This guide provides a brief description of Certificate Manager service and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	SUPPORTED	20260531
1.1	CURRENT	-

OpenAPI URL

https://certificatemanager.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

1.1 - APIs

1.1.1 - Check duplicate name

1.1.1.1 - 1.1

post /v1/certificatemanager/check-duplication

Description

Check duplication name

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateDuplicateRequest

Responses

HTTP Code	Description	Schema
200	OK	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/check-duplication

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Request body

{
    "name": ""
}

Example HTTP response

Response 200

{
    "result": true
}

1.1.1.2 - 1.0

post /v1/certificatemanager/check-duplication

Description

Check duplication name

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateDuplicateRequest

Responses

HTTP Code	Description	Schema
200	OK	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/check-duplication

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Request body

{
    "name": ""
}

Example HTTP response

Response 200

{
    "result": true
}

1.1.2 - Create a certificate

1.1.2.1 - 1.1

post /v1/certificatemanager

Description

Create a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	CertificateCreateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Request body

{
    "cert_body": "<encoded certificate body data>",
    "cert_chain": "<encoded certificate chain data>",
    "name": "test-certificate",
    "private_key": "<encoded private key data>",
    "recipients": [
        {
            "region": "",
            "user_id": "sdaFDQSDADZ2488e195c0e97d9b9eb",
            "user_name": "kildong.hong"
        }
    ],
    "region": "west1",
    "tags": [],
    "timezone": "Asia/Seoul"
}

Example HTTP response

Response 201

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "PRD",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "recipients": [
            {
                "region": "",
                "user_id": "sdaFDQSDADZ2488e195c0e97d9b9eb",
                "user_name": "kildong.hong"
            }
        ],
        "state": "VALID",
        "tags": [],
        "user_name": "kildong@samsung.com"
    }
}

1.1.2.2 - 1.0

post /v1/certificatemanager

Description

Create a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	CertificateCreateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Request body

{
    "cert_body": "<encoded certificate body data>",
    "cert_chain": "<encoded certificate chain data>",
    "name": "test-certificate",
    "private_key": "<encoded private key data>",
    "recipients": [
        {
            "region": "",
            "user_id": "sdaFDQSDADZ2488e195c0e97d9b9eb",
            "user_name": "kildong.hong"
        }
    ],
    "region": "west1",
    "tags": [],
    "timezone": "Asia/Seoul"
}

Example HTTP response

Response 201

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "PRD",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "recipients": [
            {
                "region": "",
                "user_id": "sdaFDQSDADZ2488e195c0e97d9b9eb",
                "user_name": "kildong.hong"
            }
        ],
        "state": "VALID",
        "tags": [],
        "user_name": "kildong@samsung.com"
    }
}

1.1.3 - Delete a certificate

1.1.3.1 - 1.1

delete /v1/certificatemanager/{certificate_id}

Description

Delete a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	certificate_id required	Certificate ID Example :	string	None

Responses

HTTP Code	Description	Schema
200	OK	None
204	No Content	None
403	Forbidden	None

Example HTTP request

Request path

/v1/certificatemanager/{certificate_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Example HTTP response

Response 200

1.1.3.2 - 1.0

delete /v1/certificatemanager/{certificate_id}

Description

Delete a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
path	certificate_id required	Certificate ID Example :	string	None

Responses

HTTP Code	Description	Schema
200	OK	None
204	No Content	None
403	Forbidden	None

Example HTTP request

Request path

/v1/certificatemanager/{certificate_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Example HTTP response

Response 200

1.1.4 - Detail a certificate

1.1.4.1 - 1.1

get /v1/certificatemanager/{certificate_id}

Description

Detail a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	certificate_id required	Certificate ID Example :	string	None

Responses

HTTP Code	Description	Schema
200	OK	CertificateDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/{certificate_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Example HTTP response

Response 200

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "DEV",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "state": "VALID",
        "user_name": "2048"
    }
}

1.1.4.2 - 1.0

get /v1/certificatemanager/{certificate_id}

Description

Detail a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
path	certificate_id required	Certificate ID Example :	string	None

Responses

HTTP Code	Description	Schema
200	OK	CertificateDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/{certificate_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Example HTTP response

Response 200

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "DEV",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "state": "VALID",
        "user_name": "2048"
    }
}

1.1.5 - List certificates

1.1.5.1 - 1.1

get /v1/certificatemanager

Description

List Certificates

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	isMine optional	Is it my certificate Example : `False`	any of [boolean, null]	False
query	name optional	Certificate Name Example : `test-certificate`	any of [string, null]	None
query	cn optional	Certificate Common Name Example : `test.go.kr`	any of [string, null]	None
query	state optional	Certificate State Example : `VALID`	any of [array[string], string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	CertificateListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Example HTTP response

Response 200

{
    "certificates": [
        {
            "cert_kind": "PRD",
            "cn": "test.go.kr",
            "id": "",
            "name": "test-certificate",
            "not_after_dt": "2026-02-07T18:07:59",
            "not_before_dt": "2025-02-08T18:07:00",
            "state": "VALID"
        }
    ],
    "count": 20,
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

1.1.5.2 - 1.0

get /v1/certificatemanager

Description

List Certificates

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	isMine optional	Is it my certificate Example : `False`	any of [boolean, null]	False
query	name optional	Certificate Name Example : `test-certificate`	any of [string, null]	None
query	cn optional	Certificate Common Name Example : `test.go.kr`	any of [string, null]	None
query	state optional	Certificate State Example : `VALID`	any of [array[string], string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	CertificateListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Example HTTP response

Response 200

{
    "certificates": [
        {
            "cert_kind": "PRD",
            "cn": "test.go.kr",
            "id": "",
            "name": "test-certificate",
            "not_after_dt": "2026-02-07T18:07:59",
            "not_before_dt": "2025-02-08T18:07:00",
            "state": "VALID"
        }
    ],
    "count": 20,
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

1.1.6 - Self-sign a certificate

1.1.6.1 - 1.1

post /v1/certificatemanager/self-sign

Description

Self-sign a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		SelfSignCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	CertificateDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/self-sign

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Request body

{
    "cn": "test.go.kr",
    "name": "test-certificate",
    "not_after_dt": "20251212",
    "not_before_dt": "20250101",
    "organization": "samsungSDS",
    "recipients": [],
    "region": "west1",
    "tags": [],
    "timezone": "Asia/Seoul"
}

Example HTTP response

Response 201

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "DEV",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "state": "VALID",
        "user_name": "2048"
    }
}

1.1.6.2 - 1.0

post /v1/certificatemanager/self-sign

Description

Self-sign a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		SelfSignCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	CertificateDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/self-sign

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Request body

{
    "cn": "test.go.kr",
    "name": "test-certificate",
    "not_after_dt": "20251212",
    "not_before_dt": "20250101",
    "organization": "samsungSDS",
    "recipients": [],
    "region": "west1",
    "tags": [],
    "timezone": "Asia/Seoul"
}

Example HTTP response

Response 201

{
    "certificate": {
        "account_id": "b82909b3576449fda984fb25c3123542da",
        "cert_body": "",
        "cert_chain": "",
        "cert_kind": "DEV",
        "cert_type": "pem",
        "cert_version": "2",
        "cn": "test.go.kr",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_bit_size": "2048",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "test-certificate",
        "not_after_dt": "2026-02-07T18:07:59",
        "not_before_dt": "2025-02-08T18:07:00",
        "organization": "samsungSDS",
        "private_key": "",
        "state": "VALID",
        "user_name": "2048"
    }
}

1.1.7 - Validate a certificate

1.1.7.1 - 1.1

post /v1/certificatemanager/check-validation

Description

Validate a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateValidateRequestV1Dot1

Responses

HTTP Code	Description	Schema
200	OK	CertificateValidateResponseV1Dot1
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/check-validation

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.1"

Request body

{
    "cert_body": "<encoded certificate body data>",
    "cert_chain": "<encoded certificate chain data>",
    "private_key": "<encoded private key data>"
}

Example HTTP response

Response 200

{
    "validate_check": ""
}

1.1.7.2 - 1.0

post /v1/certificatemanager/check-validation

Description

Validate a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		CertificateValidateRequest

Responses

HTTP Code	Description	Schema
200	OK	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/certificatemanager/check-validation

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = certificatemanager 1.0"

Request body

{
    "cert_body": "<encoded certificate body data>",
    "cert_chain": "<encoded certificate chain data>",
    "is_need_cert_chain": "True",
    "private_key": "<encoded private key data>"
}

Example HTTP response

Response 200

{
    "result": true
}

1.2 - Models

1.2.1 - CertificateCreate

Name	Description	Schema
account_id required	Account ID Example : `b82909b3576449fda984fb25c3123542da`	string
cert_body required	Certificate body Example :	string
cert_chain optional	Certificate chain Example :	any of [string, null]
cert_kind optional	Certificate type Example : `PRD`	string
cert_type required	Certificate type Example : `pem`	string
cert_version required	Certificate Version Example : `2`	string
cn required	Certificate Common Name Example : `test.go.kr`	string
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
key_bit_size required	key bits size Example : `2048`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Certificate Name Example : `test-certificate`	string
not_after_dt required	Certificate Expire Date Example : `2026-02-07T18:07:59`	string (date-time)
not_before_dt required	Certificate Start Date Example : `2025-02-08T18:07:00`	string (date-time)
organization required	Certificate Organization Name Example : `samsungSDS`	string
private_key required	Private key Example :	string
recipients optional	Expired certificates Recipients Example : `[{'region': '', 'user_id': 'sdaFDQSDADZ2488e195c0e97d9b9eb', 'user_name': 'kildong.hong'}]`	array[Recipient]
state required	Certificate State Example : `VALID`	string
tags optional	Tag List’	array[Tag]
user_name required	User Name Example : `kildong@samsung.com`	string

