{"type":"doc","content":[{"type":"paragraph","content":[{"text":"Use the Security Microservices to manage privileges (authorization) of users on CDAP entities as well as manage secure storage.","type":"text"}]},{"type":"paragraph","content":[{"text":"The Security Microservices is divided into:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Authorization","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Secure Storage","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"All methods or endpoints described in this API have a base URL (typically ","type":"text"},{"text":"http://:11015","type":"text","marks":[{"type":"code"}]},{"text":" or ","type":"text"},{"text":"https://:10443","type":"text","marks":[{"type":"code"}]},{"text":") that precedes the resource identifier, as described in the ","type":"text"},{"text":"Microservices Conventions","type":"text","marks":[{"type":"link","attrs":{"href":"https://cdap.atlassian.net/wiki/spaces/DOCS/pages/477692124/API+Introduction"}}]},{"text":". These methods return a status code, as listed in the Microservices Status Codes.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Authorization","type":"text"}]},{"type":"paragraph","content":[{"text":"Use the CDAP Authorization Microservices to grant, revoke, and list privileges on CDAP entities. Details about authorization in CDAP can be found at ","type":"text"},{"text":"Authorization","type":"text","marks":[{"type":"link","attrs":{"href":"https://cdap.atlassian.net/wiki/spaces/DOCS/pages/480478007/Authorization"}}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"In this API, a JSON-formatted body is used that contains the principal, the CDAP authorizable, and the privileges to be granted:","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"authorizable\": {\n \"entityType\": \"DATASET\",\n \"entityParts\": {\"NAMESPACE\": \"default\", \"DATASET\": \"dataset\"}\n },\n \"principal\": {\n \"name\": \"admin\",\n \"type\": \"ROLE\"\n },\n \"actions\": [\"READ\", \"WRITE\", \"ADMIN\"]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"In the above JSON body, the ","type":"text"},{"text":"authorizable","type":"text","marks":[{"type":"code"}]},{"text":" object is the JSON-serialized form of the CDAP ","type":"text"},{"text":"Authorizable","type":"text","marks":[{"type":"link","attrs":{"href":"https://github.com/cdapio/cdap/blob/develop/cdap-proto/src/main/java/io/cdap/cdap/proto/id/Authorizable.java"}}]},{"text":" class. For example, for datasets, its entity type is DATASET and it can be constructed by the namespace and dataset name. More information can be found at the ","type":"text"},{"text":"DatasetId","type":"text","marks":[{"type":"link","attrs":{"href":"https://github.com/cdapio/cdap/blob/develop/cdap-proto/src/main/java/io/cdap/cdap/proto/id/Authorizable.java"}}]},{"text":" class. In entity parts, the name of the entity can be represented using wildcard by including ","type":"text"},{"text":"*","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"?","type":"text","marks":[{"type":"code"}]},{"text":" in the name. For example, ","type":"text"},{"text":"ns*","type":"text","marks":[{"type":"code"}]},{"text":" represents all namespaces that start with ","type":"text"},{"text":"ns","type":"text","marks":[{"type":"code"}]},{"text":". ","type":"text"},{"text":"ns?","type":"text","marks":[{"type":"code"}]},{"text":" represents all namespaces that start with ","type":"text"},{"text":"ns","type":"text","marks":[{"type":"code"}]},{"text":" and followed by a single character.","type":"text"}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"principal","type":"text","marks":[{"type":"code"}]},{"text":" object refers to the principal that you want to grant the privileges to. Principals have a ","type":"text"},{"text":"name","type":"text","marks":[{"type":"code"}]},{"text":" and a ","type":"text"},{"text":"type","type":"text","marks":[{"type":"code"}]},{"text":". The supported types are ","type":"text"},{"text":"USER","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"GROUP","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"ROLE","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"Note:","type":"text","marks":[{"type":"strong"}]},{"text":" The REST endpoints have only been created for supporting Apache Sentry.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"actions","type":"text","marks":[{"type":"code"}]},{"text":" list contains the actions you want to grant the ","type":"text"},{"text":"principal","type":"text","marks":[{"type":"code"}]},{"text":" on the ","type":"text"},{"text":"entity","type":"text","marks":[{"type":"code"}]},{"text":". The supported actions are ","type":"text"},{"text":"READ","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"WRITE","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"ADMIN","type":"text","marks":[{"type":"code"}]},{"text":", and ","type":"text"},{"text":"EXECUTE","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Grant Privileges","type":"text"}]},{"type":"paragraph","content":[{"text":"You can grant privileges to a principal on a CDAP Entity by making an HTTP POST request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"POST /v3/security/authorization/privileges/grant","type":"text"}]},{"type":"paragraph","content":[{"text":"with JSON-formatted body that contains the principal, the CDAP entity, and the actions to be granted, such as:","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"authorizable\": {\n \"entityType\": \"DATASET\",\n \"entityParts\": {\"NAMESPACE\": \"default\", \"DATASET\": \"dataset\"}\n },\n \"principal\": {\n \"name\": \"admin\",\n \"type\": \"ROLE\"\n },\n \"actions\": [\"READ\", \"WRITE\", \"ADMIN\"]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"Granting privileges is only supported for ","type":"text"},{"text":"ROLE","type":"text","marks":[{"type":"code"}]},{"text":" type.","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[272.