Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

SAP Keys APIs

Uploading Keys to SAP

search

Please Note:

Uploading Keys to SAP

Use the post /v1/cckm/sap/upload-key API to upload a key from the source key to a SAP group. Specify the following details:

  • ID of the group where the key needs to be uploaded.

  • Key parameters such as description, type, name, and exportable etc.

  • Source key tier and source key identifier of the key to be uploaded from a key source.

Syntax

curl -k '<IP>/api/v1/cckm/sap/upload-key' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' --data-binary $'{\n  "source_key_identifier": "<source-key-identifier>",\n  "source_key_tier": "<source-key-tier>",\n  "group": "<sap-group-id>",\n  "name": "<key-name>",\n  "description": "<key description>",\n  "type": "<key-type>",\n  "exportable": <true|false>,\n  "operations": [\n    "<operation1>",\n    "<operation2>"\n  ]\n}' --compressed

Request Parameters

ParameterTypeDescription
AUTHTOKENstringAuthorization token.
groupstringName or ID of the SAP group where the key is to be created.
namestringName for the key.
operationsarray of stringsList of operations allowed to the key.
source_key_identifierstringID of the source key that will be uploaded to SAP.
source_key_tierstringTier of the source key. The options are:
local for the CipherTrust Manager
dsm for the Data Security Manager
hsm-luna for Luna HSM
The default tier is local.
typestringType of the SAP key. The type can be:
• AES
• RSA
• EC
descriptionstringDescription of the key.
exportablebooleanWhether the key is exportable. Set to true to make the key exportable, set to false for a non-exportable key.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/sap/upload-key' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjdiYzNkOWM4LWRiYTQtNDVmMy05YWNiLWI3NGM2MzQyYzYyMCIsImlhdCI6MTYxNDc1MTg1MSwiZXhwIjoxNjE0NzUyMTUxfQ.ahdxfM7-WA4u7sotHy6qelc9MkoZytst7oZWsvE7Cr0' -H 'Content-Type: application/json' --data-binary $'{\n  "source_key_identifier": "eb97abc94d3d4d9cb6325b0372dc6c7a4f6b7c81ed9b4f39b78264333b6fc18f",\n  "source_key_tier": "local",\n  "group": "489ac34d-3e9c-4be3-8c1c-2c383bf31461",\n  "name": "AB-CM-KeyUpload",\n  "description": "This is upload key from CM",\n  "type": "AES",\n  "exportable": true,\n  "operations": [\n    "ENCRYPT",\n    "DECRYPT"\n  ]\n}' --compressed

Example Response

{
    "id": "2d8d78bf-0bdd-4a6e-9d29-3f1fe64430c2",
    "uri": "kylo:kylo:cckm:sap-key:2d8d78bf-0bdd-4a6e-9d29-3f1fe64430c2",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2021-10-19T09:14:31.363689058Z",
    "updatedAt": "2021-10-19T09:14:31.360768399Z",
    "cloud_name": "sap",
    "tenant": "thales-preprod",
    "sap_param": {
        "description": "This is upoad key",
        "enabled": true,
        "exportable": true,
        "groupId": "3d62e129-acbf-4b3e-b1ad-e3b9779be668",
        "sap_key_id": "c571aff1-bbc4-4bd3-bbc2-e74bccae0752",
        "keystoreContext": {
            "customerHeld": false
        },
        "meta": {
            "created": "2021-10-19T09:14:49.623326",
            "creatorId": "171cdee5-947e-4bcd-ae0b-562256624904",
            "creatorName": "creator.name@xyz.com",
            "imported": true,
            "primaryVersion": 0,
            "totalVersions": 1
        },
        "name": "SAPKeyUploadFromHSMLuna",
        "operations": [
            "DECRYPT",
            "ENCRYPT"
        ],
        "role": "UNSPECIFIED",
        "size": 3072,
        "type": "RSA"
    },
    "source_key_identifier": "001e4f76-9066-465d-a585-b43363f6ec60",
    "source_key_type": "rsa",
    "source_key_tier": "hsm-luna",
    "cckm_group_id": "ba7e428c-e3d9-491e-a40d-3574e5fea4e3",
    "backup_blob": "",
    "gone": false,
    "origin": "hsm-luna",
    "auto_rotate": false,
    "sap_application": "GENERAL",
    "sap_group_name": "CCKM-Test",
    "status": "AVAILABLE"
}

Response Codes

Response CodeDescription
2xxSuccess
4xxClient errors
5xxServer errors

Refer to HTTP status codes for details.