1.2.2 - CertificateCreateRequest

Name	Description	Schema
cert_body required	Certificate body Example : `<encoded certificate body data>`	string
cert_chain optional	Certificate chain Example : `<encoded certificate chain data>`	any of [string, null]
name required	Certificate Name Example : `test-certificate`	string
private_key required	Private key Example : `<encoded private key data>`	string
recipients optional	Expired certificates Recipients Example : `[{'region': '', 'user_id': 'sdaFDQSDADZ2488e195c0e97d9b9eb', 'user_name': 'kildong.hong'}]`	array[Recipient]
region required	Name of region Example : `west1`	string
tags optional	Tag List’	array[Tag]
timezone required	Timezone Example : `Asia/Seoul`	string

1.2.3 - CertificateCreateResponse

Name	Description	Schema	Default
certificate required		CertificateCreate

1.2.4 - CertificateDetail

Name	Description	Schema
account_id required	Account ID Example : `b82909b3576449fda984fb25c3123542da`	string
cert_body required	Certificate body Example :	string
cert_chain optional	Certificate chain Example :	any of [string, null]
cert_kind optional	Certificate type Example : `DEV`	string
cert_type required	Certificate type Example : `pem`	string
cert_version required	Certificate Version Example : `2`	string
cn required	Certificate Common Name Example : `test.go.kr`	string
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
key_bit_size required	key bits size Example : `2048`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Certificate Name Example : `test-certificate`	string
not_after_dt required	Certificate Expire Date Example : `2026-02-07T18:07:59`	string (date-time)
not_before_dt required	Certificate Start Date Example : `2025-02-08T18:07:00`	string (date-time)
organization required	Certificate Organization Name Example : `samsungSDS`	string
private_key required	Private key Example :	string
state required	Certificate State Example : `VALID`	string
user_name required	User Name Example : `2048`	string

1.2.5 - CertificateDetailResponse

Name	Description	Schema	Default
certificate required		CertificateDetail

1.2.6 - CertificateDuplicateRequest

Name	Description	Schema	Default
name required	Certificate Name Example :	string

1.2.7 - CertificateList

Name	Description	Schema
cert_kind optional	Certificate type Example : `PRD`	string
cn required	Certificate Common Name Example : `test.go.kr`	string
id required	Certificate ID Example :	string
name required	Certificate Name Example : `test-certificate`	string
not_after_dt required	Certificate Expire Date Example : `2026-02-07T18:07:59`	string (date-time)
not_before_dt required	Certificate Start Date Example : `2025-02-08T18:07:00`	string (date-time)
state required	Certificate State Example : `VALID`	string

1.2.8 - CertificateListResponse

Name	Description	Schema
certificates required		array[CertificateList]
count required	count Example : `20`	integer
page required	page Example : `0`	integer
size required	size Example : `20`	integer
sort optional	sort Example : `['created_at:asc']`	any of [array[string], null]

1.2.9 - CertificateValidateRequest

Name	Description	Schema
cert_body required	Certificate body Example : `<encoded certificate body data>`	string
cert_chain optional	Certificate chain Example : `<encoded certificate chain data>`	any of [string, null]
is_need_cert_chain required	Is needed Certificate chain Example : `True`	boolean
private_key required	Private key Example : `<encoded private key data>`	string

1.2.10 - CertificateValidateRequestV1Dot1

Name	Description	Schema
cert_body required	Certificate body Example : `<encoded certificate body data>`	string
cert_chain optional	Certificate chain Example : `<encoded certificate chain data>`	any of [string, null]
private_key required	Private key Example : `<encoded private key data>`	string

1.2.11 - CertificateValidateResponseV1Dot1

Name	Description	Schema	Default
validate_check required	Example :	boolean

1.2.12 - CheckResponse

Name	Description	Schema	Default
result required	True, False Check Example : `True`	boolean

1.2.13 - Recipient

Name	Description	Schema
region required	Name of region Example :	string
user_id required	User ID Example :	string
user_name required	User Name Example :	string

1.2.14 - SelfSignCreateRequest

Name	Description	Schema
cn required	Certificate Common Name Example : `test.go.kr`	string
name required	Certificate Name Example : `test-certificate`	string
not_after_dt required	Certificate Expire Date Example : `20251212`	string
not_before_dt required	Certificate Start Date Example : `20250101`	string
organization required	Certificate Organization Name Example : `samsungSDS`	string
recipients optional	Expired certificates Recipients	array[Recipient]
region required	Name of region Example : `west1`	string
tags optional	Tag List’	array[Tag]
timezone required	Timezone Example : `Asia/Seoul`	string

1.2.15 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string

2 - Config Inspection

Overview

Provides an Application Programming Interface (API) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Config Inspection service and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	SUPPORTED	20260531
1.1	CURRENT	-

OpenAPI URL

https://configinspection.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

2.1 - APIs

2.1.1 - Create Config Inspection

2.1.1.1 - 1.1

post /v1/configinspection/diagnosis/save

Description

Create Diagnosis Object

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		DiagnosisObjectRequest

Responses

HTTP Code	Description	Schema
201	Created	ConfigInspectionCreateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/save

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Request body

{
    "account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "auth_key_request": {
        "auth_key_created_at": "2022-01-01 12:00:00",
        "auth_key_expired_at": "2023-01-01 12:00:00",
        "auth_key_id": "9b72a9856e494e67afc69atd3631fe38",
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097"
    },
    "csp_type": "SCP",
    "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "diagnosis_name": "Sample Diagnosis Name",
    "diagnosis_type": "Console",
    "plan_type": "STANDARD",
    "schedule_request": {
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_start_time_pattern": "08:00",
        "frequency_type": "MONTH",
        "frequency_value": "1",
        "use_diagnosis_check_type_bp": "y",
        "use_diagnosis_check_type_ssi": "y"
    },
    "tags": []
}

Example HTTP response

Response 201

{
    "diagnosis_id": "Sample Diagnosis Name",
    "result": true
}

2.1.1.2 - 1.0

post /v1/configinspection/diagnosis/save

Description

Create Diagnosis Object

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		DiagnosisObjectRequest

Responses

HTTP Code	Description	Schema
201	Created	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/save

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Request body

{
    "account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "auth_key_request": {
        "auth_key_created_at": "2022-01-01 12:00:00",
        "auth_key_expired_at": "2023-01-01 12:00:00",
        "auth_key_id": "9b72a9856e494e67afc69atd3631fe38",
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097"
    },
    "csp_type": "SCP",
    "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "diagnosis_name": "Sample Diagnosis Name",
    "diagnosis_type": "Console",
    "plan_type": "STANDARD",
    "schedule_request": {
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_start_time_pattern": "08:00",
        "frequency_type": "MONTH",
        "frequency_value": "1",
        "use_diagnosis_check_type_bp": "y",
        "use_diagnosis_check_type_ssi": "y"
    },
    "tags": []
}

Example HTTP response

Response 201

{
    "result": true
}

2.1.2 - Delete Config Inspection

2.1.2.1 - 1.1

delete /v1/configinspection/diagnosis/terminate/{diagnosis_id}

Description

Delete Config Inspection Product

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	diagnosis_id required	Id of diagnosis Example : `Sample Diagnosis Name`	string	None

Responses

HTTP Code	Description	Schema
200	OK	TerminateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/terminate/{diagnosis_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Example HTTP response

Response 200

{
    "delete_flag": true,
    "msg": "Delete success"
}

2.1.2.2 - 1.0

delete /v1/configinspection/diagnosis/terminate/{diagnosis_id}

Description

Delete Config Inspection Product

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
path	diagnosis_id required	Id of diagnosis Example : `Sample Diagnosis Name`	string	None

Responses

HTTP Code	Description	Schema
200	OK	TerminateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/terminate/{diagnosis_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Example HTTP response

Response 200

{
    "delete_flag": true,
    "msg": "Delete success"
}

2.1.3 - Diagnosis Request

2.1.3.1 - 1.1

post /v1/configinspection/diagnosis/request

Description

Request diagnosis

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		DiagnosisRequest

Responses

HTTP Code	Description	Schema
201	Created	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/request

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Request body

{
    "access_key": "SAMPLE KEY",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "secret_key": "SAMPLE KEY",
    "tenant_id": "1234567890"
}

Example HTTP response

Response 201

{
    "result": true
}

2.1.3.2 - 1.0

post /v1/configinspection/diagnosis/request

Description

Request diagnosis

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		DiagnosisRequest

Responses

HTTP Code	Description	Schema
201	Created	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/request

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Request body

{
    "access_key": "SAMPLE KEY",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "secret_key": "SAMPLE KEY",
    "tenant_id": "1234567890"
}

Example HTTP response

Response 201

{
    "result": true
}

2.1.4 - Disgnosis Response

2.1.4.1 - 1.1

post /v1/configinspection/diagnosis/response

Description

Response diagnosis

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		ConfigInspectionLookinResponse

Responses

HTTP Code	Description	Schema
201	Created	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/response

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Request body

{
    "requestNumber": "",
    "systemId": "",
    "targets": {
        "cloudAccountId": "",
        "cspCd": "",
        "cspConsoleCd": "",
        "error": {
            "message": "",
            "type": ""
        },
        "kind": "",
        "result": [],
        "status": "",
        "version": ""
    }
}

Example HTTP response

Response 201

{
    "result": true
}

2.1.4.2 - 1.0

post /v1/configinspection/diagnosis/response

Description

Response diagnosis

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
body	body required		ConfigInspectionLookinResponse

Responses

HTTP Code	Description	Schema
201	Created	CheckResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/response

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Request body

{
    "requestNumber": "",
    "systemId": "",
    "targets": {
        "cloudAccountId": "",
        "cspCd": "",
        "cspConsoleCd": "",
        "error": {
            "message": "",
            "type": ""
        },
        "kind": "",
        "result": [],
        "status": "",
        "version": ""
    }
}

