Retrieve key metadata (GET /v1/{tenant_id}/secrets/{resource_id})
Retrieves the specified key metadata.
{tenant_id}: Project ID used to retrieve key metadata
{resource_id}: Resource ID of the key metadata to be retrieved
Request headers
X-Auth-Token
Specify the authentication token.
| Data type | Cardinality |
|---|---|
| String | 1..1 |
Accept
Specify the format to return the key metadata.
text/plain, application/octet-stream, or application/json.
- Accept: text/plain
The payload value will be returned in plain text format.
However, if the key metadata was registered using "payload_content_type": "application/octet-stream", the error code 406 will be returned and it will not be possible to reference the information.
- Accept: application/octet-stream
The payload value will be returned decrypted in base64 format.
- Accept: application/json
The metadata of the specified secret will be returned
| Data type | Cardinality |
|---|---|
| String | 1..1 |
Request parameters
None
Request body
None
Response headers
Status
The following error codes can be returned for the request.
One of the following values will be returned.
- 200:
- Normal completion
- 401:
- Authentication error (no authentication token, incorrect authentication token, etc.)
- 400:
- Invalid access (invalid parameter, etc.)
- 403:
- Cannot access (no privileges)
- 404:
- No applicable resources
- 406:
- An unsupported Accept was specified
- 500:
- Unexpected error
| Data type | Cardinality |
|---|---|
| int | 1..1 |
Response elements
(secret) Element name is not displayed in JSON
Envelope of key metadata
Accept: Only returned if "application/json" was specified in the request
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| Element | 0..1 | secrets | name status algorithm mode bit_length content_types expiration secret_ref updated created |
name
Key name
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 1..1 | (secret) | None |
status
Key status
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| Enum(ACTIVE,ERROR) | 1..1 | (secret) | None |
algorithm
Algorithm used to generate the key
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 1..1 | (secret) | None |
mode
Mode of algorithm associated with the key
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 1..1 | (secret) | None |
bit_length
Bit range of the key
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| int | 1..1 | (secret) | None |
content_types
Accept header value required for browsing the payload
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 0..1 | (secret) | None |
expiration
Key expiry datetime Value is returned in ISO-8601 format. When the expiry datetime is reached, the key is automatically deleted. If set to null, the key will not expiry (it will not be deleted automatically)
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 1..1 | (secret) | None |
secret_ref
Key metadata resource URI
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 1..1 | (secret) | None |
updated
Timestamp (UTC) of last update
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| datetime | 1..1 | (secret) | None |
created
Timestamp (UTC) of creation
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| datetime | 1..1 | (secret) | None |
payload
Registered key metadata payload
Accept: text/plain or Accept: Only returned if "application/octet-stream" was specified in the request
| Data type | Cardinality | Parent element | Child element |
|---|---|---|---|
| String | 0..1 | None | None |
Example of request
GET /v1/a759452216fd41cf8ee5aba321cfbd49/secrets/96e86d87-6602-4b99-ae41-5b737fe1288d
X-Auth-Token: "JpZCI6ICJjM2VlNzA4YTZhZTI0ZGRmOTJjMDc4 . . ."
Accept: "text/plain"
Example of response
- Accept: application/json
Status Code: 200 OK Content-Length: 377 Content-Type: application/json; charset=UTF-8 { "status": "ACTIVE", "secret_ref": "http://<host>:9311/v1/a759452216fd41cf8ee5aba321cfbd49/secrets/96e86d87-6602-4b99-ae41-5b737fe1288d", "updated": "2014-07-15T06:17:08.082912", "name": "key1", "algorithm": "aes", "created": "2014-07-15T06:17:08.070916", "content_types": { "default": "text/plain" }, "mode": "cbc", "bit_length": 256, "expiration": "2015-02-28T19:14:44.180394" } - Accept: text/plain
Status Code: 200 OK Content-Length: 1626 Content-Type: text/plain; charset=UTF-8 -----BEGIN XXXX-----MIIEow . . . Rwg7Jp-----END XXXX----- - Accept: application/octet-stream
Status Code: 200 OK Content-Length: 1626 Content-Type: text/plain; charset=UTF-8 If "payload_content_type": "text/plain" was specified during registration: -----BEGIN XXXX-----MIIEow . . . Rwg7Jp-----END XXXX----- If "payload_content_type": "application/octet-stream" and "payload_content_encoding": "base64" were specified during registration: ?}??"?ZG=Iu?^axwM)198?}???? (binary data of decrypted payload in PEM format)