Rotating Endpoint Keys (rotate-key)
Use the POST /v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/rotate-key
API to rotate encryption key of an endpoint.
Syntax
curl -k '<IP>/api/v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/rotate-key' -X POST -H 'Authorization: Bearer AUTHTOKEN' --compressed
Request Parameters
Parameter | Type | Description |
---|---|---|
id | string | ID of the endpoint. To find out the ID of an endpoint, refer to Viewing KACLS Endpoints. |
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/GoogleWorkspaceCSE/endpoints/c1583936-7d03-4e2d-a0ae-3a1ae2d2e200/rotate-key' -X POST -H 'Authorization: Bearer AUTHTOKEN' --compressed
Example Response
{
"issuer": [
"39a9e91b-7a95-4fbf-bf79-30930eeb1d2c",
"39a9e91b-7a95-4fbf-bf79-30930eeb1d2d"
],
"id": "c1583936-7d03-4e2d-a0ae-3a1ae2d2e200",
"uri": "kylo:kylo:cckm:kacls-endpoint:endpoint-dome",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-02-22T09:02:04.732625Z",
"name": "endpoint_demo",
"updatedAt": "2021-02-22T10:32:12.317401061Z",
"cors": null,
"authorizationAud": null,
"authenticationAud": [
"1eOtgM5VhW6KTYpy3T4PkiwkLSS5Yqcu"
],
"endpoint_url_hostname": "demo.thalesgwsintegration.net",
"endpoint_url": "https://demo.thalesgwsintegration.net/api/v1/cckm/GoogleWorkspaceCSE/endpoints/c1583936-7d03-4e2d-a0ae-3a1ae2d2e200 ",
"kekName": "ks-f900b7ef1e2c4c0991098a5c25efb6faa10360a014c740d08d960cb8073976d1",
"kekID": "f7753eccecba4d6d849f2ed9bf9795ec431dfcb69ac14c5cab67ea004f97cf1e",
"meta": null
}
The endpoint encryption key is now rotated. The "kekID"
of the new key is "f7753eccecba4d6d849f2ed9bf9795ec431dfcb69ac14c5cab67ea004f97cf1e".
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
Refer to HTTP status codes for details.