Retrieve key metadata (GET /v1/{tenant_id}/secrets/{resource_id})

Retrieves the specified key metadata.

{tenant_id}: Project ID used to retrieve key metadata

{resource_id}: Resource ID of the key metadata to be retrieved

Request headers

X-Auth-Token

Specify the authentication token.

Data type Cardinality
String 1..1

Accept

Specify the format to return the key metadata.

text/plain, application/octet-stream, or application/json.

  • Accept: text/plain

    The payload value will be returned in plain text format.

    However, if the key metadata was registered using "payload_content_type": "application/octet-stream", the error code 406 will be returned and it will not be possible to reference the information.

  • Accept: application/octet-stream

    The payload value will be returned decrypted in base64 format.

  • Accept: application/json

    The metadata of the specified secret will be returned

Data type Cardinality
String 1..1

Request parameters

None

Request body

None

Response headers

Status

The following error codes can be returned for the request.

One of the following values will be returned.

200:
Normal completion
401:
Authentication error (no authentication token, incorrect authentication token, etc.)
400:
Invalid access (invalid parameter, etc.)
403:
Cannot access (no privileges)
404:
No applicable resources
406:
An unsupported Accept was specified
500:
Unexpected error
Data type Cardinality
int 1..1

Response elements

(secret) Element name is not displayed in JSON

Envelope of key metadata

Accept: Only returned if "application/json" was specified in the request

Data type Cardinality Parent element Child element
Element 0..1 secrets name

status

algorithm

mode

bit_length

content_types

expiration

secret_ref

updated

created

name

Key name

Data type Cardinality Parent element Child element
String 1..1 (secret) None

status

Key status

Data type Cardinality Parent element Child element
Enum(ACTIVE,ERROR) 1..1 (secret) None

algorithm

Algorithm used to generate the key

Data type Cardinality Parent element Child element
String 1..1 (secret) None

mode

Mode of algorithm associated with the key

Data type Cardinality Parent element Child element
String 1..1 (secret) None

bit_length

Bit range of the key

Data type Cardinality Parent element Child element
int 1..1 (secret) None

content_types

Accept header value required for browsing the payload

Data type Cardinality Parent element Child element
String 0..1 (secret) None

expiration

Key expiry datetime Value is returned in ISO-8601 format. When the expiry datetime is reached, the key is automatically deleted. If set to null, the key will not expiry (it will not be deleted automatically)

Data type Cardinality Parent element Child element
String 1..1 (secret) None

secret_ref

Key metadata resource URI

Data type Cardinality Parent element Child element
String 1..1 (secret) None

updated

Timestamp (UTC) of last update

Data type Cardinality Parent element Child element
datetime 1..1 (secret) None

created

Timestamp (UTC) of creation

Data type Cardinality Parent element Child element
datetime 1..1 (secret) None

payload

Registered key metadata payload

Accept: text/plain or Accept: Only returned if "application/octet-stream" was specified in the request

Data type Cardinality Parent element Child element
String 0..1 None None

Example of request


GET /v1/a759452216fd41cf8ee5aba321cfbd49/secrets/96e86d87-6602-4b99-ae41-5b737fe1288d
X-Auth-Token: "JpZCI6ICJjM2VlNzA4YTZhZTI0ZGRmOTJjMDc4 . . ."
Accept: "text/plain"
     

Example of response

  • Accept: application/json
    
    Status Code: 200 OK
    Content-Length: 377
    Content-Type: application/json; charset=UTF-8
    
    {
      "status": "ACTIVE",
      "secret_ref": "http://<host>:9311/v1/a759452216fd41cf8ee5aba321cfbd49/secrets/96e86d87-6602-4b99-ae41-5b737fe1288d",
      "updated": "2014-07-15T06:17:08.082912",
      "name": "key1",
      "algorithm": "aes",
      "created": "2014-07-15T06:17:08.070916",
      "content_types": {
        "default": "text/plain"
      },
      "mode": "cbc",
      "bit_length": 256,
    "expiration": "2015-02-28T19:14:44.180394"
    }           
              

  • Accept: text/plain
    
    Status Code: 200 OK
    Content-Length: 1626
    Content-Type: text/plain; charset=UTF-8
    
    -----BEGIN XXXX-----MIIEow . . . Rwg7Jp-----END XXXX-----           
             

  • Accept: application/octet-stream
    
    Status Code: 200 OK
    Content-Length: 1626
    Content-Type: text/plain; charset=UTF-8
    
    If "payload_content_type": "text/plain" was specified during registration:
    -----BEGIN XXXX-----MIIEow . . . Rwg7Jp-----END XXXX-----
    
    If "payload_content_type": "application/octet-stream" and "payload_content_encoding": "base64" were specified during registration:
    ?}??"?ZG=Iu?^axwM)198?}???? (binary data of decrypted payload in PEM format)