Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

OCI Keys APIs

Adding OCI Key Version

search

Please Note:

Adding OCI Key Version

Use the post /v1/cckm/oci/keys/{id}/versions API to add a new version to the OCI key. Specify whether the version will be created natively on OCI or uploaded from an external key source.

Note

While uploading RSA key versions, if the Protection Mode is HSM, OCI shows the key version Source as Internal instead of External. This is an OCI issue, and not related to CCKM.

Syntax

curl -k '<IP>/api/v1/cckm/oci/keys/{id}/versions' -X POST -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n \n  "is_native": true\n}' --compressed

Here, {id} is the resource ID of the OCI key.

Request Parameters

ParameterTypeDescription
AUTHTOKENstringAuthentication token.
is_nativebooleanWhether the key version will be created natively or uploaded from a key source. Set to true for a native key, false for a key source.
source_key_identifierstringID of the key that will be uploaded from a key source to OCI.
source_key_tierstringKey source from where the key will be uploaded. The options are:
local for the CipherTrust Manager
dsm for the Data Security Manager
hsm-luna for Luna HSM (FM-enabled Luna HSM is not supported as a key source)
The default tier is local.

Note

When is_native is set to true, then source_key_identifier and source_key_tier are not required.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/oci/keys/69f02b1d-c7c7-45fb-84e3-7d2f86a3f60b/versions' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIxYzU1ZWY0Yi01MThjLTQ5ZmMtODRmMy1mYjk4MGY4YTQ3ODQiLCJzdWIiOiJsb2NhbHwyZjBmZWViNC02MjkwLTQ4ZWQtYmU1Yy0wYmU4NTVkMzE4NzMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiODU3ZDEyYjItNjljZi00OWY1LThkYjktMjI0NWMwODNiODg5Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjBjYTM2YTI5LWUyYzktNDkyZi05YjE3LTIwODM2MDIyNWVjOSIsImlhdCI6MTY0Mzg2Mzg4MywiZXhwIjoxNjQzODY0MTgzfQ.lcwHs7FhSH3oe32vWdyShTvsTGLrmO5WIFvMdu_l-wo' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n \n  "is_native": true\n}' --compressed

Example Response

{
    "id": "ec7acd24-bbe7-40c1-9c66-efb4467559c9",
    "uri": "kylo:kylo:cckm:oci-key-version:ec7acd24-bbe7-40c1-9c66-efb4467559c9",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2022-02-03T04:51:54.435551104Z",
    "updatedAt": "2022-02-03T04:51:54.434169972Z",
    "key_material_origin": "native",
    "gone": false,
    "oci_key_version_params": {
        "compartment_id": "ocid1.tenancy.oc1..aaaaaaaadixb52q2mvlsn634ql5aaal6hb2vg7audpd4d4mcf5zluymff6sq",
        "version_id": "ocid1.keyversion.oc1.iad.b5q6uxdhaahdg.avaimh5v62iaa.abuwcljstdcbcw2rpy56v5m55t5ygq4xucitd6wdqrmk4dazymr2zya7zabq",
        "key_id": "ocid1.key.oc1.iad.b5q6uxdhaahdg.abuwcljrbluqjkyywbhoho652oxrngjibgq5yhtxbeonszmmj7g4zgj4efma",
        "time_created": "2022-02-03T04:51:54.139Z",
        "vault_id": "ocid1.vault.oc1.iad.b5q6uxdhaahdg.abuwcljs6qwagycytfmnryece3u55fswvaioqfeozixgt5if5f354umdamdq",
        "lifecycle_state": "CREATING",
        "origin": "INTERNAL",
        "is_primary": true
    }
}

Response Codes

Response CodeDescription
2xxSuccess
4xxClient errors
5xxServer errors

Refer to HTTP status codes for details.

On this page