> ## Documentation Index
> Fetch the complete documentation index at: https://www.cashfree.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# 2FA API Signature Generation

> Generate the 2FA signature for Cashfree Secure ID APIs by combining your clientId with a UNIX timestamp and encrypting it with the provided public key.

Follow the steps below to generate your signature:

1. Retrieve your clientId (one which you are passing through the header X-Client-Id)
2. Append this with CURRENT UNIX timestamp separated by a period (.)
3. Encrypt this data using RSA encrypt with Public key you received – this is the signature.
4. Pass this signature through the header X-Cf-Signature.

In the case of using our library, go through the libraries section. During the initialization process, you need to pass the key as a parameter.

<CodeGroup>
  ```php PHP theme={"dark"}
  <?php
  public static function getSignature() {
      $clientId = "<your clientId here>";
      $publicKey =
  openssl_pkey_get_public(file_get_contents("/path/to/certificate/public
  _key.pem"));
      $encodedData = $clientId.".".strtotime("now");
      return static::encrypt_RSA($encodedData, $publicKey);
    }
  private static function encrypt_RSA($plainData, $publicKey) { if (openssl_public_encrypt($plainData, $encrypted, $publicKey,
  OPENSSL_PKCS1_OAEP_PADDING))
        $encryptedData = base64_encode($encrypted);
      else return NULL;
      return $encryptedData;
    }
  ?>
  ```

  ```java Java theme={"dark"}
  private static String generateEncryptedSignature(String clientIdWithEpochTimestamp) {
      // String clientIdWithEpochTimeStamp = clientId+"."+Instant.now().getEpochSecond();
      String encrytedSignature = "";
      try {
          byte[] keyBytes = Files
              .readAllBytes(new File("/Users/sameera/Downloads/payout_test_public_key.pem").toPath()); // Absolute Path to be replaced
          String publicKeyContent = new String(keyBytes);
          System.out.println(publicKeyContent);
          publicKeyContent = publicKeyContent.replaceAll("[\\t\\n\\r]", "")
              .replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "");
          KeyFactory kf = KeyFactory.getInstance("RSA");
          System.out.println(publicKeyContent);
          X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec(
              Base64.getDecoder().decode(publicKeyContent));
          RSAPublicKey pubKey = (RSAPublicKey) kf.generatePublic(keySpecX509);
          final Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
          cipher.init(Cipher.ENCRYPT_MODE, pubKey);
          encrytedSignature = Base64.getEncoder().encodeToString(cipher.doFinal(clientIdWithEpochTimestamp.getBytes()));
          System.out.println(encrytedSignature);
      } catch (Exception e) {
          e.printStackTrace();
      }
      return encrytedSignature;
  }
  ```
</CodeGroup>