Method: Export Key
Description
This endpoint exports (un-wraps) the named key and returns the plaintext of the encryption key. If version is specified, the specific version will be returned.
Note
The key must be set to allow_export to support this operation.
Note
This endpoint requires Admin permission in the affected vault.
URL Syntax
/api/{version}/transparent/export/:vaultid/:name(/:key_version)
HTTP Method
GET
Successful HTTP Response
200
Parameters
Parameter name |
Description |
Parameter type |
Type |
Default |
Mandatory |
Comment |
|---|---|---|---|---|---|---|
X-Http-Token |
StoredSafe token |
HTTP Header |
String |
1) |
Preferred method |
|
token |
StoredSafe token |
JSON-encoded |
String |
1) |
Legacy method |
|
vaultid |
Vault-ID |
URL-encoded |
String |
Yes |
||
key_version |
Key version |
URL-encoded |
Integer |
Note
1) One of the methods is required.
Response Attributes
Attribute |
Description |
Type |
|---|---|---|
CALLINFO.errorcodes |
Number of errors |
Integer |
CALLINFO.errors |
Number of errors |
Integer |
CALLINFO.general |
Information |
Array |
CALLINFO.handler |
Handler used |
String |
CALLINFO.status |
SUCCESS or FAIL |
String |
CALLINFO.token |
Rotated StoredSafe token 1) |
String |
KEYS |
Keys |
Array |
KEYS.name |
Key name |
String |
KEYS.key_version |
Key version |
String |
KEYS.type |
Key type |
String |
DATA |
Supplied data in prior API-call |
String |
HEADERS.(headers) |
HTTP Headers |
String |
PARAMS |
Route parameters (empty) |
Array |
ERRORCODES |
Error code and text 2) |
Object |
ERRORS |
Error code and text 2) |
Array |
Note
Examples
Export the named key my-new-key from the vault (vault-id) 179.
Request
GET /api/1.0/transparent/export/179/my-new-key
x-http-token: your_storedsafe_token
Response
HTTP/2 201
Content-type: application/json; charset=UTF-8
{
"CALLINFO": {
"errorcodes": 0,
"errors": 0,
"general": [],
"handler": "EncryptionHandler",
"status": "SUCCESS",
"token": "rotated_storedsafe_token"
},
"KEYS": {
{
"name": "my-new-key",
"keys": {
"1": "63vYMld6YLxGXkkH5VJKD4yPQkXuBPcvIvVaFs4pIvU=",
"2": "f/jKeqC8qNLMMyMXJEpxkx6rVpGBAbgW/1Njpzud55o="
}
},
},
"DATA": {
"name": "my-new-key",
"token": "your_storedsafe_token",
},
"HEADERS": {
"Accept": "*/*",
"Content-Length": "169",
"Content-Type": "application/json",
"Host": "safe.domain.cc",
"User-Agent": "curl/7.64.1",
"X-Http-Token": "your_storedsafe_token"
},
"PARAMS": []
}