.. _list_keys: Method: List Keys ----------------- Description ~~~~~~~~~~~ This endpoint returns a list of all keys in a specified vault. .. note:: Only meta-data regarding the named keys are returned (not the actual keys). .. note:: This endpoint requires at least :ref:`Read` permission in the affected vault. URL Syntax ~~~~~~~~~~ /api/{version}/transparent/:vaultid/keys HTTP Method ~~~~~~~~~~~ LIST Successful HTTP Response ~~~~~~~~~~~~~~~~~~~~~~~~ 200 Parameters ~~~~~~~~~~ +----------------+------------------+----------------+--------+---------+-----------+------------------+ | Parameter name | Description | Parameter type | Type | Default | Mandatory | Comment | +================+==================+================+========+=========+===========+==================+ | X-Http-Token | StoredSafe token | HTTP Header | String | | :sup:`1)` | Preferred method | +----------------+------------------+----------------+--------+---------+-----------+------------------+ | token | StoredSafe token | JSON-encoded | String | | :sup:`1)` | Legacy method | +----------------+------------------+----------------+--------+---------+-----------+------------------+ | vaultid | Vault-ID | URL-encoded | String | | Yes | | +----------------+------------------+----------------+--------+---------+-----------+------------------+ .. note:: :sup:`1)` One of the methods is required. Response Attributes ~~~~~~~~~~~~~~~~~~~ +-----------------------+------------------------------------+---------+ | Attribute | Description | Type | +=======================+====================================+=========+ | CALLINFO.errorcodes | Number of errors | Integer | +-----------------------+------------------------------------+---------+ | CALLINFO.errors | Number of errors | Integer | +-----------------------+------------------------------------+---------+ | CALLINFO.general | Information | Array | +-----------------------+------------------------------------+---------+ | CALLINFO.handler | Handler used | String | +-----------------------+------------------------------------+---------+ | CALLINFO.status | SUCCESS or FAIL | String | +-----------------------+------------------------------------+---------+ | CALLINFO.token | Rotated StoredSafe token :sup:`1)` | String | +-----------------------+------------------------------------+---------+ | CALLINFO.version | Key version | String | +-----------------------+------------------------------------+---------+ | CALLINFO.objectid | Object-ID | String | +-----------------------+------------------------------------+---------+ | KEYS | Keys | Array | +-----------------------+------------------------------------+---------+ | KEYS.name | Key name | String | +-----------------------+------------------------------------+---------+ | KEYS.key_version | Key version | String | +-----------------------+------------------------------------+---------+ | KEYS.type | Key type | String | +-----------------------+------------------------------------+---------+ | KEYS.allow_backup | Key can be backed up | String | +-----------------------+------------------------------------+---------+ | KEYS.allow_export | Key can be exported | String | +-----------------------+------------------------------------+---------+ | KEYS.allow_delete | Key can be deleted | String | +-----------------------+------------------------------------+---------+ | KEYS.supports_signing | Key supports signing | String | +-----------------------+------------------------------------+---------+ | KEYS.info | Key information | String | +-----------------------+------------------------------------+---------+ | DATA | Supplied data in prior API-call | String | +-----------------------+------------------------------------+---------+ | HEADERS.(headers) | HTTP Headers | String | +-----------------------+------------------------------------+---------+ | PARAMS | Route parameters (empty) | Array | +-----------------------+------------------------------------+---------+ | ERRORCODES | Error code and text :sup:`2)` | Object | +-----------------------+------------------------------------+---------+ | ERRORS | Error code and text :sup:`2)` | Array | +-----------------------+------------------------------------+---------+ .. note:: | :sup:`1)` Token to be used in subsequent calls | :sup:`2`) Only present if errors Examples ~~~~~~~~ List meta-data on all keys used for transparent encryption in the vault (vault-id) 179. **Request** :: LIST /api/1.0/transparent/179/keys x-http-token: your_storedsafe_token **Response** :: HTTP/2 201 Content-type: application/json; charset=UTF-8 { "CALLINFO": { "errorcodes": 0, "errors": 0, "general": [], "handler": "EncryptionHandler", "status": "SUCCESS", "token": "rotated_storedsafe_token" }, "KEYS": [ { "name": "my-new-key", "type": "aes256-gcm96", "key_version": "1" "allow_backup": "false", "allow_export": "false", "allow_delete": "false", "supports_signing": "false", "info": "My new key", "objectid": "8743" }, { "name": "my-new-key", "key_version": "2" "allow_backup": "false", "allow_export": "false", "allow_delete": "false", "supports_signing": "false", "info": "My new key", "objectid": "8745" }, { "name": "my-old-key", "key_version": "1" "allow_backup": "true", "allow_export": "true", "allow_delete": "false", "supports_signing": "false", "info": "Another key", "objectid": "8756" }, ], "DATA": { "name": "my-new-key", "vaultid": "179", "token": "your_storedsafe_token", }, "HEADERS": { "Accept": "*/*", "Content-Length": "169", "Content-Type": "application/json", "Host": "safe.domain.cc", "User-Agent": "curl/7.64.1", "X-Http-Token": "your_storedsafe_token" }, "PARAMS": [] }