Example HTTP response

Response 201

{
    "result": true
}

2.1.5 - Get Diagnosis Object Detail

2.1.5.1 - 1.1

get /v1/configinspection/diagnosis/detail/{diagnosis_id}

Description

Get Diagnosis Object Detail

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	diagnosis_id required	Id of diagnosis Example : `Sample Diagnosis Name`	string	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisObjectDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/detail/{diagnosis_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Example HTTP response

Response 200

{
    "auth_key_responses": {
        "auth_key_created_at": "2022-01-01T12:00:00Z",
        "auth_key_expired_at": "2022-01-01T12:00:00Z",
        "auth_key_id": "9b72a9856e494e67afc69atd3631fe38",
        "auth_key_state": "ACTIVATED",
        "user_id": "4f5d60e9e08b48d0a0881e21ab14e266"
    },
    "schedule_response": {
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_start_time_pattern": "08:00",
        "frequency_type": "MONTH",
        "frequency_value": "1",
        "use_diagnosis_check_type_bp": "y",
        "use_diagnosis_check_type_ssi": "y"
    },
    "summary_responses": {
        "created_at": "2022-01-01T12:00:00Z",
        "csp_type": "SCP",
        "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
        "diagnosis_check_type": "BP",
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_name": "Sample Diagnosis Name",
        "diagnosis_type": "Console",
        "error_state": "CONNECTION_FAIL",
        "plan_type": "STANDARD",
        "recent_diagnosis_at": "2022-01-01T12:00:00Z",
        "recent_diagnosis_state": "Completed"
    }
}

2.1.5.2 - 1.0

get /v1/configinspection/diagnosis/detail/{diagnosis_id}

Description

Get Diagnosis Object Detail

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
path	diagnosis_id required	Id of diagnosis Example : `Sample Diagnosis Name`	string	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisObjectDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/detail/{diagnosis_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Example HTTP response

Response 200

{
    "auth_key_responses": {
        "auth_key_created_at": "2022-01-01T12:00:00Z",
        "auth_key_expired_at": "2022-01-01T12:00:00Z",
        "auth_key_id": "9b72a9856e494e67afc69atd3631fe38",
        "auth_key_state": "ACTIVATED",
        "user_id": "4f5d60e9e08b48d0a0881e21ab14e266"
    },
    "schedule_response": {
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_start_time_pattern": "08:00",
        "frequency_type": "MONTH",
        "frequency_value": "1",
        "use_diagnosis_check_type_bp": "y",
        "use_diagnosis_check_type_ssi": "y"
    },
    "summary_responses": {
        "created_at": "2022-01-01T12:00:00Z",
        "csp_type": "SCP",
        "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
        "diagnosis_check_type": "BP",
        "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
        "diagnosis_name": "Sample Diagnosis Name",
        "diagnosis_type": "Console",
        "error_state": "CONNECTION_FAIL",
        "plan_type": "STANDARD",
        "recent_diagnosis_at": "2022-01-01T12:00:00Z",
        "recent_diagnosis_state": "Completed"
    }
}

2.1.6 - Get Diagnosis Result Detail

2.1.6.1 - 1.1

get /v1/configinspection/report/diagnosis/detail

Description

get Diagnosis Result Detail

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string	None
query	diagnosis_request_sequence required	Sequence of diagnosis request Example : `SCPCIS-E75FD21CA524441C9C1B1B381D5974F7`	string	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisResultDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/report/diagnosis/detail?diagnosis_id={diagnosis_id}&diagnosis_request_sequence={diagnosis_request_sequence}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Example HTTP response

Response 200

{
    "checklist_name": "Sample Checklist",
    "count": 20,
    "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "diagnosis_name": "Sample Diagnosis Name",
    "diagnosis_request_sequence": "SCPCIS-E75FD21CA524441C9C1B1B381D5974F7",
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ],
    "proceed_date": "2026-02-11T06:41:21.598Z",
    "result_detail_list": [
        {
            "action_guide": "원격 접속 Port에 Source IP가 ANY(0.0.0.0/0)로 등록되어있거나 과도하게 허용된 Security Group 규칙은 아래와 같이 삭제합니다.",
            "changed": true,
            "diagnosis_check_type": "BP",
            "diagnosis_criteria": "【 Security Group 규칙 】\r\n① 원격접속 Port에 Any IP 접근을 허용하는 규칙이 존재하지 않아야 합니다.",
            "diagnosis_item": "2.NW_003. 프로토콜 별 원격접속 Port는 접근이 필요한 IP를 지정하여 접속을 허용해야 합니다.",
            "diagnosis_layer": "2.NETWORK",
            "diagnosis_method": "Security Group의 Inbound 규칙에 원격 접속이 필요한 사용자나 시스템만 접근을 허용하는 규칙을 등록 하였는지 확인합니다.",
            "diagnosis_result": "03",
            "result_contents": "상세 내역",
            "sub_category": "NURIBP_SCP_02.NW_004"
        }
    ],
    "total": 10
}

2.1.6.2 - 1.0

get /v1/configinspection/report/diagnosis/detail

Description

get Diagnosis Result Detail

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string	None
query	diagnosis_request_sequence required	Sequence of diagnosis request Example : `SCPCIS-E75FD21CA524441C9C1B1B381D5974F7`	string	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisResultDetailResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/report/diagnosis/detail?diagnosis_id={diagnosis_id}&diagnosis_request_sequence={diagnosis_request_sequence}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Example HTTP response

Response 200

{
    "checklist_name": "Sample Checklist",
    "count": 20,
    "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
    "diagnosis_check_type": "BP",
    "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
    "diagnosis_name": "Sample Diagnosis Name",
    "diagnosis_request_sequence": "SCPCIS-E75FD21CA524441C9C1B1B381D5974F7",
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ],
    "proceed_date": "2026-02-11T06:41:21.445Z",
    "result_detail_list": [
        {
            "action_guide": "원격 접속 Port에 Source IP가 ANY(0.0.0.0/0)로 등록되어있거나 과도하게 허용된 Security Group 규칙은 아래와 같이 삭제합니다.",
            "changed": true,
            "diagnosis_check_type": "BP",
            "diagnosis_criteria": "【 Security Group 규칙 】\r\n① 원격접속 Port에 Any IP 접근을 허용하는 규칙이 존재하지 않아야 합니다.",
            "diagnosis_item": "2.NW_003. 프로토콜 별 원격접속 Port는 접근이 필요한 IP를 지정하여 접속을 허용해야 합니다.",
            "diagnosis_layer": "2.NETWORK",
            "diagnosis_method": "Security Group의 Inbound 규칙에 원격 접속이 필요한 사용자나 시스템만 접근을 허용하는 규칙을 등록 하였는지 확인합니다.",
            "diagnosis_result": "03",
            "result_contents": "상세 내역",
            "sub_category": "NURIBP_SCP_02.NW_004"
        }
    ],
    "total": 10
}

2.1.7 - List Config Inspection

2.1.7.1 - 1.1

get /v1/configinspection/diagnosis/list

Description

get config inspection list

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	isMine optional	my Config Inspection Example : `False`	boolean	False
query	diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	any of [string, null]	None
query	diagnosis_name optional	Name of diagnosis Example : `My Diagnosis`	any of [string, null]	None
query	csp_type optional	Type of cloud service provider Example : `SCP`	any of [string, null]	None
query	diagnosis_account_id optional	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	any of [string, null]	None
query	recent_diagnosis_state optional	recent Diagnosis State Example : `Completed`	any of [array[string], null]	None
query	start_date optional	start Date Example : `2022-01-01 12:00:00`	any of [string, null]	None
query	end_date optional	end Date Example : `2022-01-02 12:00:00`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	ConfigInspectionListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/list

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Example HTTP response

Response 200

{
    "count": 20,
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ],
    "summary_responses": [
        {
            "created_at": "2022-01-01T12:00:00Z",
            "csp_type": "SCP",
            "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
            "diagnosis_check_type": "BP",
            "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
            "diagnosis_name": "Sample Diagnosis Name",
            "diagnosis_type": "Console",
            "error_state": "CONNECTION_FAIL",
            "plan_type": "STANDARD",
            "recent_diagnosis_at": "2022-01-01T12:00:00Z",
            "recent_diagnosis_state": "Completed"
        }
    ]
}

2.1.7.2 - 1.0

get /v1/configinspection/diagnosis/list

Description

get config inspection list

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	isMine optional	my Config Inspection Example : `False`	boolean	False
query	diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	any of [string, null]	None
query	diagnosis_name optional	Name of diagnosis Example : `My Diagnosis`	any of [string, null]	None
query	csp_type optional	Type of cloud service provider Example : `SCP`	any of [string, null]	None
query	diagnosis_account_id optional	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	any of [string, null]	None
query	recent_diagnosis_state optional	recent Diagnosis State Example : `Completed`	any of [array[string], null]	None
query	start_date optional	start Date Example : `2022-01-01 12:00:00`	any of [string, null]	None
query	end_date optional	end Date Example : `2022-01-02 12:00:00`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	ConfigInspectionListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/diagnosis/list

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ],
    "summary_responses": [
        {
            "created_at": "2022-01-01T12:00:00Z",
            "csp_type": "SCP",
            "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
            "diagnosis_check_type": "BP",
            "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
            "diagnosis_name": "Sample Diagnosis Name",
            "diagnosis_type": "Console",
            "error_state": "CONNECTION_FAIL",
            "plan_type": "STANDARD",
            "recent_diagnosis_at": "2022-01-01T12:00:00Z",
            "recent_diagnosis_state": "Completed"
        }
    ]
}

