Encryption

PreviousDocument Uploader NextFile Store

Last updated 11 months ago

Was this helpful?

Encrypts the given input value/s OR values of the object.

post

Body

An encryption request can contain multiple EncReqObject. This will help to encrypt bulk requests which may have different tenant-id and/or method ( AES / RSA ).

encryptionRequestsobject[]Optional

EncrReqObject contains data to be encrypted and meta-data required to perform the encryption.

Example: {"tenantId":"pb.jalandhar","type":"Important","value":{"key":"secret"}}

Responses

application/json

object[]Optional

post

POST /crypto/v1/_encrypt HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 269

{
  "encryptionRequests": [
    {
      "tenantId": "pb",
      "type": "Important",
      "value": "My email"
    },
    {
      "tenantId": "pb.jalandhar",
      "type": "Normal",
      "value": [
        "Personal",
        "Private"
      ]
    },
    {
      "tenantId": "pb.mohali",
      "type": "Normal",
      "value": {
        "userObject1": {
          "name": "John Doe",
          "mobileNumber": "98989121234"
        }
      }
    }
  ]
}

200

The returned encrypted value will have the same structure as the input value.

[
  "437506|A5ag4DfbhHAHiqXRKFcAedFKtNOelHX+8+jB0ckNG/tihwimx7xu6akEoa+kaQPcIhSnYeveloIhdPBCOgrXWvkWGZfShx1i2bE2vAcWB+r0YIDdwZLKJbQGBHDqcEOn8mfO+LnmpJ5P4zPETtE+2EHhta+vKcE5OQj8ZQawHS4=",
  [
    "896077|I/8Xwqr5MwB6UucEP8/Q5wiCHpbaNqGE",
    "896077|I+gMx6TjN0BcLxudEiYQKIDKtSlmpJY="
  ],
  {
    "userObject1": {
      "mobileNumber": "395551|eSfiPrQ1UK07d0SupYQYqbr2QFNOWSuYJYcU",
      "name": "395551|CnCzaK1ADfnx+4FINXIQ9zjnUs1ieAtz"
    }
  }
]

Decrypts the given input value/s OR values of the object.

post

Body

object[]Optional

Responses

application/json

object[]Optional

post

POST /crypto/v1/_decrypt HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 215

[
  [
    "896077|I/8Xwqr5MwB6UucEP8/Q5wiCHpbaNqGE",
    "896077|I+gMx6TjN0BcLxudEiYQKIDKtSlmpJY="
  ],
  {
    "userObject1": {
      "mobileNumber": "395551|eSfiPrQ1UK07d0SupYQYqbr2QFNOWSuYJYcU",
      "name": "395551|CnCzaK1ADfnx+4FINXIQ9zjnUs1ieAtz"
    }
  }
]

200

The response to a decryption request will have the same structure as the input.

[
  [
    "Personal",
    "Private"
  ],
  {
    "userObject1": {
      "mobileNumber": "98989121234",
      "name": "John Doe"
    }
  }
]

Provide signature for a given value.

post

Body

A Sign request containing tenant id and the string value to be signed.

tenantIdstringOptional

The key used for signing will be determined based on tenant id.

valuestringOptional

The value to be signed.

Responses

application/json

objectOptional

Response to sign api containing the actual value and its corresponding signature.

Example:

{"value":"claim","signature":"436958|JLXQk7KP0y1nU3YHKLe0aq7EJp1iPEfNcIrbsgBh2u2U9aLCYfr8tVWGPud7JNQ5uiKJ1gTMFgzGU4XfTwUZDENHQ6mpFOhxH+LVVggj9QmDZk629ce2X7ju4aHuX6WDBx9/bxHstE8r5F47sP7f6ryY52HDQ5D5/8b7SX3WkkE="}

post

POST /crypto/v1/_sign HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 42

{
  "tenantId": "pb.amritsar",
  "value": "claim"
}

200

Response contains the value that has been signed and the value of signature.

{
  "value": "claim",
  "signature": "436958|JLXQk7KP0y1nU3YHKLe0aq7EJp1iPEfNcIrbsgBh2u2U9aLCYfr8tVWGPud7JNQ5uiKJ1gTMFgzGU4XfTwUZDENHQ6mpFOhxH+LVVggj9QmDZk629ce2X7ju4aHuX6WDBx9/bxHstE8r5F47sP7f6ryY52HDQ5D5/8b7SX3WkkE="
}

Check if the signature is correct for the provided value.

post

Body

A Verify request containing the value and its corresponding signature.

valuestringOptional

The claim to be verified

signaturestringOptional

The signature for the claim

Responses

application/json

objectOptional

Response to the verify api containing if the signature was correct for the input claim

Example: {"verified":true}

post

POST /crypto/v1/_verify HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 211

{
  "value": "claim",
  "signature": "436958|JLXQk7KP0y1nU3YHKLe0aq7EJp1iPEfNcIrbsgBh2u2U9aLCYfr8tVWGPud7JNQ5uiKJ1gTMFgzGU4XfTwUZDENHQ6mpFOhxH+LVVggj9QmDZk629ce2X7ju4aHuX6WDBx9/bxHstE8r5F47sP7f6ryY52HDQ5D5/8b7SX3WkkE="
}

200

Response returns if the provided signature is correct for the given value.

{
  "verified": true
}

Deactivate the keys for the given tenant and generate new keys. It will deactivate both symmetric and asymmetric keys for the provided tenant.

post

Body

A request to rotate key for a given tenant

tenantIdstringOptional

The tenantId for which the key needs to be changed.

Responses

application/json

objectOptional

An acknowledgement if the key rotation request was successful.

post

POST /crypto/v1/_rotatekey HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "tenantId": "pb.amritsar"
}

200

Acknowldgement if the operation was successful.

{
  "acknowledged": true
}