Encryption

Encryption Service

API specs to encrypt, decrypt, sign and verify data.

Decrypts the given input value/s OR values of the object.

post

Bodyobject[]

object[]Optional

Responses

200

The response to a decryption request will have the same structure as the input.

application/json

Responseobject[]

post

/crypto/v1/_decrypt

POST /crypto/v1/_decrypt HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 215

[
  [
    "896077|I/8Xwqr5MwB6UucEP8/Q5wiCHpbaNqGE",
    "896077|I+gMx6TjN0BcLxudEiYQKIDKtSlmpJY="
  ],
  {
    "userObject1": {
      "mobileNumber": "395551|eSfiPrQ1UK07d0SupYQYqbr2QFNOWSuYJYcU",
      "name": "395551|CnCzaK1ADfnx+4FINXIQ9zjnUs1ieAtz"
    }
  }
]

200

The response to a decryption request will have the same structure as the input.

[
  [
    "Personal",
    "Private"
  ],
  {
    "userObject1": {
      "mobileNumber": "98989121234",
      "name": "John Doe"
    }
  }
]

Provide signature for a given value.

post

Body

A Sign request containing tenant id and the string value to be signed.

tenantIdstringOptional

The key used for signing will be determined based on tenant id.

valuestringOptional

The value to be signed.

Responses

200

Response contains the value that has been signed and the value of signature.

application/json

post

/crypto/v1/_sign

POST /crypto/v1/_sign HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 42

{
  "tenantId": "pb.amritsar",
  "value": "claim"
}

200

Response contains the value that has been signed and the value of signature.

{
  "value": "claim",
  "signature": "436958|JLXQk7KP0y1nU3YHKLe0aq7EJp1iPEfNcIrbsgBh2u2U9aLCYfr8tVWGPud7JNQ5uiKJ1gTMFgzGU4XfTwUZDENHQ6mpFOhxH+LVVggj9QmDZk629ce2X7ju4aHuX6WDBx9/bxHstE8r5F47sP7f6ryY52HDQ5D5/8b7SX3WkkE="
}

Check if the signature is correct for the provided value.

post

Body

A Verify request containing the value and its corresponding signature.

valuestringOptional

The claim to be verified

signaturestringOptional

The signature for the claim

Responses

200

Response returns if the provided signature is correct for the given value.

application/json

post

/crypto/v1/_verify

POST /crypto/v1/_verify HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 211

{
  "value": "claim",
  "signature": "436958|JLXQk7KP0y1nU3YHKLe0aq7EJp1iPEfNcIrbsgBh2u2U9aLCYfr8tVWGPud7JNQ5uiKJ1gTMFgzGU4XfTwUZDENHQ6mpFOhxH+LVVggj9QmDZk629ce2X7ju4aHuX6WDBx9/bxHstE8r5F47sP7f6ryY52HDQ5D5/8b7SX3WkkE="
}

200

Response returns if the provided signature is correct for the given value.

{
  "verified": true
}

Deactivate the keys for the given tenant and generate new keys. It will deactivate both symmetric and asymmetric keys for the provided tenant.

post

Body

A request to rotate key for a given tenant

tenantIdstringOptional

The tenantId for which the key needs to be changed.

Responses

200

Acknowldgement if the operation was successful.

application/json

post

/crypto/v1/_rotatekey

POST /crypto/v1/_rotatekey HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "tenantId": "pb.amritsar"
}

200

Acknowldgement if the operation was successful.

{
  "acknowledged": true
}

cryptoRotateAllKeys

post

Body

A request to rotate key for a given tenant

tenantIdstringOptional

The tenantId for which the key needs to be changed.

Responses

200

*/*

201

Created

401

Unauthorized

403

Forbidden

404

Not Found

post

/crypto/v1/_rotateallkeys

POST /crypto/v1/_rotateallkeys HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "tenantId": "pb.amritsar"
}

{
  "acknowledged": true
}

PreviousEmployee NextFilestore

Last updated 2 years ago

Was this helpful?