Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

DSM Key APIs

Viewing DSM Keys

search

Viewing DSM Keys

Use the get /v1/cckm/dsm/keys API to view the list of DSM keys.

Syntax

curl -k '<IP>/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Request Parameters

Parameter Type Description
AUTHTOKEN string Authorization token.

Request Query Parameters

Parameter Type Description
id string ID of the key.
uuid string UUID of the key.
name string Name of the key.
domain string Name of the DSM domain where the key resides.
domain_id string ID of the DSM domain where the key resides.
keyVersion string Version of the DSM key.
algorithm string Algorithm of the key. The algorithm can be:
• RSA1024 (asymmetric)
• RSA2048 (asymmetric)
• RSA3072 (asymmetric)
• RSA4096 (asymmetric)
• AES256 (symmetric)
• AES128 (symmetric)
• ARIA128 (symmetric)
• ARIA256 (symmetric)
state string State of the DSM key.
extractable boolean Whether the DSM key is extractable - true or false.
object_type string Type of the DSM key - symmetric or asymmetric.
registrationTokenEnabled boolean Whether registration tokens are enabled on the domain - true or false.
skip integer Number of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output.
limit integer Numbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output.
sort string Comma-delimited list of properties to sort the results.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImU5ZDA4Mzc3LWUxNGEtNGY1Mi04MGJlLWU2ODQyNzcyNmViZSIsImlhdCI6MTYxNDc0OTg4OSwiZXhwIjoxNjE0NzUwMTg5fQ.P4njjTNAGdkIw4ZNz7ijS9Dwrow2DE-vG8bn0dKIr04' --compressed

Example Response

{
    "skip": 0,
    "limit": 2,
    "total": 1,
    "resources": [
        {
            "id": "d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
            "uri": "kylo:kylo:cckm:dsm-key:d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
            "account": "kylo:kylo:admin:accounts:kylo",
            "application": "ncryptify:gemalto:admin:apps:kylo",
            "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
            "createdAt": "2021-03-03T05:38:55.793895Z",
            "updatedAt": "2021-03-03T05:38:55.790724Z",
            "dsm_params": {
                "name": "test-key",
                "algorithm": "AES256",
                "encryptionMode": "CBC",
                "keyUsageType": "STORED_ON_SERVER",
                "id": 312745,
                "url": "/v1/domains/2153/keys/symmetric/312745",
                "uuid": "b4946274-1389-31e5-86f9-ec48c0581a39",
                "state": "ACTIVE",
                "creationTime": "2021-03-03T13:07:58.243Z",
                "source": "From DSM",
                "domainId": 2153,
                "keyVersion": 0,
                "keyHash": "7b5e25713d79dc52d7df82c5106e6dd8b6a4270e52a568d141cc93923367d95246398601169016640e565be058d6b5bf",
                "numberOfPolicies": 0,
                "alignUnit": "",
                "alignedCachedTime": 0,
                "publicKey": "",
                "publicKeyFormat": "",
                "alignedKeyVersionLifeSpan": 0
            },
            "domain_id": "89c49e63-b5c9-46be-9371-0d8b0649e289",
            "domain": "test-domain",
            "object_type": "symmetric",
            "attributes": {
                "Cryptographic Usage Mask": "127",
                "EXT_KID": "1796125542",
                "MUID": "b4946274-1389-31e5-86f9-ec48c0581a39c04e690b-777e-303c-b66e-2f0a99229774",
                "UUID": "b4946274-1389-31e5-86f9-ec48c0581a39",
                "x-key-state": "ACTIVE",
                "x-key-state-actions": "PROTECT_AND_PROCESS"
            },
            "extractable": true,
            "versioned": false
        },
    ]
}

The output shows the list of DSM keys available on the CipherTrust Manager.

Response Codes

Response Code Description
2xx Success
4xx Client errors
5xx Server errors

Refer to HTTP status codes for details.