This guide provides a brief description of Key Management Service(KMS) and how to call API. The API is provided as a RESTful API, and it responds in JSON format.

Version

Version	Status	Supported Until
1.0	DEPRECATED	20251231
1.1	CURRENT	-

OpenAPI URL

https://kms.{region}.{environment}.samsungsdscloud.com

Environment and Region List

environment	region
s	kr-west1
s	kr-east1
g	kr-south1
g	kr-south2
g	kr-south3
e	kr-west1
e	kr-east1

1 - APIs

1.1 - Change Rotate Info

1.1.1 - 1.1

put /v1/kms/transit/{key_id}/rotate-info

Description

Change rotate info.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyRotateInfoRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate-info

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "auto_rotate": "Y",
    "rotate_cycle": 7
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.1.2 - 1.0

put /v1/kms/transit/{key_id}/rotate-info

Description

Change rotate info.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyRotateInfoRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate-info

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "auto_rotate": "Y",
    "rotate_cycle": 7
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.2 - Change State Of Key

1.2.1 - 1.1

put /v1/kms/transit/{key_id}/state

Description

Change state of key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyStateRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/state

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "state": "Active"
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.2.2 - 1.0

put /v1/kms/transit/{key_id}/state

Description

Change state of key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyStateRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/state

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "state": "Active"
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.3 - Check Duplicate Name

1.3.1 - 1.1

get /v1/kms/transit/duplicate

Description

Check duplication of key name.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	name required	Name of key Example : `testkey`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyNameDuplicateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/duplicate?name={name}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "isDuplicateName": true
}

1.3.2 - 1.0

get /v1/kms/transit/duplicate

Description

Check duplication of key name.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
query	name required	Name of key Example : `testkey`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyNameDuplicateResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/duplicate?name={name}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "isDuplicateName": true
}

1.4 - Create Datakey

1.4.1 - 1.1

post /v1/kms/openapi/datakey/{key_id}

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DatakeyRequest

Responses

HTTP Code	Description	Schema
200	OK	DatakeyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/datakey/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "key_type": "plaintext"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1,
    "plaintext": "oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA="
}

1.4.2 - 1.0

post /v1/kms/openapi/datakey/{key_id}

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DatakeyRequest

Responses

HTTP Code	Description	Schema
200	OK	DatakeyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/datakey/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "key_type": "plaintext"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1,
    "plaintext": "oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA="
}

1.5 - Create Key

1.5.1 - 1.1

post /v1/kms/transit

Description

Create key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
body	body required		KeyCreateMasterKeyRequest

Responses

HTTP Code	Description	Schema
201	Created	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "auto_rotate": "Y",
    "description": "description1",
    "key_type": "advanced",
    "name": "testkey",
    "purpose": "rsa-2048",
    "rotate_cycle": 7,
    "tags": []
}

Example HTTP response

Response 201

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.5.2 - 1.0

post /v1/kms/transit

Description

Create key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
body	body required		KeyCreateMasterKeyRequest

Responses

HTTP Code	Description	Schema
201	Created	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "auto_rotate": "Y",
    "description": "description1",
    "key_type": "advanced",
    "name": "testkey",
    "purpose": "rsa-2048",
    "rotate_cycle": 7,
    "tags": []
}

Example HTTP response

Response 201

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.6 - Decrypt Data

1.6.1 - 1.1

post /v1/kms/openapi/decrypt/{key_id}

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DecryptRequest

Responses

HTTP Code	Description	Schema
200	OK	DecryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/decrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

1.6.2 - 1.0

post /v1/kms/openapi/decrypt/{key_id}

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		DecryptRequest

Responses

HTTP Code	Description	Schema
200	OK	DecryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/decrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

1.7 - Delete Key

1.7.1 - 1.1

delete /v1/kms/transit/{key_id}

Description

Delete a key now or later.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
query	is_directly optional	Delete immediately Example : `True`	boolean	False

Responses

HTTP Code	Description	Schema
204	No Content	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 204

1.7.2 - 1.0

delete /v1/kms/transit/{key_id}

Description

Delete a key now or later.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
query	is_directly optional	Delete immediately Example : `True`	boolean	False

Responses

HTTP Code	Description	Schema
204	No Content	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 204

1.8 - Encrypt Data

1.8.1 - 1.1

post /v1/kms/openapi/encrypt/{key_id}

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		EncryptRequest

Responses

HTTP Code	Description	Schema
200	OK	EncryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/encrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

