# Signing Transactions

Web SDK supports sending a payload, called transaction data, that will be signed by the server when either authentication or enrollment succeed.

The signed transaction is a JWT and can be verified server-side to ensure that the operation was really completed on our servers, and that the signed transaction data matches with what is expected.

### Headless Integration

Please base the integration code from the following guides:

* [Enrollment Headless Integration](https://docs.keyless.io/web-sdk/web-sdk-guide/enrollment#headless-integration)
* [Authentication Headless Integration](https://docs.keyless.io/web-sdk/web-sdk-guide/authentication#headless-integration)

The transaction data can be set in the `openKeylessWebSocketConnection` options:

```javascript
await openKeylessWebSocketConnection(sym, {
  ...,
  transaction: {
    data: TRANSACTION_DATA
  }
})
```

The transaction JWT can be retrieved inside the `finished` event:

```javascript
addKeylessEventListener(sym, 'finished', (event) => {
  // will log the transaction JWT
  console.log(event.data.transactionJwt)
})
```

### Web Component Integration

Please base the integration code from the following guides:

* [Enrollment Web Component Integration](https://docs.keyless.io/web-sdk/web-sdk-guide/enrollment#web-component-integration)
* [Authentication Web Component Integration](https://docs.keyless.io/web-sdk/web-sdk-guide/authentication#web-component-integration)

The transaction data can be set through the `transaction-data` attribute:

```html
<kl-auth-or-enroll
  ...
  transaction-data="TRANSACTION_DATA"
></kl-auth-or-enroll>
```

The transaction JWT can be retrieved inside the finished event:

```javascript
auth_or_enroll.addEventListener('finished', (event) => {
  // will log the transaction JWT
  console.log(event.detail.transactionJWT)
})
```

### Verifying the Transaction JWT

There are two options to verify the transaction JWT:

* Retrieve the customer public key using this API:\
  <https://docs.keyless.io/consumer/server-api/operations#verify-jwt>\
  \
  Then import the public key and finally verify the JWT.
* Verify the JWT with this API:\
  <https://docs.keyless.io/consumer/server-api/operations#verify-jwt>

Please note - both operations should be executed backend-to-backend for security purposes, ensuring no keys are leaked.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keyless.io/web-sdk/web-sdk-reference/signing-transactions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.