---
title: Signing transactions
description: "\"Shows how to sign PingOne Recognize transaction data after successful authentication or enrollment.\""
component: recognize
page_id: recognize:web-sdk:web-sdk-reference-signing-transactions
canonical_url: https://docs.pingidentity.com/recognize/web-sdk/web-sdk-reference-signing-transactions.html
llms_txt: https://docs.pingidentity.com/recognize/llms.txt
docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md
section_ids:
  headless-integration: Headless integration
  web-component-integration: Web component integration
  verifying-the-transaction: Verifying the transaction
---

# Signing transactions

The PingOne Recognize Web SDK can digitally sign transaction data when PingOne Recognize authentication or enrollment actions succeed.

The signed transaction is a JSON web token (JWT) that the server can verify, which ensures:

* That PingOne Recognize completed the original operation.

* The transaction data is intact.

## Headless integration

To sign transaction data without using a user interface, start with one of the baseline integrations:

* For authentication, use [Headless authentication integration](web-sdk-guide-authentication.html#headless-integration).

* For enrollment, use [Headless enrollment integration](web-sdk-guide-enrollment.html#headless-integration).

Next, include the transaction data payload when using `openKeylessWebSocketConnection` to open a web socket:

```javascript
await openKeylessWebSocketConnection(sym, {
  ...,
  transaction: {
    data: TRANSACTION_DATA
  }
})
```

Finally, add an event listener to the `finished` event of your web socket:

```javascript
addKeylessEventListener(sym, 'finished', (event) => {
  // will log the transaction JWT
  console.log(event.data.transactionJWT)
})
```

## Web component integration

To sign transaction data using web components, start with a baseline integration:

* For authentication, use a [Web component authentication integration](web-sdk-guide-authentication.html#component-integration).

* For enrollment, use a [Web component enrollment integration](web-sdk-guide-enrollment.html#component-integration).

Next, add a `transaction-data` attribute to your web component:

```javascript
<kl-auth-or-enroll
  ...
  transaction-data="TRANSACTION_DATA"
></kl-auth-or-enroll>
```

Finally, add an event listener to the `finished` event of your web component:

```javascript
auth_or_enroll.addEventListener('finished', (event) => {
  // will log the transaction JWT
  console.log(event.detail.transactionJWT)
})
```

## Verifying the transaction

There are two ways to verify the transaction data:

1. Use `GET /v2/verify-jwt/public-key` to retrieve and import the customer public key. Then, use the response `result` to verify the transaction data.

2. Use `POST /v2/verify-jwt` to send the transaction data in the request body and then check the result.

Run these tasks on the backend server to avoid leaking keys or other sensitive data.