2.1.8 - List Diagnosis Result

2.1.8.1 - 1.1

get /v1/configinspection/report/diagnosis/list

Description

get Diagnosis Result List

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	account_id optional	account Id Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	any of [string, null]	None
query	diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	any of [string, null]	None
query	diagnosis_name optional	Name of diagnosis Example : `Sample Diagnosis Name`	any of [string, null]	None
query	start_date optional	start Date Example : `2022-01-01`	any of [string, null]	None
query	end_date optional	end Date Example : `2022-12-31`	any of [string, null]	None
query	csp_type optional	Type of cloud service provider Example : `SCP`	any of [string, null]	None
query	diagnosis_state optional	Status of diagnosis Example : `Completed`	any of [string, null]	None
query	user_id optional	user Id Example : `76b563a009584b1380715c00703a02ff`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisResultListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/report/diagnosis/list

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.1"

Example HTTP response

Response 200

{
    "count": 20,
    "diagnosis_result_responses": [
        {
            "count_check": 10,
            "count_error": 0,
            "count_fail": 3,
            "count_na": 2,
            "count_pass": 5,
            "csp_type": "SCP",
            "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
            "diagnosis_check_type": "BP",
            "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
            "diagnosis_name": "Sample Diagnosis Name",
            "diagnosis_request_sequence": "1234567890",
            "diagnosis_result": "SUCCESS",
            "diagnosis_total_count": 10,
            "proceed_date": "2022-01-01T12:00:00Z",
            "total": 10
        }
    ],
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ]
}

2.1.8.2 - 1.0

get /v1/configinspection/report/diagnosis/list

Description

get Diagnosis Result List

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Type	Name	Description	Schema	Default
query	with_count optional	with count Example : `true`	any of [string, null]	None
query	limit optional	limit Example : `20`	any of [integer, null]	None
query	marker optional	marker Example : `607e0938521643b5b4b266f343fae693`	any of [string, null]	None
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	account_id optional	account Id Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	any of [string, null]	None
query	diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	any of [string, null]	None
query	diagnosis_name optional	Name of diagnosis Example : `Sample Diagnosis Name`	any of [string, null]	None
query	start_date optional	start Date Example : `2022-01-01`	any of [string, null]	None
query	end_date optional	end Date Example : `2022-12-31`	any of [string, null]	None
query	csp_type optional	Type of cloud service provider Example : `SCP`	any of [string, null]	None
query	diagnosis_state optional	Status of diagnosis Example : `Completed`	any of [string, null]	None
query	user_id optional	user Id Example : `76b563a009584b1380715c00703a02ff`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	DiagnosisResultListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/configinspection/report/diagnosis/list

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = configinspection 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "diagnosis_result_responses": [
        {
            "count_check": 10,
            "count_error": 0,
            "count_fail": 3,
            "count_na": 2,
            "count_pass": 5,
            "csp_type": "SCP",
            "diagnosis_account_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
            "diagnosis_check_type": "BP",
            "diagnosis_id": "DIA-943731CB8E3045C289BAECAEC3532097",
            "diagnosis_name": "Sample Diagnosis Name",
            "diagnosis_request_sequence": "1234567890",
            "diagnosis_result": "SUCCESS",
            "diagnosis_total_count": 10,
            "proceed_date": "2022-01-01T12:00:00Z",
            "total": 10
        }
    ],
    "links": [
        {
            "href": "http://scp.samsungsdscloud.com/v1/notices",
            "rel": "self"
        }
    ]
}

2.2 - Models

2.2.1 - AuthKeyRequest

Name	Description	Schema
auth_key_created_at optional	created date of authkey Example : `2022-01-01 12:00:00`	any of [string, null]
auth_key_expired_at optional	expired date of authkey Example : `2023-01-01 12:00:00`	any of [string, null]
auth_key_id required	Id of auth key Example : `9b72a9856e494e67afc69atd3631fe38`	string
diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	any of [string, null]

2.2.2 - AuthKeyResponse

Name	Description	Schema
auth_key_created_at optional	created date of authkey Example : `2022-01-01T12:00:00Z`	string
auth_key_expired_at optional	expired date of authkey Example : `2022-01-01T12:00:00Z`	string
auth_key_id optional	Id of auth key Example : `9b72a9856e494e67afc69atd3631fe38`	string
auth_key_state optional	state of auth key Example : `ACTIVATED`	string
user_id optional	user Id Example : `4f5d60e9e08b48d0a0881e21ab14e266`	string

2.2.3 - CheckResponse

Name	Description	Schema	Default
result required	True, False Check Example : `True`	boolean

2.2.4 - ConfigInspectionCreateResponse

Name	Description	Schema	Default
diagnosis_id required	Id of diagnosis Example : `Sample Diagnosis Name`	string
result required	True, False Check Example : `True`	boolean

2.2.5 - ConfigInspectionListResponse

Name	Description	Schema
count optional	total count Example : `20`	any of [integer, null]
links optional	links Example : `[{'href': 'http://scp.samsungsdscloud.com/v1/notices', 'rel': 'self'}]`	any of [array[object], null]
summary_responses required		array[SummaryResponse]

2.2.6 - ConfigInspectionLookinError

Name	Description	Schema	Default
message optional	Example :	string
type optional	Example :	string

2.2.7 - ConfigInspectionLookinResponse

Name	Description	Schema
requestNumber required	Example :	string
systemId required	Example :	string
targets required		ConfigInspectionLookinTarget

2.2.8 - ConfigInspectionLookinResult

Name	Description	Schema
current optional	Example :	string
itemCode required	Example :	string
verify optional	Example :	string

2.2.9 - ConfigInspectionLookinTarget

Name	Description	Schema
cloudAccountId required	Example :	string
cspCd required	Example :	string
cspConsoleCd required	Example :	string
error optional		any of [ConfigInspectionLookinError, null]
kind optional	Example :	string
result optional		array[ConfigInspectionLookinResult]
status optional	Example :	string
version optional	Example :	string

2.2.10 - DiagnosisObjectDetailResponse

Name	Description	Schema	Default
auth_key_responses required		AuthKeyResponse
schedule_response required		DiagnosisScheduleResponse
summary_responses required		SummaryResponse

2.2.11 - DiagnosisObjectRequest

Name	Description	Schema
account_id required	account Id Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
auth_key_request required		AuthKeyRequest
csp_type required	Type of cloud service provider Example : `SCP`	string
diagnosis_account_id required	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
diagnosis_check_type required	Check type of diagnosis Example : `BP`	string
diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_name required	Name of diagnosis Example : `Sample Diagnosis Name` Pattern : `^[a-zA-Z0-9-_]+$` Maximum length : `25`	string
diagnosis_type required	diagnosis Type Example : `Console`	string
plan_type required	plan Type Example : `STANDARD`	string
schedule_request required		DiagnosisScheduleRequest
tags optional	Tag List	array[Tag]

2.2.12 - DiagnosisRequest

Name	Description	Schema
access_key required	Access Key Example : `SAMPLE KEY`	string
diagnosis_check_type required	Check type of diagnosis Example : `BP`	string
diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
secret_key required	Secret Key Example : `SAMPLE KEY`	string
tenant_id required	Tenant ID Example : `1234567890`	string

2.2.13 - DiagnosisResultDetail

Name	Description	Schema
action_guide required	measure guide description Example : `원격 접속 Port에 Source IP가 ANY(0.0.0.0/0)로 등록되어있거나 과도하게 허용된 Security Group 규칙은 아래와 같이 삭제합니다.`	string
changed required	iS Change result manage Example : `True`	any of [boolean, null]
diagnosis_check_type required	Check type of diagnosis Example : `BP`	string
diagnosis_criteria required	decision standard description Example : `【 Security Group 규칙 】
① 원격접속 Port에 Any IP 접근을 허용하는 규칙이 존재하지 않아야 합니다.`	string
diagnosis_item required	sub category description Example : `2.NW_003. 프로토콜 별 원격접속 Port는 접근이 필요한 IP를 지정하여 접속을 허용해야 합니다.`	string
diagnosis_layer required	inspector item category description Example : `2.NETWORK`	string
diagnosis_method required	inspector method description Example : `Security Group의 Inbound 규칙에 원격 접속이 필요한 사용자나 시스템만 접근을 허용하는 규칙을 등록 하였는지 확인합니다.`	string
diagnosis_result required	verify result state Example : `03`	string
result_contents required	result Contents Example : `상세 내역`	string
sub_category required	Sub Category Example : `NURIBP_SCP_02.NW_004`	any of [string, null]

2.2.14 - DiagnosisResultDetailResponse

Name	Description	Schema
checklist_name required	checklist Name Example : `Sample Checklist`	string
count optional	total count Example : `20`	any of [integer, null]
diagnosis_account_id required	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
diagnosis_check_type required	Check type of diagnosis Example : `BP`	string
diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_name required	Name of diagnosis Example : `Sample Diagnosis Name`	string
diagnosis_request_sequence required	Sequence of diagnosis request Example : `SCPCIS-E75FD21CA524441C9C1B1B381D5974F7`	string
links optional	links Example : `[{'href': 'http://scp.samsungsdscloud.com/v1/notices', 'rel': 'self'}]`	any of [array[object], null]
proceed_date optional	proceed Date Example :	string (date-time)
result_detail_list required		array[DiagnosisResultDetail]
total required	total count Example : `10`	integer

2.2.15 - DiagnosisResultListResponse

Name	Description	Schema
count optional	total count Example : `20`	any of [integer, null]
diagnosis_result_responses required		array[DiagnosisResultResponse]
links optional	links Example : `[{'href': 'http://scp.samsungsdscloud.com/v1/notices', 'rel': 'self'}]`	any of [array[object], null]