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[272.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"paragraph","content":[{"text":"Privileges were successfully granted for the specified principal.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Revoke Privileges","type":"text"}]},{"type":"paragraph","content":[{"text":"You can revoke privileges for a principal on a CDAP Entity by making an HTTP POST request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"POST /v3/security/authorization/privileges/revoke","type":"text"}]},{"type":"paragraph","content":[{"text":"with JSON-formatted body that contains the principal, the CDAP entity and the actions to be revoked:","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"authorizable\": {\n \"entityType\": \"DATASET\",\n \"entityParts\": {\"NAMESPACE\": \"default\", \"DATASET\": \"dataset\"}\n },\n \"principal\": {\n \"name\": \"admin\",\n \"type\": \"ROLE\"\n },\n \"actions\": [\"READ\", \"WRITE\", \"ADMIN\"]\n}","type":"text"}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"authorizable","type":"text","marks":[{"type":"code"}]},{"text":" object is mandatory in a revoke request.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If both ","type":"text"},{"text":"principal","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"actions","type":"text","marks":[{"type":"code"}]},{"text":" are not provided, then the API revokes all privileges on the specified entity for all principals.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"authorizable","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"principal","type":"text","marks":[{"type":"code"}]},{"text":" are provided, but ","type":"text"},{"text":"actions","type":"text","marks":[{"type":"code"}]},{"text":" is not, the API revokes all actions (","type":"text"},{"text":"READ","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"WRITE","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"ADMIN","type":"text","marks":[{"type":"code"}]},{"text":", and ","type":"text"},{"text":"EXECUTE","type":"text","marks":[{"type":"code"}]},{"text":") on the specified entity for the specified principal.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Revoking privileges is only supported for ","type":"text"},{"text":"ROLE","type":"text","marks":[{"type":"code"}]},{"text":" type.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[249.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[510.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[249.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[510.0]},"content":[{"type":"paragraph","content":[{"text":"Privileges were successfully revoked.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"List Privileges","type":"text"}]},{"type":"paragraph","content":[{"text":"You can list all privileges for a principal on all CDAP entities by making an HTTP GET request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"GET /v3/security/authorization///privileges","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[258.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[501.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[258.0]},"content":[{"type":"paragraph","content":[{"text":"principal-type","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[501.0]},"content":[{"type":"paragraph","content":[{"text":"The principal type, one of ","type":"text"},{"text":"USER","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"GROUP","type":"text","marks":[{"type":"code"}]},{"text":", or ","type":"text"},{"text":"ROLE","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[258.0]},"content":[{"type":"paragraph","content":[{"text":"principal-name","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[501.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the principal.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[264.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[495.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[264.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[495.0]},"content":[{"type":"paragraph","content":[{"text":"Privileges were successfully listed for the specified principal.","type":"text"}]}]}]}]},{"type":"paragraph","content":[{"text":"This will return a JSON array that lists each privilege for the principal with its ","type":"text"},{"text":"authorizable","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"action","type":"text","marks":[{"type":"code"}]},{"text":". Example output (pretty-printed):","type":"text"}]},{"type":"codeBlock","content":[{"text":"[\n {\n \"authorizable\": {\n \"entityType\": \"DATASET\",\n \"entityParts\": {\"NAMESPACE\": \"default\", \"DATASET\": \"dataset\"}\n },\n \"action\": \"WRITE\"\n },\n {\n \"authorizable\": {\n \"entityType\": \"NAMESPACE\",\n \"entityParts\": {\"NAMESPACE\": \"default\"}\n },\n \"action\": \"READ\"\n },\n {\n \"authorizable\": {\n \"entityType\": \"PROGRAM\",\n \"entityParts\":{\"NAMESPACE\": \"default\", \"APPLICATION\": \"SportResults\", \"PROGRAM\": \"service.UploadService\"}\n },\n \"action\": \"EXECUTE\"\n }\n]","type":"text"}]},{"type":"paragraph","content":[{"text":"Listing privileges are supported for ","type":"text"},{"text":"USER","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"GROUP","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"ROLE","type":"text","marks":[{"type":"code"}]},{"text":" type.