Encryption/clients/register: POST
Registers a key client to a tenant.
Availability
Available on all IBM Storage Scale editions.
Description
The POST /scalemgmt/v2/encryption/clients/register request registers a key client to a tenant. For more information about the fields in the data structures that are returned, see the mmkeyserv command in the IBM Storage Scale documentation .
Request URL
https://<IP address or host name of API server>:port/scalemgmt/v2/encryption/clients/register- Client
- Specifies the resource to be created. Required.
Request headers
Accept: application/jsonRequest data
{
"clientName": "Key client name",
"tenantName": "Tenant name",
"passwordFile": "Password file name",
"rkmID": "string"
}The details of the parameters are given in the following list.
- "clientName": "Key client name"
- Specifies the key client that you want to register. The key client name must be within 1 - 16 characters in length. It must be unique within the IBM Storage Scale cluster. Required.
- "tenantName": "Tenant name"
- Specifies the name of the tenant to which the key client belongs.
- "passwordFile": "Password file"
- Specifies the file that contains a password for accessing the RKM server. If you do not provide a password, you are prompted for it when the request is sent. A password must be 1 - 20 characters in length. For more information, see the mmkeyserv command in the IBM Storage Scale documentation.
- "rkmID":"Server ID"
- Specifies a new remote key manager (RKM) ID. An RKM ID must be unique within the cluster. It must be 1 - 21 characters in length and contain only alphanumeric characters or an underscore (_). It must begin with a letter or an underscore. An RKM ID identifies an RKM stanza in the RKM.conf file. The stanza contains the information that a node needs to retrieve a master encryption key (MEK) from an RKM.
Response data
{
"status": {
"code":ReturnCode",
"message":"ReturnMessage"
},
"jobs": [
{
"result":"",
{
"commands":"Commands issued",
"progress":"Request progress,
"exitCode":"Exit code",
"stderr":"Error",
"stdout":"CLI messages",
},
"request":" ",
{
"type":"{GET | POST | PUT | DELETE}",
"url":"URL",
"data":""",
}
"jobId":"ID",
"submitted": "Date and Time",
"completed": "Date and Time",
"runtime": "Duration",
"status":"Job status",
"pids":"Process IDs
}
],
}The details of the parameters are provided in the following list:
- "jobs":
- An array of elements that describe jobs. Each element describes one job.
- "status":
- Return status.
- "message": "ReturnMessage",
- The return message.
- "code": ReturnCode
- The return code.
- "result"
-
- "commands":"Commands issued"
- An array of commands that are run in this job.
- "progress":"Request progress"
- Specifies the progress information for the request.
- "exitCode":"Exit code"
- Specifies the exit code of command. Zero indicates success and any value other than zero denotes failure.
- "stderr":"Error"
- Specifies the CLI messages from stderr.
- "stdout":"String"
- Specifies the CLI messages from stdout.
- "request"
-
- "type":"{GET | POST | PUT | DELETE}"
- Specifies the HTTP request type.
- "url":"URL"
- Specifies the URL through which the job is submitted.
- "data":
- Specifies the request data.
- "jobId":"ID",
- Specifies the unique ID of the job.
- "submitted":"Date and Time"
- Specifies the date and time at which the job was submitted.
- "completed":Date and Time"
- Specifies the date and time at which the job was completed.
- "runtime":Duration"
- Specifies the duration for which the job ran.
- "status":"RUNNING | COMPLETED | FAILED"
- Specifies the status of the job.
- "pids":"Process ID"
- Specifies the process IDs of all the active sub processes that manage the job.
Examples
The following example shows how to register myclient2 to a tenant.
Request data:
curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4wMDE=' -d '{ \
"clientName": "myclient2"
"tenantName": "devG1",
"passwordFile": "/tmp/password",
"rkmID": "AU8763hgsu09"
}' 'https://198.51.100.1:443/scalemgmt/v2/encryption/clients/register'Response data:
Note: In the JSON data that is returned, the return code indicates whether the
command is successful. The response code 200 indicates that the command successfully retrieved the
information. Error code 400 represents an
invalid request and 500 represents internal server error.
{
"jobs": [
{
"jobId": 1000000000007,
"status": "COMPLETED",
"submitted": "2021-06-20 09:25:00,801",
"completed": "2021-06-20 09:25:12,142",
"runtime": 11341,
"request": {
"data": {
"clientName": "myclient1",
"passwordFile": "/root/passfile1",
"rkmID": "lodestar1_devG1",
"tenantName": "devG1"
},
"type": "POST",
"url": "/scalemgmt/v2/encryption/clients/register"
},
"result": {
"progress": [],
"commands": [
"mmkeyserv client register 'myclient1' --rkm-id 'lodestar1_devG1' --tenant 'devG1' --server-pwd '/root/passfile1' "
],
"stdout": [
"mmkeyserv: [I] Client currently does not have access to the key. Continue the registration process ...",
"mmkeyserv: Successfully accepted client certificate",
"mmkeyserv: Propagating the cluster configuration data to all",
" affected nodes. This is an asynchronous process.",
"info: mmkeyserv: [I] Client currently does not have access to the key. Continue the registration process ...\nmmkeyserv: Successfully accepted client certificate\n"
],
"stderr": [],
"exitCode": 0
},
"pids": []
}
],
"status": {
"code": 200,
"message": "The request finished successfully."
}
}Related information
mmkeyserv command in the IBM Storage Scale documentation.