2.2.16 - DiagnosisResultResponse

Name	Description	Schema
count_check optional	check count Example : `10`	integer
count_error optional	error count Example : `0`	integer
count_fail optional	fail count Example : `3`	integer
count_na optional	na count Example : `2`	integer
count_pass optional	pass count Example : `5`	integer
csp_type optional	Type of cloud service provider Example : `SCP`	string
diagnosis_account_id optional	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
diagnosis_check_type optional	Check type of diagnosis Example : `BP`	string
diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_name optional	Name of diagnosis Example : `Sample Diagnosis Name`	string
diagnosis_request_sequence optional	Sequence of diagnosis request Example : `1234567890`	string
diagnosis_result optional	diagnosis Result Example : `SUCCESS`	string
diagnosis_total_count optional	diagnosis Total Count Example : `10`	integer
proceed_date optional	proceed Date Example : `2022-01-01T12:00:00Z`	string (date-time)
total optional	total count Example : `10`	integer

2.2.17 - DiagnosisScheduleRequest

Name	Description	Schema
diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_start_time_pattern required	Start time( 5-minute increments, 00 to 23 hours, 00 to 55 minutes ) Example : `08:00`	string
frequency_type required	Schedule type( monthly, weekly, daily) Example : `MONTH`	string
frequency_value required	Schedule value (01~31, MONDAY~SUNDAY, everyDay) Example : `1`	string
use_diagnosis_check_type_bp required	Checklist Best Practice Use Example : `y`	string
use_diagnosis_check_type_ssi required	Checklist SSI usage Example : `y`	string

2.2.18 - DiagnosisScheduleResponse

Name	Description	Schema
diagnosis_id optional	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_start_time_pattern optional	Start time( 5-minute increments, 00 to 23 hours, 00 to 55 minutes ) Example : `08:00`	string
frequency_type optional	Schedule type( monthly, weekly, daily) Example : `MONTH`	string
frequency_value optional	Schedule value (01~31, MONDAY~SUNDAY, everyDay) Example : `1`	string
use_diagnosis_check_type_bp optional	Checklist Best Practice Use Example : `y`	string
use_diagnosis_check_type_ssi optional	Checklist SSI usage Example : `y`	string

2.2.19 - SummaryResponse

Name	Description	Schema
created_at required	Created date Example : `2022-01-01T12:00:00Z`	string (date-time)
csp_type required	Type of cloud service provider Example : `SCP`	string
diagnosis_account_id required	Id of diagnosis Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
diagnosis_check_type required	Check type of diagnosis Example : `BP`	string
diagnosis_id required	Id of diagnosis Example : `DIA-943731CB8E3045C289BAECAEC3532097`	string
diagnosis_name required	Name of diagnosis Example : `Sample Diagnosis Name`	string
diagnosis_type required	diagnosis Type Example : `Console`	string
error_state optional	Error type of recent diagnosis Example : `CONNECTION_FAIL`	any of [string, null]
plan_type required	plan Type Example : `STANDARD`	string
recent_diagnosis_at optional	recent Diagnosis Date Example : `2022-01-01T12:00:00Z`	any of [string (date-time), null]
recent_diagnosis_state optional	recent Diagnosis State Example : `Completed`	any of [string, null]

2.2.20 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string

2.2.21 - TerminateResponse

Name	Description	Schema	Default
delete_flag required	True, False Check Example : `True`	boolean
msg required	message of delete Example : `Delete success`	string

3 - Key Management Service

Overview

Provides an Application Programming Interface (API) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Key Management Service(KMS) and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	DEPRECATED	20251231
1.1	CURRENT	-

OpenAPI URL

https://kms.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

3.1 - APIs

3.1.1 - Change Rotate Info

3.1.1.1 - 1.1

put /v1/kms/transit/{key_id}/rotate-info

Description

Change rotate info.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyRotateInfoRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate-info

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "auto_rotate": "Y",
    "rotate_cycle": 7
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.1.2 - 1.0

put /v1/kms/transit/{key_id}/rotate-info

Description

Change rotate info.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyRotateInfoRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate-info

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "auto_rotate": "Y",
    "rotate_cycle": 7
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.2 - Change State Of Key

3.1.2.1 - 1.1

put /v1/kms/transit/{key_id}/state

Description

Change state of key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyStateRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/state

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "state": "Active"
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.2.2 - 1.0

put /v1/kms/transit/{key_id}/state

Description

Change state of key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyStateRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/state

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "state": "Active"
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.3 - Check Duplicate Name

3.1.3.1 - 1.1

get /v1/kms/transit/duplicate

Description

Check duplication of key name.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	name required	Name of key Example : `testkey`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyNameDuplicateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/duplicate?name={name}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "isDuplicateName": true
}

3.1.3.2 - 1.0

get /v1/kms/transit/duplicate

Description

Check duplication of key name.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
query	name required	Name of key Example : `testkey`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyNameDuplicateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/duplicate?name={name}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "isDuplicateName": true
}

3.1.4 - Create Datakey

3.1.4.1 - 1.1

post /v1/kms/openapi/datakey/{key_id}

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DatakeyRequest

Responses

HTTP Code	Description	Schema
200	OK	DatakeyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/datakey/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "key_type": "plaintext"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1,
    "plaintext": "oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA="
}

3.1.4.2 - 1.0

post /v1/kms/openapi/datakey/{key_id}

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DatakeyRequest

Responses

HTTP Code	Description	Schema
200	OK	DatakeyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/datakey/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "key_type": "plaintext"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1,
    "plaintext": "oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA="
}

3.1.5 - Create Key

3.1.5.1 - 1.1

post /v1/kms/transit

Description

Create key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		KeyCreateMasterKeyRequest

Responses

HTTP Code	Description	Schema
201	Created	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "auto_rotate": "Y",
    "description": "description1",
    "key_type": "advanced",
    "name": "testkey",
    "purpose": "rsa-2048",
    "rotate_cycle": 7,
    "tags": []
}

Example HTTP response

Response 201

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.5.2 - 1.0

post /v1/kms/transit

Description

Create key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
body	body required		KeyCreateMasterKeyRequest

Responses

HTTP Code	Description	Schema
201	Created	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "auto_rotate": "Y",
    "description": "description1",
    "key_type": "advanced",
    "name": "testkey",
    "purpose": "rsa-2048",
    "rotate_cycle": 7,
    "tags": []
}

Example HTTP response

Response 201

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.6 - Decrypt Data

3.1.6.1 - 1.1

post /v1/kms/openapi/decrypt/{key_id}

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DecryptRequest

Responses

HTTP Code	Description	Schema
200	OK	DecryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/decrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

3.1.6.2 - 1.0

post /v1/kms/openapi/decrypt/{key_id}

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DecryptRequest

Responses

HTTP Code	Description	Schema
200	OK	DecryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/decrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

3.1.7 - Delete Key

3.1.7.1 - 1.1

delete /v1/kms/transit/{key_id}

Description

Delete a key now or later.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
query	is_directly optional	Delete immediately Example : `True`	boolean	False

Responses

HTTP Code	Description	Schema
204	No Content	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 204

3.1.7.2 - 1.0

delete /v1/kms/transit/{key_id}

Description

Delete a key now or later.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
query	is_directly optional	Delete immediately Example : `True`	boolean	False

Responses

HTTP Code	Description	Schema
204	No Content	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 204

3.1.8 - Encrypt Data

3.1.8.1 - 1.1

post /v1/kms/openapi/encrypt/{key_id}

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		EncryptRequest

Responses

HTTP Code	Description	Schema
200	OK	EncryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/encrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

3.1.8.2 - 1.0

post /v1/kms/openapi/encrypt/{key_id}

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		EncryptRequest

Responses

HTTP Code	Description	Schema
200	OK	EncryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/encrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

3.1.9 - List Keys

3.1.9.1 - 1.1

get /v1/kms/transit

Description

List keys.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	name optional	Name of key Example : `testkey`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	KeyPageResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "count": 20,
    "keys": [
        {
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "auto_rotate": "Y",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "current_version": 7,
            "delete_at": "20251008",
            "delete_target_yn": "Y",
            "description": "description1",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "key_type": "advanced",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "testkey",
            "next_rotate_at": "20241008",
            "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "purpose": "rsa-2048",
            "region": "kr-west1",
            "rotate_cycle": 7,
            "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "state": "Active",
            "use_count": 1004
        }
    ],
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

3.1.9.2 - 1.0

get /v1/kms/transit

Description

List keys.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	name optional	Name of key Example : `testkey`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	KeyPageResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "keys": [
        {
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "auto_rotate": "Y",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "current_version": 7,
            "delete_at": "20251008",
            "delete_target_yn": "Y",
            "description": "description1",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "key_type": "advanced",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "testkey",
            "next_rotate_at": "20241008",
            "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "purpose": "rsa-2048",
            "region": "kr-west1",
            "rotate_cycle": 7,
            "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "state": "Active",
            "use_count": 1004
        }
    ],
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

3.1.10 - List Users

3.1.10.1 - 1.1

get /v1/kms/transit/{key_id}/users

Description

Get List of users who use key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyUserResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/users

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "user": [
        {
            "user_id": "138c2fc8c29a449dbfa8681f8f1d78e2",
            "user_name": "kimsamsung"
        }
    ]
}

3.1.10.2 - 1.0

get /v1/kms/transit/{key_id}/users

Description

Get List of users who use key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyUserResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/users

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "user": [
        {
            "user_id": "138c2fc8c29a449dbfa8681f8f1d78e2",
            "user_name": "kimsamsung"
        }
    ]
}

3.1.11 - Make hmac

3.1.11.1 - 1.1

post /v1/kms/openapi/hmac/{key_id}

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "hmac": "vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ="
}

3.1.11.2 - 1.0

post /v1/kms/openapi/hmac/{key_id}

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "hmac": "vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ="
}

3.1.12 - Rewrap Data

3.1.12.1 - 1.1

post /v1/kms/openapi/rewrap/{key_id}

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		RewrapRequest

Responses

HTTP Code	Description	Schema
200	OK	RewrapResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/rewrap/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

3.1.12.2 - 1.0

post /v1/kms/openapi/rewrap/{key_id}

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		RewrapRequest

Responses

HTTP Code	Description	Schema
200	OK	RewrapResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/rewrap/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

