You are browsing documentation for an older version. See the latest documentation here.
Keyring and Data Encryption Reference
View Keyring
Endpoint
Response
HTTP 200 OK
{
"active": "RfsDJ2Ol",
"ids": [
"RfsDJ2Ol",
"xSD219lH"
]
}
View Active Key
Endpoint
Response
HTTP 200 OK
{
"id": "RfsDJ2Ol"
}
Export Keyring
This endpoint is only available with the cluster
keyring strategy.
The endpoint requires that the keyring_public_key
and keyring_private_key
Kong configuration values are defined.
Endpoint
Response
HTTP 200 OK
{
"data": "<base64>..."
}
Import Exported Keyring
This endpoint is only available with the cluster
keyring strategy.
The endpoint requires that the keyring_public_key
and keyring_private_key
Kong configuration values are defined.
Endpoint
Request Body
Attribute | Description |
---|---|
data |
Base64-encoded keyring export material. |
Response
HTTP 201 Created
Import Key
This endpoint is only available with the cluster
keyring strategy.
The endpoint requires that the keyring_public_key
and keyring_private_key
Kong configuration values are defined.
Endpoint
Request Body
Attribute | Description |
---|---|
id |
8-byte key identifier. |
data |
Base64-encoded keyring export material. |
Response
HTTP 201 Created
Recover Keyring from Database
This endpoint is only available with the cluster
keyring strategy.
The endpoint requires that the keyring_recovery_public_key
Kong configuration value is defined.
Endpoint
Request Body
Attribute | Description |
---|---|
recovery_private_key |
The content of the private key. |
Response
HTTP 200 OK
{
"message": "successfully recovered 1 keys",
"recovered": [
"RfsDJ2Ol"
],
"not_recovered": [
"xSD219lH"
]
}
Generate New Key
This endpoint is only available with the cluster
keyring strategy.
Endpoint
Response
HTTP 201 Created
{
"id": "500pIquV",
"key": "3I23Ben5m7qKcCA/PK7rnsNeD3kI4IPtA6ki7YjAgKA="
}
Remove Key from Keyring
This endpoint is only available with the cluster
keyring strategy.
Endpoint
Request Body
Attribute | Description |
---|---|
key |
8-byte key identifier. |
Response
HTTP 204 No Content
Sync Keyring with Vault Endpoint
This endpoint is only available with the vault
keyring strategy.
Endpoint
Response
HTTP 204 No Content