Create Key REST Service

Use the Create Key REST Service to create one or more symmetric keys to encrypt or decrypt data.

Operation
POST
URL
https://host:port/SKLM/rest/v1/keys

By default, Guardium® Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM® Security Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request Parameters
Parameter Description
host Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server.
port Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.
Request Headers
Header name Value
Content-Type application/json
Accept application/json
Authorization SKLMAuth userAuthId=<authIdValue>
Accept-Language Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de.
Request body

JSON object with the following specification:

JSON property name Description
numOfKeys Specify the number of keys to create. If you specify a value for the alias parameter, also specify a value for this parameter. Default value is 1.
alias Specify the key alias if aliasRange is not specified. You must also specify the value for numOfKeys. Specify the value for aliasRange if alias is not specified.
aliasRange Specify the aliasRange if alias is not specified.
keyGroupUuid Specify the UUID of the key group.
usage Required. Specify the device group. You can include the following values:
LTO
Specifies the LTO device group. The key is used in secure communication with LTO tape drives.
3592
DS5000
BRCD_ENCRYPTOR
Specifies the BRCD_ENCRYPTOR device group that is in the LTO device family.
ONESECURE
ETERNUS_DX
XIV
GPFS
PEER_TO_PEER
DS8000_TCT
GENERIC

Response

Response Headers
Header name Value and description
Status Code
200 OK
The request was successful. The response body contains the requested representation.
400 Bad Request
The authentication information was not provided in the correct format.
401 Unauthorized
The authentication credentials were missing or incorrect.
404 Not Found Error
The processing of the request fails.
500 Internal Server Error
The processing of the request fails because of an unexpected condition on the server.
Content-Type application/json
Content-Language Locale for the response message.
Success response body

JSON object with the following specification:

JSON property name Description
code Returns the code that is specified by the status property.
status Returns the status to indicate whether the key group is marked for rollover.
Error Response Body

JSON object with the following specification.

JSON property name Description
code Returns the application error code.
message Returns a message that describes the error.

Examples

Service request to create a key
POST https://9.202.179.42:9443/SKLM/rest/v1/keys 
{
  "numOfKeys": "10",
  "alias": "abc",
  "usage": "LTO"
}'
Success response
Status Code: 200 OK
{
  "CreatedKeys": [
    {
      "KeyAlias": "abc00987e6df000000000"
    },
    {
      "KeyAlias": "abc00987e6df000000001"
    },
    {
      "KeyAlias": "abc00987e6df000000002"
    },
    {
      "KeyAlias": "abc00987e6df000000003"
    },
    {
      "KeyAlias": "abc00987e6df000000004"
    },
    {
      "KeyAlias": "abc00987e6df000000005"
    },
    {
      "KeyAlias": "abc00987e6df000000006"
    },
    {
      "KeyAlias": "abc00987e6df000000007"
    },
    {
      "KeyAlias": "abc00987e6df000000008"
    },
    {
      "KeyAlias": "abc00987e6df000000009"
    }
  ],
  "ExistingKeys": [],
  "FailedToCreateKeys": []
}