Skip to content
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Kong Konnect
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Docs contribution guidelines
  • 3.3.x (latest)
  • 3.2.x
  • 3.1.x
  • 3.0.x
  • 2.8.x
  • 2.7.x
  • 2.6.x
  • Older Enterprise versions (2.1-2.5)
  • Older OSS versions (2.1-2.5)
  • Archive (pre-2.1)

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

On this pageOn this page
  • View Keyring
  • View Active Key
  • Export Keyring
  • Import Exported Keyring
  • Import Key
  • Recover Keyring from Database
  • Generate New Key
  • Remove Key from Keyring
  • Sync Keyring with Vault Endpoint
Kong Gateway
3.2.x
  • Home
  • Kong Gateway
  • Admin API
  • Keyring and Data Encryption Reference
You are browsing documentation for an outdated version. See the latest documentation here.

Keyring and Data Encryption Reference

View Keyring

Endpoint

/keyring

Response

HTTP 200 OK
{
    "active": "RfsDJ2Ol",
    "ids": [
        "RfsDJ2Ol",
        "xSD219lH"
    ]
}

View Active Key

Endpoint

/keyring/active

Response

HTTP 200 OK
{
    "id": "RfsDJ2Ol"
}

Export Keyring

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

/keyring/export

Response

HTTP 200 OK
{
    "data": "<base64>..."
}

Import Exported Keyring

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

/keyring/import

Request Body

Attribute Description
data Base64-encoded keyring export material.

Response

HTTP 201 Created

Import Key

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

/keyring/import/raw

Request Body

Attribute Description
id 8-byte key identifier.
data Base64-encoded keyring export material.

Response

HTTP 201 Created

Recover Keyring from Database

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_recovery_public_key Kong configuration value is defined.

Endpoint

/keyring/recover

Request Body

Attribute Description
recovery_private_key The content of the private key.

Response

HTTP 200 OK
{
    "message": "successfully recovered 1 keys",
    "recovered": [
        "RfsDJ2Ol"
    ],
    "not_recovered": [
        "xSD219lH"
    ]
}

Generate New Key

This endpoint is only available with the cluster keyring strategy.

Endpoint

/keyring/generate

Response

HTTP 201 Created
{
    "id": "500pIquV",
    "key": "3I23Ben5m7qKcCA/PK7rnsNeD3kI4IPtA6ki7YjAgKA="
}

Remove Key from Keyring

This endpoint is only available with the cluster keyring strategy.

Endpoint

/keyring/remove

Request Body

Attribute Description
key 8-byte key identifier.

Response

HTTP 204 No Content

Sync Keyring with Vault Endpoint

This endpoint is only available with the vault keyring strategy.

Endpoint

/keyring/vault/sync

Response

HTTP 204 No Content
Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2023