1.8.2 - 1.0

post /v1/kms/openapi/encrypt/{key_id}

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		EncryptRequest

Responses

HTTP Code	Description	Schema
200	OK	EncryptResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/encrypt/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

1.9 - List Keys

1.9.1 - 1.1

get /v1/kms/transit

Description

List keys.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	name optional	Name of key Example : `testkey`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	KeyPageResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "count": 20,
    "keys": [
        {
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "auto_rotate": "Y",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "current_version": 7,
            "delete_at": "20251008",
            "delete_target_yn": "Y",
            "description": "description1",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "key_type": "advanced",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "testkey",
            "next_rotate_at": "20241008",
            "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "purpose": "rsa-2048",
            "region": "kr-west1",
            "rotate_cycle": 7,
            "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "state": "Active",
            "use_count": 1004
        }
    ],
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

1.9.2 - 1.0

get /v1/kms/transit

Description

List keys.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
query	size optional	size Example : `20`	any of [integer, null]	20
query	page optional	page Example : `0`	any of [integer, null]	0
query	sort optional	sort Example : `created_at:desc`	any of [string, null]	None
query	name optional	Name of key Example : `testkey`	any of [string, null]	None

Responses

HTTP Code	Description	Schema
200	OK	KeyPageResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "count": 20,
    "keys": [
        {
            "account_id": "3265ab469f0d406d83073da3e11e7a6c",
            "auto_rotate": "Y",
            "created_at": "2024-05-17T00:23:17Z",
            "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "current_version": 7,
            "delete_at": "20251008",
            "delete_target_yn": "Y",
            "description": "description1",
            "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
            "key_type": "advanced",
            "modified_at": "2024-05-17T00:23:17Z",
            "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
            "name": "testkey",
            "next_rotate_at": "20241008",
            "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "purpose": "rsa-2048",
            "region": "kr-west1",
            "rotate_cycle": 7,
            "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
            "state": "Active",
            "use_count": 1004
        }
    ],
    "page": 0,
    "size": 20,
    "sort": [
        "created_at:asc"
    ]
}

1.10 - List Users

1.10.1 - 1.1

get /v1/kms/transit/{key_id}/users

Description

Get List of users who use key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyUserResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/users

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "user": [
        {
            "user_id": "138c2fc8c29a449dbfa8681f8f1d78e2",
            "user_name": "kimsamsung"
        }
    ]
}

1.10.2 - 1.0

get /v1/kms/transit/{key_id}/users

Description

Get List of users who use key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyUserResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/users

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "user": [
        {
            "user_id": "138c2fc8c29a449dbfa8681f8f1d78e2",
            "user_name": "kimsamsung"
        }
    ]
}

1.11 - Make hmac

1.11.1 - 1.1

post /v1/kms/openapi/hmac/{key_id}

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "hmac": "vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ="
}

1.11.2 - 1.0

post /v1/kms/openapi/hmac/{key_id}

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "hmac": "vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ="
}

1.12 - Rewrap Data

1.12.1 - 1.1

post /v1/kms/openapi/rewrap/{key_id}

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		RewrapRequest

Responses

HTTP Code	Description	Schema
200	OK	RewrapResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/rewrap/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

1.12.2 - 1.0

post /v1/kms/openapi/rewrap/{key_id}

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		RewrapRequest

Responses

HTTP Code	Description	Schema
200	OK	RewrapResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/rewrap/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK"
}

Example HTTP response

Response 200

{
    "ciphertext": "vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK",
    "key_version": 1
}

1.13 - Rotate Key

1.13.1 - 1.1

post /v1/kms/transit/{key_id}/rotate

Description

Rotate key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.13.2 - 1.0

post /v1/kms/transit/{key_id}/rotate

Description

Rotate key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/rotate

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.14 - Show Key

1.14.1 - 1.1

get /v1/kms/transit/{key_id}

Description

Show key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.14.2 - 1.0

get /v1/kms/transit/{key_id}

Description

Show key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.15 - Sign Data

1.15.1 - 1.1

post /v1/kms/openapi/sign/{key_id}

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		SignRequest

Responses

HTTP Code	Description	Schema
200	OK	SignResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/sign/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "key_version": 1,
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

1.15.2 - 1.0

post /v1/kms/openapi/sign/{key_id}

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		SignRequest

Responses

HTTP Code	Description	Schema
200	OK	SignResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/sign/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "key_version": 1,
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

1.16 - Update Description

1.16.1 - 1.1

put /v1/kms/transit/{key_id}/description

Description

Update description.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyDescriptionRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/description

