Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

SAP Keys APIs

Uploading Keys to SAP

search

Please Note:

Uploading Keys to SAP

Use the post /v1/cckm/sap/upload-key API to upload a key from the source key to a SAP group. Specify the following details:

  • ID of the group where the key needs to be uploaded.

  • Key parameters such as description, type, name, and exportable etc.

  • Source key tier and source key identifier of the key to be uploaded from a key source.

Syntax

curl -k '<IP>/api/v1/cckm/sap/upload-key' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' --data-binary $'{\n  "source_key_identifier": "<source-key-identifier>",\n  "source_key_tier": "<source-key-tier>",\n  "group": "<sap-group-id>",\n  "name": "<key-name>",\n  "description": "<key description>",\n  "type": "<key-type>",\n  "exportable": <true|false>,\n  "operations": [\n    "<operation1>",\n    "<operation2>"\n  ]\n}' --compressed

Request Parameters

Parameter Type Description
AUTHTOKEN string Authorization token.
group string Name or ID of the SAP group where the key is to be created.
name string Name for the key.
operations array of strings List of operations allowed to the key.
source_key_identifier string ID of the source key that will be uploaded to SAP.
source_key_tier string Tier of the source key. The options are:
local for the CipherTrust Manager
dsm for the Data Security Manager
hsm-luna for Luna HSM
The default tier is local.
type string Type of the SAP key. The type can be:
• AES
• RSA
• EC
description string Description of the key.
exportable boolean Whether the key is exportable. Set to true to make the key exportable, set to false for a non-exportable key.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/sap/upload-key' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjdiYzNkOWM4LWRiYTQtNDVmMy05YWNiLWI3NGM2MzQyYzYyMCIsImlhdCI6MTYxNDc1MTg1MSwiZXhwIjoxNjE0NzUyMTUxfQ.ahdxfM7-WA4u7sotHy6qelc9MkoZytst7oZWsvE7Cr0' -H 'Content-Type: application/json' --data-binary $'{\n  "source_key_identifier": "eb97abc94d3d4d9cb6325b0372dc6c7a4f6b7c81ed9b4f39b78264333b6fc18f",\n  "source_key_tier": "local",\n  "group": "489ac34d-3e9c-4be3-8c1c-2c383bf31461",\n  "name": "AB-CM-KeyUpload",\n  "description": "This is upload key from CM",\n  "type": "AES",\n  "exportable": true,\n  "operations": [\n    "ENCRYPT",\n    "DECRYPT"\n  ]\n}' --compressed

Example Response

{
    "id": "2d8d78bf-0bdd-4a6e-9d29-3f1fe64430c2",
    "uri": "kylo:kylo:cckm:sap-key:2d8d78bf-0bdd-4a6e-9d29-3f1fe64430c2",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2021-10-19T09:14:31.363689058Z",
    "updatedAt": "2021-10-19T09:14:31.360768399Z",
    "cloud_name": "sap",
    "tenant": "thales-preprod",
    "sap_param": {
        "description": "This is upoad key",
        "enabled": true,
        "exportable": true,
        "groupId": "3d62e129-acbf-4b3e-b1ad-e3b9779be668",
        "sap_key_id": "c571aff1-bbc4-4bd3-bbc2-e74bccae0752",
        "keystoreContext": {
            "customerHeld": false
        },
        "meta": {
            "created": "2021-10-19T09:14:49.623326",
            "creatorId": "171cdee5-947e-4bcd-ae0b-562256624904",
            "creatorName": "creator.name@xyz.com",
            "imported": true,
            "primaryVersion": 0,
            "totalVersions": 1
        },
        "name": "AB-CM-KeyUpload",
        "operations": [
            "DECRYPT",
            "ENCRYPT"
        ],
        "role": "UNSPECIFIED",
        "size": 3072,
        "type": "RSA"
    },
    "source_key_identifier": "001e4f76-9066-465d-a585-b43363f6ec60",
    "source_key_type": "rsa",
    "source_key_tier": "local",
    "cckm_group_id": "ba7e428c-e3d9-491e-a40d-3574e5fea4e3",
    "backup_blob": "",
    "gone": false,
    "origin": "native",
    "auto_rotate": false,
    "sap_application": "GENERAL",
    "sap_group_name": "CCKM-Test",
    "status": "AVAILABLE"
}

Response Codes

Response Code Description
2xx Success
4xx Client errors
5xx Server errors

Refer to HTTP status codes for details.