REST API for Oracle Identity Cloud Service

Retrieve Encryption Keys in JWK Format

get

/admin/v1/EncryptionKeys

Request

Query Parameters

dataformat(optional): string

Data format version on which the returned keys are based--for example, 1.0.

Response

Supported Media Types

application/json

200 Response

Encryption keys in JWK format.

Root Schema : EncryptionKey

Type: object

Retrieve the existing encryption keys used by Cloud Gate to encrypt cookies in JSON Web Key format (JWK).

Show Source

dataformat: string

This field contains version information.
id: string

Unique identifier for the NON-SCIM resource as defined by the Service Provider.
keys: array keys

This field contains a list of encryption keys.


{
    "description":"Retrieve the existing encryption keys used by Cloud Gate to encrypt cookies in JSON Web Key format (JWK).",
    "type":"object",
    "properties":{
        "dataformat":{
            "type":"string",
            "description":"This field contains version information."
        },
        "keys":{
            "type":"array",
            "items":{
                "$ref":"#/definitions/encKeys"
            },
            "description":"This field contains a list of encryption keys."
        },
        "id":{
            "type":"string",
            "description":"Unique identifier for the NON-SCIM resource as defined by the Service Provider."
        }
    },
    "required":[
        "dataformat",
        "keys",
        "id"
    ]
}

Nested Schema : keys

Type: array

This field contains a list of encryption keys.

Show Source

Array of: object encKeys

A complex attribute representing keys


{
    "type":"array",
    "items":{
        "$ref":"#/definitions/encKeys"
    },
    "description":"This field contains a list of encryption keys."
}

Nested Schema : encKeys

Type: object

A complex attribute representing keys

Show Source

enc: string

Encryption Algorithm.
exp(optional): integer

Expiration time in unix epoch format.
k: string

Actual Key Value in binary format.
kid: string

Unique Key Identifier.
kty: string

Key Type Parameter Value.


{
    "description":"A complex attribute representing keys",
    "type":"object",
    "properties":{
        "kty":{
            "type":"string",
            "description":"Key Type Parameter Value."
        },
        "kid":{
            "type":"string",
            "description":"Unique Key Identifier."
        },
        "k":{
            "type":"string",
            "description":"Actual Key Value in binary format."
        },
        "enc":{
            "type":"string",
            "description":"Encryption Algorithm."
        },
        "exp":{
            "type":"integer",
            "description":"Expiration time in unix epoch format."
        }
    },
    "required":[
        "kty",
        "kid",
        "k",
        "enc"
    ]
}

Examples

The following example shows how to retrieve the existing encryption keys in JSON Web Token format (JWT) by submitting a GET request on the REST resource using cURL. For more information about cURL, see Use cURL.

cURL Command

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use.

curl
-X GET
-H "Content-Type:application/json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/admin/v1/EncryptionKeys

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
  "dataformat": "1.0",
  "keys": [
    {
      "kty": "oct",
      "kid": "next",
      "k": "AgADUkFXAANBRVMAAAAQHllTkVziRTSoQsYw4d123QA",
      "enc": "AES_128_CBC_HMAC_SHA_256"
    },
    {
      "kty": "oct",
      "kid": "current",
      "k": "AgADUkFXAANBRVMAAAAQQG0eUF0DZ2WlmyYU1wBM5wA",
      "enc": "AES_128_CBC_HMAC_SHA_256",
      "exp": 1447125204
    },
    {
      "kty": "oct",
      "kid": "previous",
      "k": "AgADUkFXAANBRVMAAAAQOhcEUNxrKYCV8L5dYbO0iwA",
      "enc": "AES_128_CBC_HMAC_SHA_256"
    }
  ],
  "id": "[anonymous]"
}

Oracle Account

Oracle Account

Sign in to Cloud

REST API for Oracle Identity Cloud Service

Retrieve Encryption Keys in JWK Format

Request

Response

200 Response

Examples