Updating a KACLS Endpoint Privileged-Unwrap Configuration
Use the PATCH /v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/privileged-unwrap-configuration
API to update a privileged-unwrap configuration for a KACLS endpoint.
Before using the API, make sure the value of allow_privileged_unwrap
parameter is true
for the endpoint. Refer to Updating a KACLS Endpoint.
Syntax
Request Parameters
Parameter | Type | Description |
---|---|---|
id | string | ID of the endpoint. To find out the ID of an endpoint, refer to Viewing KACLS Endpoints. |
AUTHTOKEN | string | Authorization token. |
kacls_base_url (optional) | array of strings | List of KACLS URLs allowed to send privilegedUnwrap from other KACLS that is new-KACLS endpoints. |
users (optional) | array of strings | List of email addresses for authenticated users to perform privilegedUnwrap. |
Note
You need to configure one of the following:
kacls_base_url: The list of KACLS URLS to enable KACLS key migration.
users: The list of email addresses to decrypt the data in a privileged context (takeout).
Example Request
Example Response
The output shows the updated privileged-unwrap configuration details for the KACLS endpoint.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
Refer to HTTP status codes for details.