3.1.13 - Rotate Key

3.1.13.1 - 1.1

post /v1/kms/transit/{key_id}/rotate

Description

Rotate key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.13.2 - 1.0

post /v1/kms/transit/{key_id}/rotate

Description

Rotate key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.14 - Show Key

3.1.14.1 - 1.1

get /v1/kms/transit/{key_id}

Description

Show key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.14.2 - 1.0

get /v1/kms/transit/{key_id}

Description

Show key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.15 - Sign Data

3.1.15.1 - 1.1

post /v1/kms/openapi/sign/{key_id}

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		SignRequest

Responses

HTTP Code	Description	Schema
200	OK	SignResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/sign/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "key_version": 1,
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

3.1.15.2 - 1.0

post /v1/kms/openapi/sign/{key_id}

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		SignRequest

Responses

HTTP Code	Description	Schema
200	OK	SignResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/sign/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "key_version": 1,
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

3.1.16 - Update Description

3.1.16.1 - 1.1

put /v1/kms/transit/{key_id}/description

Description

Update description.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyDescriptionRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/description

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "description": ""
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.16.2 - 1.0

put /v1/kms/transit/{key_id}/description

Description

Update description.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyDescriptionRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/description

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "description": ""
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

3.1.17 - Verify Data

3.1.17.1 - 1.1

post /v1/kms/openapi/verify/{key_id}

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		VerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	VerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA==",
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

Example HTTP response

Response 200

{
    "valid": true
}

3.1.17.2 - 1.0

post /v1/kms/openapi/verify/{key_id}

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		VerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	VerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA==",
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

Example HTTP response

Response 200

{
    "valid": true
}

3.1.18 - Verify hmac with input

3.1.18.1 - 1.1

post /v1/kms/openapi/hmac/verify/{key_id}

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacVerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacVerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "hmac": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=",
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "valid": true
}

3.1.18.2 - 1.0

post /v1/kms/openapi/hmac/verify/{key_id}

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacVerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacVerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "hmac": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=",
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "valid": true
}

3.2 - Models

3.2.1 - DatakeyRequest

Name	Description	Schema	Default
key_type required	Key type( plaintext or wrapped ) Example : `plaintext`	string

3.2.2 - DatakeyResponse

Name	Description	Schema
ciphertext required	Encrypted data key Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer
plaintext required	Data key(base64 encoded) Example : `oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA=`	any of [string, null]

3.2.3 - DecryptRequest

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string

3.2.4 - DecryptResponse

Name	Description	Schema	Default
plaintext required	Decrypted data(base64 encoded) Example : `dGhlIHF1aWNrIGJyb3duIGZveAo=`	string

3.2.5 - EncryptRequest

Name	Description	Schema	Default
plaintext required	Data(base64 encoded) to encrypt Example : `dGhlIHF1aWNrIGJyb3duIGZveAo=`	string

3.2.6 - EncryptResponse

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer

3.2.7 - HmacRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string

3.2.8 - HmacResponse

Name	Description	Schema	Default
hmac required	HMAC data Example : `vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ=`	string

3.2.9 - HmacVerifyRequest

Name	Description	Schema	Default
hmac required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string

3.2.10 - HmacVerifyResponse

Name	Description	Schema	Default
valid required	Verify result Example : `True`	boolean

3.2.11 - Key

Name	Description	Schema
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
auto_rotate required	Auto rotate Y or N Example : `Y`	string
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
current_version required	Current version of KMS key Example : `7`	integer
delete_at required	Date of deletion Example : `20251008`	any of [string (date-time), null]
delete_target_yn required	DeleteTargetYn of Key Example : `Y`	any of [string, null]
description required	Description of Key Example : `description1` Maximum length : `100`	string
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
key_type required	basic or advanced Example : `advanced`	any of [string, null]
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `testkey` Pattern : `^[a-z0-9]$` Minimum length* : `3` Maximum length : `63`	string
next_rotate_at required	Date of next rotate Example : `20241008`	any of [string (date-time), null]
order_ref required	Reference of order Example : `0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01`	any of [string, null]
purpose required	Purpose of key Example : `rsa-2048`	string
region required	Name of region Example : `kr-west1`	string
rotate_cycle required	Rotation cycle Example : `7`	integer
secret_ref required	Reference of secret Example : `0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01`	any of [string, null]
state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
use_count required	Use count of KMS key Example : `1004`	integer

3.2.12 - KeyCreateMasterKeyRequest

Name	Description	Schema	Default
auto_rotate required	Auto rotate Y or N Example : `Y`	string
description required	Description of Key Example : `description1` Maximum length : `100`	string
key_type optional	basic or advanced Example : `advanced`	enum (basic, advanced)	advanced
name required	Name of key Example : `testkey` Pattern : `^[a-z0-9]$` Minimum length* : `3` Maximum length : `63`	string
purpose required	Purpose of key Example : `rsa-2048`	string
rotate_cycle required	Rotation cycle Example : `7`	integer
tags optional	Tag List’	array[Tag]

3.2.13 - KeyDescriptionRequest

Name	Description	Schema	Default
description required	Description of Key Example : Maximum length : `100`	string

3.2.14 - KeyNameDuplicateResponse

Name	Description	Schema	Default
isDuplicateName optional	Example : `True`	boolean	Duplicate check result

3.2.15 - KeyPageResponse

Name	Description	Schema
count required	count Example : `20`	integer
keys required		array[Key]
page required	page Example : `0`	integer
size required	size Example : `20`	integer
sort optional	sort Example : `['created_at:asc']`	any of [array[string], null]

3.2.16 - KeyRotateInfoRequest

Name	Description	Schema	Default
auto_rotate required	Auto rotate Y or N Example : `Y` Pattern : `^[YN]$`	string
rotate_cycle required	Rotation cycle Example : `7`	any of [integer, null]

3.2.17 - KeyShowResponse

Name	Description	Schema	Default
key required		Key

3.2.18 - KeyStateRequest

Name	Description	Schema	Default
state required	State of key(Active, Stop) Example : `Active` Pattern : `^(Active\|Stop)$`	string

3.2.19 - KeyUserResponse

Name	Description	Schema	Default
user required		array[User]

3.2.20 - RewrapRequest

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string

3.2.21 - RewrapResponse

Name	Description	Schema	Default
ciphertext required	Rewrapped data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer

3.2.22 - SignRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for Signature Example : `dGVzdCBpbnB1dA==`	string

3.2.23 - SignResponse

Name	Description	Schema	Default
key_version required	Version of KMS key Example : `1`	integer
signature required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string

3.2.24 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string

3.2.25 - User

Name	Description	Schema	Default
user_id required	User ID Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string
user_name required	User Name Example : `kimsamsung`	string

3.2.26 - VerifyRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string
signature required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string

3.2.27 - VerifyResponse

Name	Description	Schema	Default
valid required	Verify result Example : `True`	boolean

4 - Secret Vault

Overview

Provides an Application Programming Interface (API) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Secret Vault and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	CURRENT	-

OpenAPI URL

https://secretvault.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

4.1 - APIs

4.1.1 - Create Secret Vault

4.1.1.1 - 1.0

post /v1/secretvault

Description

Create Secret Vault.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
body	body required		SecretVaultCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	SecretVaultCreateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secretvault

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretvault 1.0"

Request body

{
    "access_key_id": "b754b12b39da4ce29a40c5e324650bd0",
    "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
    "description": "description",
    "name": "name",
    "tags": [],
    "temporary_key_ttl_nhours": "3",
    "vault_token_ttl_ndays": "720"
}

Example HTTP response

Response 201

{
    "secret_vault": {
        "access_key_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
        "access_key_type": "Temporary",
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "delete_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "vaultkey",
        "temporary_key_ttl_nhours": "36",
        "user_name": "username",
        "vault_token_expired_at": "2025-02-25 03:07:17.000",
        "vault_token_id": "aace85da-965e-d95a-b4ed-8d32b5d6079",
        "vault_token_secret_value": "6171392c-5fd9-43db-9e15-e14af0068f96",
        "vault_token_ttl_ndays": "10",
        "vaultkey_state": "Active",
        "vaultkey_type": "SCP Open API Key",
        "waiting_time_ndays": "10"
    }
}

4.1.2 - Delete Secret Vault

4.1.2.1 - 1.0

put /v1/secretvault/{secret_vault_id}/terminated

Description

Change Secret Vault state to ‘To be terminated’.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_vault_id required	Secret Vault Id Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretVaultTerminatedRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretVaultShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secretvault/{secret_vault_id}/terminated

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretvault 1.0"

Request body

{
    "waiting_time_ndays": 7
}

Example HTTP response

Response 200

{
    "secret_vault": {
        "access_key": [
            "0e3*****************************"
        ],
        "access_key_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
        "access_key_type": [
            "Temporary",
            "Permanent"
        ],
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "delete_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": [
            "vaultkey"
        ],
        "temp_key_expired_at": "2025-02-25 03:07:17.000",
        "temporary_key_ttl_nhours": [
            "36"
        ],
        "vault_token_expired_at": "2025-02-25 03:07:17.000",
        "vault_token_id": "aace85da-965e-d95a-b4ed-8d32b5d6079",
        "vault_token_secret_value": "6171392c-5fd9-43db-9e15-e14af0068f96",
        "vault_token_ttl_ndays": [
            "10"
        ],
        "vaultkey_state": "Active",
        "vaultkey_type": [
            "SCP Open API Key"
        ],
        "waiting_time_ndays": "10"
    }
}

