Versions Compared

Old Version 13

changes.mady.by.user Shraddha Shejawal

Saved on

compared with

New Version 14

changes.mady.by.user Shraddha Shejawal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
bgColor#fff

You can check if  key has added only usage to be -d "use : sig" using below GET method 

curl -H "Authorization: Bearer XXXXXX" -X GEThttpsGET https://HOSTNAME/uas/oauth2/metadata.jwks --insecure

Tip
titleHTTP 200 Response


Expand
titleSuccessfully Fetched key details


{
    "keys": [
        {
            "use": "sig",
            "kid": "sig-key1",
            "kty": "RSA",
            "n": "... redacted ...",
            "e": "AQAB"
        }
    ]
}



You can remove the usage by following command : 

curl -H "Authorization: Bearer XXXXXX" -X PUT https://HOSTNAME/sso-api/credential/System/ServerKeyContainer/sig-key1 -d "use= " --insecure

Tip
titleHTTP 200 Response


Expand
titleSuccessfully created or updated a key

Accept: application/json

FieldTypeDescription
typestringThe type of the object. Currently this is always set to credential.
idstringThe unique id of the key.
attributes.namestringThe name of the key.
attributes.ktystringThe type of the key. For example RSA
attributes.kidstringThe key identifier as defined by RFC 7517 JSON Web Key specification
attributes.usestring

The usage of the key as defined by RFC 7517 JSON Web Key specification. Valid values are

  • enc - for encryption
  • sig - for signing
attributes.enabledbooleanDenotes whether the key is enabled or not.
attributes.notBeforedatetimeThe epoch timestamp after which the key is valid.
attributes.notOnOrAfterdatetimeThe epoch timestamp after which the key is not valid.
attributes.descriptionstring arrayA human-readable description of the key.



Now the same key will be used as encrypion key as well as sig key. 

...