the above VAPID headers. These can be useful for languages that use DER or PEM for key import.