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Secure Storage","type":"text"}]},{"type":"paragraph","content":[{"text":"Use the Secure Storage Microservices to create, retrieve, and delete secure keys. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Details about secure storage and secure keys in CDAP can be found in ","type":"text"},{"text":"Secure Storage","type":"text","marks":[{"type":"link","attrs":{"href":"https://cdap.atlassian.net/wiki/spaces/DOCS/pages/480347053/Secure+Storage"}}]},{"text":".","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Create a Secure Key","type":"text"}]},{"type":"paragraph","content":[{"text":"You can create a secure key to secure storage by making an HTTP PUT request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"PUT /v3/namespaces//securekeys/","type":"text"}]},{"type":"paragraph","content":[{"text":"with a JSON-formatted body that contains the description of the key, the data to be stored under the key, and a map of properties associated with the key:","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"description\": \"Example Secure Key\",\n \"data\": \"\",\n \"properties\": {\n \"\": \"\"\n }\n}","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"namespace-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Namespace ID.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the key to add to secure storage.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"secure-contents","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"String data to be added under the key.","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"d5090409-3faf-4aeb-b8eb-9fa8ca9bbf16"}}]},{"text":" This could be a passphrase, cryptographic key, access token, service account JSON, or any other data that needs to be stored securely.","type":"text"}]},{"type":"paragraph","content":[{"text":"Note:","type":"text","marks":[{"type":"strong"}]},{"text":" If you want to create a secure key for a Service Account in a Compute Profile for a Dataproc cluster, you must convert the service account JSON to a valid string, which means it must be converted into a single-line JSON string and all quotes need to be escaped. ","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"63b2f284-5809-4374-8f5b-5192a2465e8e"}}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"property-key","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Name of a property key to associate with the secure key.","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"4a7bceed-3a26-46e6-b551-dd85587fc46d"}}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"property-value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Value associated with the property key.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[297.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[462.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[297.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[462.0]},"content":[{"type":"paragraph","content":[{"text":"The secure key was successfully added to secure storage.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[297.0]},"content":[{"type":"paragraph","content":[{"text":"400 BAD REQUEST","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[462.0]},"content":[{"type":"paragraph","content":[{"text":"An incorrectly-formatted body was sent with the request or the ","type":"text"},{"text":"data","type":"text","marks":[{"type":"code"}]},{"text":" field in the request was empty or not present.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[297.0]},"content":[{"type":"paragraph","content":[{"text":"404 NOT FOUND","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[462.0]},"content":[{"type":"paragraph","content":[{"text":"The namespace specified in the request does not exist.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Retrieve a Secure Key","type":"text"}]},{"type":"paragraph","content":[{"text":"You can retrieve a secure key from secure storage by making an HTTP GET request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"GET /v3/namespaces//securekeys/","type":"text"}]},{"type":"paragraph","content":[{"text":"with the data of the secure key returned as text, passed in the response body.","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"namespace-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Namespace ID.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the key to retrieve from secure storage.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"The secure key was successfully retrieved.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"404 NOT FOUND","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"The namespace specified in the request does not exist or the secure key with that name does not exist in that namespace.