Method: Decrypt Data
Description
This endpoint decrypts the provided ciphertext using the named key in the specified vault.
Note
This endpoint requires at least Read permission in the affected vault.
URL Syntax
/api/{version}/transparent/:vaultid/decrypt/:name
HTTP Method
POST
Successful HTTP Response
200
Parameters
Parameter name |
Description |
Parameter type |
Type |
Default |
Mandatory |
Comment |
|---|---|---|---|---|---|---|
X-Http-Token |
StoredSafe token |
HTTP Header |
String |
1) |
Preferred method |
|
token |
StoredSafe token |
JSON-encoded |
String |
1) |
Legacy method |
|
vaultid |
Vault-ID |
URL-encoded |
String |
Yes |
||
name |
Key name |
URL-encoded |
String |
Yes |
||
ciphertext |
Ciphertext |
JSON-encoded |
String |
Yes |
Base64 encoded |
Note
1) One of the methods is required.
Response Attributes
Attribute |
Description |
Type |
|---|---|---|
CALLINFO.errorcodes |
Number of errors |
Integer |
CALLINFO.errors |
Number of errors |
Integer |
CALLINFO.general |
Information |
Array |
CALLINFO.handler |
Handler used |
String |
CALLINFO.status |
SUCCESS or FAIL |
String |
CALLINFO.token |
Rotated StoredSafe token 1) |
String |
CALLINFO.key_version |
Key version |
String |
CALLINFO.plaintext |
Plaintext (Base64 encoded) |
String |
DATA |
Supplied data in prior API-call |
String |
HEADERS.(headers) |
HTTP Headers |
String |
PARAMS |
Route parameters (empty) |
Array |
ERRORCODES |
Error code and text 2) |
Object |
ERRORS |
Error code and text 2) |
Array |
Note
Examples
Decrypt the supplied ciphertext with the named decryption key in vault (vaultid) 179.
Request
POST /api/1.0/transparent/179/decrypt/my-new-key
x-http-token: your_storedsafe_token
{
"ciphertext": "storedsafe:v1:fCC+8a3plkkEaveSGaC23i9grdhAioNXgXtQW09Dkes=",
}
Response
HTTP/2 201
Content-type: application/json; charset=UTF-8
{
"CALLINFO": {
"errorcodes": 0,
"errors": 0,
"general": [],
"handler": "EncryptionHandler",
"status": "SUCCESS",
"token": "rotated_storedsafe_token",
"name": "my-new-key",
"objectid": "8743",
"plaintext": "c2Vuc2l0aXZlIGluZm9ybWF0aW9uCg==",
key_"version": "1"
},
"DATA": {
"name": "my-new-key",
"vaultid": "179",
"ciphertext": "storedsafe:v1:fCC+8a3plkkEaveSGaC23i9grdhAioNXgXtQW09Dkes=",
"token": "your_storedsafe_token"
},
"HEADERS": {
"Accept": "*/*",
"Content-Length": "169",
"Content-Type": "application/json",
"Host": "safe.domain.cc",
"User-Agent": "curl/7.64.1",
"X-Http-Token": "your_storedsafe_token"
},
"PARAMS": []
}
$ base64 -d <<< "c2Vuc2l0aXZlIGluZm9ybWF0aW9uCg=="
sensitive information