You are browsing documentation for an outdated version. See the latest documentation here.

Keyring and Data Encryption Reference

View Keyring

Endpoint

Response

HTTP 200 OK

{
    "active": "RfsDJ2Ol",
    "ids": [
        "RfsDJ2Ol",
        "xSD219lH"
    ]
}

View Active Key

Endpoint

Response

HTTP 200 OK

{
    "id": "RfsDJ2Ol"
}

Export Keyring

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

Response

HTTP 200 OK

{
    "data": "<base64>..."
}

Import Exported Keyring

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

Request Body

Response

HTTP 201 Created

Import Key

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_public_key and keyring_private_key Kong configuration values are defined.

Endpoint

Request Body

Response

HTTP 201 Created

Recover Keyring from Database

This endpoint is only available with the cluster keyring strategy.

The endpoint requires that the keyring_recovery_public_key Kong configuration value is defined.

Endpoint

Request Body

Response

HTTP 200 OK

{
    "message": "successfully recovered 1 keys",
    "recovered": [
        "RfsDJ2Ol"
    ],
    "not_recovered": [
        "xSD219lH"
    ]
}

Generate New Key

This endpoint is only available with the cluster keyring strategy.

Endpoint

Response

HTTP 201 Created

{
    "id": "500pIquV",
    "key": "3I23Ben5m7qKcCA/PK7rnsNeD3kI4IPtA6ki7YjAgKA="
}

Remove Key from Keyring

This endpoint is only available with the cluster keyring strategy.

Endpoint

Request Body

Response

HTTP 204 No Content

Sync Keyring with Vault Endpoint

This endpoint is only available with the vault keyring strategy.

Endpoint

Response

HTTP 204 No Content