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Retrieve the Metadata for a Secure Key","type":"text"}]},{"type":"paragraph","content":[{"text":"You can retrieve just the metadata for a secure key from secure storage by making an HTTP GET request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"GET /v3/namespaces//securekeys//metadata","type":"text"}]},{"type":"paragraph","content":[{"text":"with the metadata of the secure key returned as a JSON object, name (the ","type":"text"},{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]},{"text":"), description, created timestamp, and the map of properties, passed in the response body, shown here pretty-printed:","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"name\": \"\",\n \"description\": \"Example Secure Key\",\n \"createdEpochMs\": 1471718010326,\n \"properties\": {\n \"property-key\": \"property-value\"\n }\n}","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[280.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[479.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[280.0]},"content":[{"type":"paragraph","content":[{"text":"namespace-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[479.0]},"content":[{"type":"paragraph","content":[{"text":"Namespace ID.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[280.0]},"content":[{"type":"paragraph","content":[{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[479.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the key to retrieve from secure storage.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[284.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[475.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[284.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[475.0]},"content":[{"type":"paragraph","content":[{"text":"Metadata for the secure key was successfully retrieved.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[284.0]},"content":[{"type":"paragraph","content":[{"text":"404 NOT FOUND","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[475.0]},"content":[{"type":"paragraph","content":[{"text":"The namespace specified in the request does not exist or a secure key by the specified name does not exist in the specified namespace.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"List all Secure Keys","type":"text"}]},{"type":"paragraph","content":[{"text":"You can retrieve all the keys in a namespace from secure storage by making an HTTP GET request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"GET /v3/namespaces//securekeys","type":"text"}]},{"type":"paragraph","content":[{"text":"with the metadata of all of the secure keys returned as a JSON object, name (the ","type":"text"},{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]},{"text":"), description, created timestamp, and the map of properties, passed in the response body, shown here pretty-printed:","type":"text"}]},{"type":"codeBlock","content":[{"text":"[\n {\n \"name\": \"key1\",\n \"description\": \"Example Secure Key1\",\n \"createdEpochMs\": 1605722163238,\n \"properties\": {\n \"\": \"\"\n }\n },\n {\n \"name\": \"key2\",\n \"description\": \"Example Secure Key2\",\n \"createdEpochMs\": 1605722553957,\n \"properties\": {\n \"\": \"\"\n }\n }\n]","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[288.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[471.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[288.0]},"content":[{"type":"paragraph","content":[{"text":"namespace-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[471.0]},"content":[{"type":"paragraph","content":[{"text":"Namespace ID.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"The keys were successfully retrieved.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"404 NOT FOUND","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[467.0]},"content":[{"type":"paragraph","content":[{"text":"The namespace specified in the request does not exist.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Remove a Secure Key","type":"text"}]},{"type":"paragraph","content":[{"text":"You can remove a secure key from secure storage by making an HTTP DELETE request to the URL:","type":"text"}]},{"type":"codeBlock","content":[{"text":"DELETE /v3/namespaces//securekeys/","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"namespace-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Namespace ID.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[300.0]},"content":[{"type":"paragraph","content":[{"text":"secure-key-id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[459.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the key to remove from secure storage.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"HTTP Responses","type":"text"}]},{"type":"table","attrs":{"layout":"default"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[301.0]},"content":[{"type":"paragraph","content":[{"text":"Status Codes","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[458.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[301.0]},"content":[{"type":"paragraph","content":[{"text":"200 OK","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[458.0]},"content":[{"type":"paragraph","content":[{"text":"The key was successfully removed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[301.0]},"content":[{"type":"paragraph","content":[{"text":"404 NOT FOUND","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[458.0]},"content":[{"type":"paragraph","content":[{"text":"The namespace specified in the request does not exist or a secure key by the specified name does not exist in the specified namespace.","type":"text"}]}]}]}]},{"type":"paragraph"}],"version":1}

Browser not supported