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "description": ""
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.16.2 - 1.0

put /v1/kms/transit/{key_id}/description

Description

Update description.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		KeyDescriptionRequest

Responses

HTTP Code	Description	Schema
200	OK	KeyShowResponse
400	Bad Request	None
403	Forbidden	None
404	Not Found	None

Example HTTP request

Request path

/v1/kms/transit/{key_id}/description

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "description": ""
}

Example HTTP response

Response 200

{
    "key": {
        "account_id": "3265ab469f0d406d83073da3e11e7a6c",
        "auto_rotate": "Y",
        "created_at": "2024-05-17T00:23:17Z",
        "created_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "current_version": 7,
        "delete_at": "20251008",
        "delete_target_yn": "Y",
        "description": "description1",
        "id": "0fdd87aab8cb46f59b7c1f81ed03fb3e",
        "key_type": "advanced",
        "modified_at": "2024-05-17T00:23:17Z",
        "modified_by": "90dddfc2b1e04edba54ba2b41539a9ac",
        "name": "testkey",
        "next_rotate_at": "20241008",
        "order_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "purpose": "rsa-2048",
        "region": "kr-west1",
        "rotate_cycle": 7,
        "secret_ref": "0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01",
        "state": "Active",
        "use_count": 1004
    }
}

1.17 - Verify Data

1.17.1 - 1.1

post /v1/kms/openapi/verify/{key_id}

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		VerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	VerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "input": "dGVzdCBpbnB1dA==",
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

Example HTTP response

Response 200

{
    "valid": true
}

1.17.2 - 1.0

post /v1/kms/openapi/verify/{key_id}

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		VerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	VerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "input": "dGVzdCBpbnB1dA==",
    "signature": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg="
}

Example HTTP response

Response 200

{
    "valid": true
}

1.18 - Verify hmac with input

1.18.1 - 1.1

post /v1/kms/openapi/hmac/verify/{key_id}

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacVerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacVerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.1"

Request body

{
    "hmac": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=",
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "valid": true
}

1.18.2 - 1.0

post /v1/kms/openapi/hmac/verify/{key_id}

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Type	Name	Description	Schema	Default
path	key_id required	Resource id of KMS key Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string	None
body	body required		HmacVerifyRequest

Responses

HTTP Code	Description	Schema
200	OK	HmacVerifyResponse
400	Bad Request	None
401	Unauthorized	None
403	Forbidden	None

Example HTTP request

Request path

/v1/kms/openapi/hmac/verify/{key_id}

Request header

"Scp-Accesskey = 2sd2gg=2agbdSD26svcD",
"Scp-Signature = fsfsdf235f9U35sdgf35Xsf/qgsdgsdg326=sfsdr23rsef=",
"Scp-Timestamp = 1605290625682",
"Scp-ClientType = Openapi",
"Accept-Language = en-US",
"Scp-Api-Version = kms 1.0"

Request body

{
    "hmac": "vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=",
    "input": "dGVzdCBpbnB1dA=="
}

Example HTTP response

Response 200

{
    "valid": true
}

2 - Models

2.1 - DatakeyRequest

Name	Description	Schema	Default
key_type required	Key type( plaintext or wrapped ) Example : `plaintext`	string

2.2 - DatakeyResponse

Name	Description	Schema
ciphertext required	Encrypted data key Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer
plaintext required	Data key(base64 encoded) Example : `oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA=`	any of [string, null]

2.3 - DecryptRequest

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string

2.4 - DecryptResponse

Name	Description	Schema	Default
plaintext required	Decrypted data(base64 encoded) Example : `dGhlIHF1aWNrIGJyb3duIGZveAo=`	string

2.5 - EncryptRequest

Name	Description	Schema	Default
plaintext required	Data(base64 encoded) to encrypt Example : `dGhlIHF1aWNrIGJyb3duIGZveAo=`	string

2.6 - EncryptResponse

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer

2.7 - HmacRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string

2.8 - HmacResponse

Name	Description	Schema	Default
hmac required	HMAC data Example : `vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ=`	string

2.9 - HmacVerifyRequest

Name	Description	Schema	Default
hmac required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string

2.10 - HmacVerifyResponse

Name	Description	Schema	Default
valid required	Verify result Example : `True`	boolean