4.1.3 - Get Temporary Key

4.1.3.1 - 1.0

get /v1/temporarykey/{secret_vault_id}

Description

Get Temporary Key.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
header	Svaccesskey required	token id issued by Secret Vault Example : `5dbd99e4-aad4-e822-9ab3-89b10cf7c9ef`	string	None
header	Svsignature required	It generates a string to sign from the request, encrypts it with the HmacSHA256 algorithm with the Access Secret Key(token secret issued by Secret Vault), and encodes it into Base64. Example : `fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=`	string	None
header	Svtimestamp required	defines the elapsed time from 00:00:00 Agreement World Time (UTC) on January 1, 1970, in milliseconds. Example : `1605290625682`	string	None
header	Svclienttype required	Client Type Example : `Openapi`	string	None
path	secret_vault_id required	Secret Vault Id Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None

Responses

HTTP Code	Description	Schema
200	OK	SecretVaultTemporaryKeyResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/temporarykey/{secret_vault_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretvault 1.0"

Example HTTP response

Response 200

{
    "access_key": "testname",
    "expired_at": "2025-02-25 03:07:17.000",
    "secret_key": "testname"
}

4.1.4 - List Secret Vaults

4.1.4.1 - 1.0

get /v1/secretvault

Description

List Secret Vaults.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Responses

HTTP Code	Description	Schema
200	OK	SecretVaultKeyListResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secretvault

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretvault 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "page": 0,
    "secret_vaults": [
        {
            "access_key_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
            "access_key_type": "Temporary",
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "delete_at": "2025-02-25 03:07:17.000",
            "description": "description",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "vaultkey",
            "temporary_key_ttl_nhours": "36",
            "user_name": "username",
            "vault_token_expired_at": "2025-02-25 03:07:17.000",
            "vault_token_id": "[AES] SZtB6RasvLypCv4soJlQO3ZmYpUPjFblz7pstjBeTQJXcz/d5KB9TUR3gMY08mga4fxWaF6IfUzTMBh6j/CAaw==",
            "vault_token_secret_value": "[AES] 91/kdnK4NDfs2HGWgNH/EYNnqD7OcM1unXWs0ZAuaFttIqgP8xMUx0dOaRfD6kOD7uuujFxF2nzx35D9Gz9nwQ==",
            "vault_token_ttl_ndays": "10",
            "vaultkey_state": "Active",
            "vaultkey_type": "SCP Open API Key",
            "waiting_time_ndays": "10"
        }
    ],
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

4.1.5 - Show Secret Vault

4.1.5.1 - 1.0

get /v1/secretvault/{secret_vault_id}

Description

Show Secret Vault.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_vault_id required	Secret Vault Id Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None

Responses

HTTP Code	Description	Schema
200	OK	SecretVaultShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secretvault/{secret_vault_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretvault 1.0"

Example HTTP response

Response 200

{
    "secret_vault": {
        "access_key": [
            "0e3*****************************"
        ],
        "access_key_id": "0e3dffc50eb247a1adf4f2e5c82c4f99",
        "access_key_type": [
            "Temporary",
            "Permanent"
        ],
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "delete_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": [
            "vaultkey"
        ],
        "temp_key_expired_at": "2025-02-25 03:07:17.000",
        "temporary_key_ttl_nhours": [
            "36"
        ],
        "vault_token_expired_at": "2025-02-25 03:07:17.000",
        "vault_token_id": "aace85da-965e-d95a-b4ed-8d32b5d6079",
        "vault_token_secret_value": "6171392c-5fd9-43db-9e15-e14af0068f96",
        "vault_token_ttl_ndays": [
            "10"
        ],
        "vaultkey_state": "Active",
        "vaultkey_type": [
            "SCP Open API Key"
        ],
        "waiting_time_ndays": "10"
    }
}

4.2 - Models

4.2.1 - SecretVaultCreateRequest

Name	Description	Schema
access_key_id required	Id of access key Example : `b754b12b39da4ce29a40c5e324650bd0`	string
acl_cidr required	Access control list in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	string
description optional	Description Example : `description`	any of [string, null]
name required	Secret Vault Id Example : `name` Pattern : `^[a-z0-9]$` Minimum length* : `3` Maximum length : `63`	string
tags optional	Tag List’	any of [array[Tag], null]
temporary_key_ttl_nhours required	Temporary key valid hours Example : `3` Minimum : `1` Maximum : `36`	integer
vault_token_ttl_ndays required	TTL of vault token Example : `720` Minimum : `30` Maximum : `7300`	integer

4.2.2 - SecretVaultCreateResponse

Name	Description	Schema	Default
secret_vault required		SecretVaultKey

4.2.3 - SecretVaultDetailKey

Name	Description	Schema
access_key optional	Access key Example : `['0e3*****************************']`	string
access_key_id required	Id of access key Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
access_key_type required	Type of access key Example : `['Temporary', 'Permanent']`	string
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
acl_cidr required	Access control list in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	string
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
delete_at required	Date of deletion Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
description required	Description of Key Example : `description`	any of [string, null]
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `['vaultkey']`	string
temp_key_expired_at required	Temporary key expired date Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
temporary_key_ttl_nhours required	Temporary key valid hours Example : `['36']`	any of [integer, null]
vault_token_expired_at required	Vault Token expired date Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
vault_token_id required	Id of vault token Example : `aace85da-965e-d95a-b4ed-8d32b5d6079`	any of [string, null]
vault_token_secret_value required	Secret of vault token Example : `6171392c-5fd9-43db-9e15-e14af0068f96`	any of [string, null]
vault_token_ttl_ndays required	TTL of vault token Example : `['10']`	any of [integer, null]
vaultkey_state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
vaultkey_type required	Type of vault key Example : `['SCP Open API Key']`	any of [string, null]
waiting_time_ndays required	Days remaining until deletion Example : `10`	any of [integer, null]

4.2.4 - SecretVaultKey

Name	Description	Schema
access_key_id required	Id of access key Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
access_key_type required	Type of access key Example : `Temporary`	string
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
acl_cidr required	Access control list in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	any of [string, null]
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
delete_at required	Date of deletion Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
description required	Description Example : `description`	any of [string, null]
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `vaultkey`	any of [string, null]
temporary_key_ttl_nhours required	Temporary key valid hours Example : `36`	any of [integer, null]
user_name required	User name Example : `username`	any of [string, null]
vault_token_expired_at required	Vault Token expired date Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
vault_token_id required	Id of vault token Example : `aace85da-965e-d95a-b4ed-8d32b5d6079`	any of [string, null]
vault_token_secret_value required	Secret of vault token Example : `6171392c-5fd9-43db-9e15-e14af0068f96`	any of [string, null]
vault_token_ttl_ndays required	TTL of vault token Example : `10`	any of [integer, null]
vaultkey_state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
vaultkey_type required	Type of vault key Example : `SCP Open API Key`	any of [string, null]
waiting_time_ndays required	Days remaining until deletion Example : `10`	any of [integer, null]

4.2.5 - SecretVaultKeyListResponse

Name	Description	Schema
count required	count Example : `20`	integer
page required	page Example : `0`	integer
secret_vaults required		array[SecretVaultListKey]
size required	size Example : `20`	integer
sort optional	sort Example : `['created_at:asc']`	any of [array[string], null]

4.2.6 - SecretVaultListKey

Name	Description	Schema
access_key_id required	Id of access key Example : `0e3dffc50eb247a1adf4f2e5c82c4f99`	string
access_key_type required	Type of access key Example : `Temporary`	string
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
acl_cidr required	Access control list in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	any of [string, null]
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
delete_at required	Date of deletion Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
description required	Description Example : `description`	any of [string, null]
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `vaultkey`	any of [string, null]
temporary_key_ttl_nhours required	Temporary key valid hours Example : `36`	any of [integer, null]
user_name required	User name Example : `username`	any of [string, null]
vault_token_expired_at required	Vault Token expired date Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
vault_token_id required	Id of vault token Example : `[AES] SZtB6RasvLypCv4soJlQO3ZmYpUPjFblz7pstjBeTQJXcz/d5KB9TUR3gMY08mga4fxWaF6IfUzTMBh6j/CAaw==`	any of [string, null]
vault_token_secret_value required	Secret of vault token Example : `[AES] 91/kdnK4NDfs2HGWgNH/EYNnqD7OcM1unXWs0ZAuaFttIqgP8xMUx0dOaRfD6kOD7uuujFxF2nzx35D9Gz9nwQ==`	any of [string, null]
vault_token_ttl_ndays required	TTL of vault token Example : `10`	any of [integer, null]
vaultkey_state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
vaultkey_type required	Type of vault key Example : `SCP Open API Key`	any of [string, null]
waiting_time_ndays required	Days remaining until deletion Example : `10`	any of [integer, null]

4.2.7 - SecretVaultShowResponse

Name	Description	Schema	Default
secret_vault required		SecretVaultDetailKey

4.2.8 - SecretVaultTemporaryKeyResponse

Name	Description	Schema
access_key optional	Access key Example : `testname`	any of [string, null]
expired_at required	Expired date Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
secret_key optional	Secret key Example : `testname`	any of [string, null]

4.2.9 - SecretVaultTerminatedRequest

Name	Description	Schema	Default
waiting_time_ndays required	Days remaining until deletion Example : `7` Minimum : `7` Maximum : `30`	integer

4.2.10 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string

5 - Secrets Manager

Overview

Provides an Application Programming Interface (API) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Secrets Manager and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	CURRENT	-

OpenAPI URL

https://secretsmanager.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

5.1 - APIs

5.1.1 - Create Secret

5.1.1.1 - 1.0

post /v1/secrets

Description

Create secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
body	body required		SecretsManagerCreateRequest

Responses

HTTP Code	Description	Schema
201	Created	SecretsManagerCreateResponse
400	Bad Request	None
403	Forbidden	None

Example HTTP request

Request path

/v1/secrets

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
    "description": "description",
    "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
    "name": "name",
    "secret_value": "{\"key1\":\"value1\",\"key2\":\"value2\"}",
    "tags": []
}

Example HTTP response

Response 201

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.2 - Delete Secret

5.1.2.1 - 1.0

delete /v1/secrets/{secret_id}

Description

Delete secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerTerminatedRequest

