Use the Register Opaque Object REST Service to register an opaque
object with a client.
- Operation
POST- URL
- https://host:port/SKLM/rest/v1/objects/opaque
By default, Guardium Key Lifecycle Manager server
listens to the secure port 9443 (HTTPS) for communication.
During IBM Security Guardium Key Lifecycle Manager installation, you can modify this
default port.
Request Parameters
| Parameter |
Description |
| host |
Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server. |
| port |
Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
| Header name |
Value |
| Content-Type |
application/json |
| Accept |
application/json |
| Authorization |
SKLMAuth userAuthId=<authIdValue> |
| Accept-Language |
Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or
de. |
Request body
JSON object with the following specification:
| Property name |
Description |
| clientName |
Required. Specify the name of the client. |
| prefixName |
Optional. Specify a prefix consisting of three alphabetic characters that is
used to create the alias. |
| keyBlock |
Required. Specify the key material value of the opaque object in Hex string
format. For example, 3082010a0282010100ab7f161c0042496ccd6c6d4dadb919. |
Response Headers
| Header name |
Value and description |
| Status Code |
- 201 Created
- The request was successful. The response body contains the requested representation.
- 400 Bad Request
- The authentication information was not provided in the correct format.
- 401 Unauthorized
- The authentication credentials were missing or incorrect.
- 404 Not Found Error
- The processing of the request fails.
- 500 Internal Server Error
- The processing of the request fails because of an unexpected condition on the server.
|
| Content-Type |
application/json |
| Content-Language |
Locale for the response message. |
Success response body
JSON object with the following specification:
| JSON property name |
Description |
| id |
Returns the unique identifier (UUID) of the newly created object. If multiple objects are
created, an array of the UUIDs is returned. |
| messageId |
Returns the message identifier. |
Error response body
JSON object with the following specification.
| JSON property name |
Description |
| messageId |
Returns the message identifier. |
| error |
Returns a message that describes the error. |
Example
- Register an opaque object
-
POST https://localhost:port/SKLM/rest/v1/objects/opaque
{
"clientName":"client_rest",
"prefixName":"ddr",
"keyBlock":
{"keyMaterial":
"2D4B6150645367566B59703373367639792442264529482B4D6251655468576D5A7134743777217A25432A462D4A614E635266556A586E3272357538782F413F4428472B4B6250655367566B5970337336763979244226452948404D635166546A576D5A7134743777217A25432A462D4A614E645267556B58703272357538782F413F4428472B4B6250655368566D5971337436763979244226452948404D635166546A576E5A7234753778217A25432A462D4A614E645267556B58703273357638792F423F4428472B4B6250655368566D597133743677397A244326462948404D635166546A576E5A7234753778214125442A472D4B614E645267556B5870"
}
}
- Success response
-
{
"id": "K_OPQ_OBJ-d374678-55891853-57d3-461b-b563-1b7c04546aa4",
"messageId": "CTGKM6026I"
}
- Service request with invalid client name
-
POST https://localhost:port/SKLM/rest/v1/objects/opaque
{
"clientName":"client_new",
"prefixName":"abc",
"keyBlock":
{"keyMaterial":
"2D4B6150645367566B59703373367639792442264529482B4D6251655468576D5A7134743777217A25432A462D4A614E635266556A586E3272357538782F413F4428472B4B6250655367566B5970337336763979244226452948404D635166546A576D5A7134743777217A25432A462D4A614E645267556B58703272357538782F413F4428472B4B6250655368566D5971337436763979244226452948404D635166546A576E5A7234753778217A25432A462D4A614E645267556B58703273357638792F423F4428472B4B6250655368566D597133743677397A244326462948404D635166546A576E5A7234753778214125442A472D4B614E645267556B5870"
}
}
- Error response
-
{
"messageId": "CTGKM3408E",
"error": "CTGKM3408E Unable to obtain client details. Client with client_new name not found."
}
Table 1. Topic
change log
| Date |
Change description |
| 16 Nov 2021 |
Corrected the example. |
| 08 Nov 2021 |
Added the prefixName parameter. |
| 10 Sept 2021 |
Initial version. |