2.11 - Key

Name	Description	Schema
account_id required	Account ID Example : `3265ab469f0d406d83073da3e11e7a6c`	string
auto_rotate required	Auto rotate Y or N Example : `Y`	string
created_at required	Created At Example : `2024-05-17T00:23:17Z`	string (date-time)
created_by required	Created By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
current_version required	Current version of KMS key Example : `7`	integer
delete_at required	Date of deletion Example : `20251008`	any of [string (date-time), null]
delete_target_yn required	DeleteTargetYn of Key Example : `Y`	any of [string, null]
description required	Description of Key Example : `description1` Maximum length : `100`	string
id required	ID Example : `0fdd87aab8cb46f59b7c1f81ed03fb3e`	string
key_type required	basic or advanced Example : `advanced`	any of [string, null]
modified_at required	Modified At Example : `2024-05-17T00:23:17Z`	string (date-time)
modified_by required	Modified By Example : `90dddfc2b1e04edba54ba2b41539a9ac`	string
name required	Name of key Example : `testkey` Pattern : `^[a-z0-9]$` Minimum length* : `3` Maximum length : `63`	string
next_rotate_at required	Date of next rotate Example : `20241008`	any of [string (date-time), null]
order_ref required	Reference of order Example : `0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01`	any of [string, null]
purpose required	Purpose of key Example : `rsa-2048`	string
region required	Name of region Example : `kr-west1`	string
rotate_cycle required	Rotation cycle Example : `7`	integer
secret_ref required	Reference of secret Example : `0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01`	any of [string, null]
state required	State of key(Creating, Active, Error, Stop, To_Be_Terminated) Example : `Active`	any of [string, null]
use_count required	Use count of KMS key Example : `1004`	integer

2.12 - KeyCreateMasterKeyRequest

Name	Description	Schema	Default
auto_rotate required	Auto rotate Y or N Example : `Y`	string
description required	Description of Key Example : `description1` Maximum length : `100`	string
key_type optional	basic or advanced Example : `advanced`	enum (basic, advanced)	advanced
name required	Name of key Example : `testkey` Pattern : `^[a-z0-9]$` Minimum length* : `3` Maximum length : `63`	string
purpose required	Purpose of key Example : `rsa-2048`	string
rotate_cycle required	Rotation cycle Example : `7`	integer
tags optional	Tag List’	array[Tag]

2.13 - KeyDescriptionRequest

Name	Description	Schema	Default
description required	Description of Key Example : Maximum length : `100`	string

2.14 - KeyNameDuplicateResponse

Name	Description	Schema	Default
isDuplicateName optional	Example : `True`	boolean	Duplicate check result

2.15 - KeyPageResponse

Name	Description	Schema
count required	count Example : `20`	integer
keys required		array[Key]
page required	page Example : `0`	integer
size required	size Example : `20`	integer
sort optional	sort Example : `['created_at:asc']`	any of [array[string], null]

2.16 - KeyRotateInfoRequest

Name	Description	Schema	Default
auto_rotate required	Auto rotate Y or N Example : `Y` Pattern : `^[YN]$`	string
rotate_cycle required	Rotation cycle Example : `7`	any of [integer, null]

2.17 - KeyShowResponse

Name	Description	Schema	Default
key required		Key

2.18 - KeyStateRequest

Name	Description	Schema	Default
state required	State of key(Active, Stop) Example : `Active` Pattern : `^(Active\|Stop)$`	string

2.19 - KeyUserResponse

Name	Description	Schema	Default
user required		array[User]

2.20 - RewrapRequest

Name	Description	Schema	Default
ciphertext required	Encrypted data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string

2.21 - RewrapResponse

Name	Description	Schema	Default
ciphertext required	Rewrapped data by KMS Example : `vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`	string
key_version required	Version of KMS key Example : `1`	integer

2.22 - SignRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for Signature Example : `dGVzdCBpbnB1dA==`	string

2.23 - SignResponse

Name	Description	Schema	Default
key_version required	Version of KMS key Example : `1`	integer
signature required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string

2.24 - Tag

Name	Description	Schema	Default
key required	tag key Example :	string
value required	tag value Example :	string

2.25 - User

Name	Description	Schema	Default
user_id required	User ID Example : `138c2fc8c29a449dbfa8681f8f1d78e2`	string
user_name required	User Name Example : `kimsamsung`	string

2.26 - VerifyRequest

Name	Description	Schema	Default
input required	Data(base64 encoded) for verification Example : `dGVzdCBpbnB1dA==`	string
signature required	Signature data Example : `vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`	string

2.27 - VerifyResponse

Name	Description	Schema	Default
valid required	Verify result Example : `True`	boolean