# Authentication To obtain write privileges to interact with the NxtFi blockchain, each user/entity must generate a key pair using the RSA-PSS specification. After the key-pair generation process is successful, according to the Proof-of-Authority mechanism, every PubKey needs to be approved by a higher hierarchy authenticated key-pair before it can interact with NxtFi in any way. Higher hierarchy key-pairs can only grant or revoke permissions, and are like parent elements. However, they will never be able to sign on behalf of other key-pairs. {% hint style="info" %} **IMPORTANT**: To write new blocks on TestNet blockchain either through playground or directly with the API, an administrator must first register your public key and release the necessary permissions. {% endhint %} ## Key-pair generation The generation of a public-private key pair is done as follows in Javascript: {% tabs %} {% tab title="Javascript" %} ```javascript window.crypto.subtle.generateKey( { name: "RSA-PSS", modulusLength: 2048, //can be 1024, 2048, or 4096 publicExponent: new Uint8Array([0x01, 0x00, 0x01]), hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512" }, false, //whether the key is extractable (i.e. can be used in exportKey) ["sign", "verify"] //can be any combination of "sign" and "verify" ) .then(function(key){ //returns a keypair object console.log(key); console.log(key.publicKey); console.log(key.privateKey); }) .catch(function(err){ console.error(err); }); ``` {% endtab %} {% endtabs %} ## Request permission for your key Currently, authorization for new keys is done manually. Please contact the[ NxtFi administrator](https://nxtfi.org/nxtfi-hub/) to request the necessary permissions to write new blocks. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.nxtfi.org/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.