Responses

HTTP Code	Description	Schema
204	No Content	None
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "waiting_time_ndays": 7
}

Example HTTP response

Response 204

5.1.3 - Generate Random Password

5.1.3.1 - 1.0

post /v1/secrets/random-password

Description

Generate random password.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
body	body required		SecretsRandomPasswordRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsRandomPasswordResponse
400	Bad Request	None
403	Forbidden	None

Example HTTP request

Request path

/v1/secrets/random-password

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "exclude_characters": "abcdefg",
    "exclude_lowercase": "false",
    "exclude_numbers": "false",
    "exclude_punctuation": "false",
    "exclude_uppercase": "false",
    "include_space": "false",
    "password_length": 32,
    "require_each_included_type": "true"
}

Example HTTP response

Response 200

{
    "random_password": "random-value"
}

5.1.4 - List Secrets

5.1.4.1 - 1.0

get /v1/secrets

Description

List secrets.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	name optional	Secret Name Example : `name`	any of [string, null]	None
query	state optional	Secret State Example : `Active`	any of [array[string], null]	None

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerListResponse
400	Bad Request	None
403	Forbidden	None

Example HTTP request

Request path

/v1/secrets

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "page": 0,
    "secret": [
        {
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "deleted_at": "2025-02-25 03:07:17.000",
            "description": "description",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
            "kms_name": "kmsname",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "my-secret-name",
            "recent_searched_at": "2025-02-25 03:07:17.000",
            "state": "Active",
            "type": "General"
        }
    ],
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

5.1.5 - List Versions of Secret

5.1.5.1 - 1.0

get /v1/secrets/{secret_id}/versions

Description

List versions of secrets.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerVersionListResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/versions

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Example HTTP response

Response 200

{
    "version_list": [
        ""
    ]
}

5.1.6 - Restore Secret

5.1.6.1 - 1.0

put /v1/secrets/{secret_id}/restore

Description

Cancel process of deleting secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/restore

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.7 - Set CIDR of Secret

5.1.7.1 - 1.0

put /v1/secrets/{secret_id}/acl-cidr

Description

Edit the IP CIDR value for access control when retrieving the value of a Secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerSetCidrRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/acl-cidr

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "acl_cidr": "192.168.1.1/24, 10.0.0.1/16"
}

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.8 - Set Description of Secret

5.1.8.1 - 1.0

put /v1/secrets/{secret_id}/description

Description

Set description of secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerSetDescriptionRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/description

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "description": "description"
}

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.9 - Set KMS ID of Secret

5.1.9.1 - 1.0

put /v1/secrets/{secret_id}/kmsid

Description

Modify the KMS ID used to encrypt the secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerSetKmsRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/kmsid

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "kms_id": "3265ab469f0d406d83073da3e11e7a6c"
}

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.10 - Set Label of Version

5.1.10.1 - 1.0

put /v1/secrets/{secret_id}/label

Description

Labels are added, moved, or removed from a version. If only the move_to_version_id value is used, the label is added. If only the remove_from_version_id value is used, the label is removed. If both values are used, the label is moved from remove_from_version_id to move_to_version_id.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerUpdateLabelRequest

Responses

HTTP Code	Description	Schema
200	OK	None
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/label

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "label": "My Custom Label",
    "move_to_version_id": "3265ab469f0d406d83073da3e11e7a6c",
    "remove_from_version_id": "3265ab469f0d406d83073da3e11e7a6c"
}

Example HTTP response

Response 200

5.1.11 - Show Secret Detail

5.1.11.1 - 1.0

get /v1/secrets/{secret_id}

Description

Show secret detail.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.1.12 - Show Secret Value

5.1.12.1 - 1.0

post /v1/secrets/{secret_id}/values

Description

Show secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerShowSecretValueRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowSecretValueResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/values

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "label": "CURRENT",
    "version_id": "e7b638507d9f4feeb6032a22b7640bf7"
}

Example HTTP response

Response 200

{
    "secret_value": "{\"key1\":\"value1\",\"key2\":\"value2\"}"
}

5.1.13 - Update Secret Value

5.1.13.1 - 1.0

put /v1/secrets/{secret_id}/values

Description

Update secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Type	Name	Description	Schema	Default
path	secret_id required	Secret ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string	None
body	body required		SecretsManagerSetSecretValueRequest

Responses

HTTP Code	Description	Schema
200	OK	SecretsManagerShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/secrets/{secret_id}/values

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = secretsmanager 1.0"

Request body

{
    "secret_value": "{\"key1\":\"value1\",\"key2\":\"value2\"}"
}

Example HTTP response

Response 200

{
    "secret": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "acl_cidr": "192.168.1.1/24, 10.0.0.1/16",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "deleted_at": "2025-02-25 03:07:17.000",
        "description": "description",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "kms_id": "3265ab469f0d406d83073da3e11e7a6c",
        "kms_name": "kmsname",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "my-secret-name",
        "recent_searched_at": "2025-02-25 03:07:17.000",
        "state": "Active",
        "type": "General"
    }
}

5.2 - Models

5.2.1 - SecretsManager

Name	Description	Schema
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
acl_cidr required	Access control list of secret in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	any of [string, null]
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
deleted_at required	Date of deletion Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
description required	Description of secret Example : `description`	any of [string, null]
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
kms_id required	Resource ID created in the Key Management Service (KMS) product Example : `3265ab469f0d406d83073da3e11e7a6c`	string
kms_name required	Resource name of KMS key Example : `kmsname`	string
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `my-secret-name`	any of [string, null]
recent_searched_at required	Date of recent search Example : `2025-02-25 03:07:17.000`	any of [string (date-time), null]
state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
type required	Type of secret Example : `General`	any of [string, null]

5.2.2 - SecretsManagerCreateRequest

Name	Description	Schema
acl_cidr required	Access control list of secret in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	string
description optional	Description of secret Example : `description`	any of [string, null]
kms_id required	Resource ID created in the Key Management Service (KMS) product Example : `3265ab469f0d406d83073da3e11e7a6c`	string
name required	Secret Name Example : `name` Pattern : `^[A-Za-z0-9_-]$` Minimum length* : `3` Maximum length : `63`	string
secret_value required	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs. Example : `{"key1":"value1","key2":"value2"}`	string
tags optional	Tag List’	any of [array[Tag], null]

5.2.3 - SecretsManagerCreateResponse

Name	Description	Schema	Default
secret required		SecretsManager

5.2.4 - SecretsManagerListResponse

Name	Description	Schema
count required	count Example : `20`	integer
page required	page Example : `0`	integer
secret required		array[SecretsManager]
size required	size Example : `20`	integer
sort optional	sort Example : `['created_at:asc']`	any of [array[string], null]

5.2.5 - SecretsManagerSetCidrRequest

Name	Description	Schema	Default
acl_cidr required	Access control list of secret in CIDR Example : `192.168.1.1/24, 10.0.0.1/16`	any of [string, null]

5.2.6 - SecretsManagerSetDescriptionRequest

Name	Description	Schema	Default
description required	Description of secret Example : `description`	any of [string, null]

5.2.7 - SecretsManagerSetKmsRequest

Name	Description	Schema	Default
kms_id required	Resource ID created in the Key Management Service (KMS) product Example : `3265ab469f0d406d83073da3e11e7a6c`	string

5.2.8 - SecretsManagerSetSecretValueRequest

Name	Description	Schema	Default
secret_value required	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs. Example : `{"key1":"value1","key2":"value2"}`	string

5.2.9 - SecretsManagerShowResponse

Name	Description	Schema	Default
secret required		SecretsManager

5.2.10 - SecretsManagerShowSecretValueRequest

Name	Description	Schema	Default
label optional	Label of secret version. Not allow duplication. Example : `CURRENT` Minimum length : `1` Maximum length : `256`	string
version_id optional	Secret Version ID Example : `e7b638507d9f4feeb6032a22b7640bf7`	string

5.2.11 - SecretsManagerShowSecretValueResponse

Name	Description	Schema	Default
secret_value required	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs. Example : `{"key1":"value1","key2":"value2"}`	string

5.2.12 - SecretsManagerTerminatedRequest

Name	Description	Schema	Default
waiting_time_ndays required	Days remaining until deletion Example : `7` Minimum : `7` Maximum : `30`	integer

5.2.13 - SecretsManagerUpdateLabelRequest

Name	Description	Schema
label required	Label of secret version. Not allow duplication. Example : `My Custom Label` Minimum length : `1` Maximum length : `256`	string
move_to_version_id optional	Secret Version ID Example : `3265ab469f0d406d83073da3e11e7a6c`	any of [string, null]
remove_from_version_id optional	Secret Version ID Example : `3265ab469f0d406d83073da3e11e7a6c`	any of [string, null]

5.2.14 - SecretsManagerVersionListResponse

Name	Description	Schema	Default
version_list required		array[object]

5.2.15 - SecretsRandomPasswordRequest

Name	Description	Schema	Default
exclude_characters optional	Characters to exclude when generating password Example : `abcdefg` Maximum length : `4096`	string
exclude_lowercase optional	Option to exclude lowercase letters Example : `false`	boolean
exclude_numbers optional	Option to exclude numbers Example : `false`	boolean
exclude_punctuation optional	Option to exclude punctuation Example : `false`	boolean
exclude_uppercase optional	Option to exclude uppercase letters Example : `false`	boolean
include_space optional	Option to include spaces Example : `false`	boolean
password_length optional	Length of the password to generate Example : `32` Minimum : `5` Maximum : `1024`	integer	32
require_each_included_type optional	Require all included character types Example : `true`	boolean	True

5.2.16 - SecretsRandomPasswordResponse

Name	Description	Schema	Default
random_password required	Generate random password. Example : `random-value`	string

5.2.17 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string