JOC API

/profile/key/generate

POST

generates and stores a new private key (only for SecurityLevel LOW and MEDIUM)

Parameters in the POST body schema

Name	Type	Description	Example	Default
`validUntil`	optional, date	Expiration Date of the Certificate	2024-12-31T12:00:00Z
`keyAlgorithm`	required, string	Type of the Key Algorithm: PGP, RSA or ECDSA	{ "keyAlgorithm" : "ECDSA" }	ECDSA
`dn`	optional, string	Distinguished Name (DN) for the keys certificate.	CN=MyTestAccountName, OU=Development, O=SOS-Berlin, ST=Berlin, L=Berlin, C=DE
`useSslCa`	optional, boolean	In general the published CA certificate for the Signature Key Management is used for signature validation only. This property determines if the CA in the SSL Key Management, which is used to generate auth keys and certificates, should also be used for the key and certificate generation in the Signature Key Management. Not available for `keyAlgorithm` PGP (private/public key only). Only usable with RSA and ECDSA (private key/X509 certificate). If set to true: Requires that a CA is already configured for the SSL Key Management. Creates a private key for the account and a CA signed certificate. Replaces an already uploaded CA certificate for signature validation in the Signature Key Management with the certificate of the existing SSL Key Management CA. If set to false: The CA in the Signature Key Management will be used for signature validation only. Creates a private key for the account and a self signed certificate.		false
`auditLog`	optional, object	Object that contains `comment`, `timeSpent` and `ticketLink`.	{ "comment": "Operational requirement!", "timeSpent": 2 }
`comment`	optional, string	Field in `auditLog` to comment this action, e.g. the reason.
`timeSpent`	optional, integer	Field in `auditLog` to enter the time spent in minutes.
`ticketLink`	optional, string	Field in `auditLog` to enter a link to a corresponding ticket.

Request

Name

Description

Example

Type

Constraints

Default

Headers

X-Access-Token*

Request requires authentication!

550e8400-e29b-11d4-a716-446655440000

string

Body

application/json

model | example

{
    "title": "set generate Key filter",
    "$schema": "http://json-schema.org/draft-04/schema#",
    "javaType": "com.sos.joc.model.publish.GenerateKeyFilter",
    "type": "object",
    "required": [
        "keyAlgorithm"
    ],
    "properties": {
        "validUntil": {
            "description": "Value is UTC timestamp in ISO 8601 YYYY-MM-DDThh:mm:ss.sZ or empty",
            "type": "string",
            "format": "date-time"
        },
        "keyAlgorithm": {
            "type": "string"
        },
        "dn": {
            "type": "string"
        },
        "useSslCa": {
            "type": "boolean",
            "default": false
        },
        "auditLog": {
            "javaType": "com.sos.joc.model.audit.AuditParams",
            "type": "object",
            "properties": {
                "comment": {
                    "type": "string",
                    "pattern": "^[^<>]*$",
                    "maxLength": 255
                },
                "timeSpent": {
                    "type": "integer",
                    "minimum": 0
                },
                "ticketLink": {
                    "type": "string",
                    "pattern": "^[^<>]*$",
                    "maxLength": 255
                }
            }
        }
    }
}

{ "validUntil": "2022-03-03T11:00:00Z", "keyAlgorithm": "PGP" }

{
    "validUntil": "2022-03-03T11:00:00Z",
    "keyAlgorithm": "PGP"
}

Responses

Code	Description	Body
200		application/json model \| example { "title": "SOS PGP Key Pair", "$schema": "http://json-schema.org/draft-04/schema#", "javaType": "com.sos.joc.model.sign.JocKeyPair", "type": "object", "required": [ "keyAlgorithm" ], "properties": { "privateKey": { "type": "string" }, "publicKey": { "type": "string" }, "keyID": { "type": "string" }, "certificate": { "type": "string" }, "validUntil": { "type": "string", "format": "date-time" }, "keyType": { "type": "string" }, "keyAlgorithm": { "type": "string" } } } { "privateKey": "-----BEGIN PGP PRIVATE KEY BLOCK-----\n\nlQOYBF6NaHkBCADV+7R21JQ2PEM5u60D/AFe45k+CbNN6owO5iszLN7fc+uWmDEG\nbiykEo56k6uifLDAF...", "publicKey": "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: BCPG v1.65\r\n\r\nmQENBF6NaHkBCADV+7R21JQ2PEM5u60D/AFe45k+CbNN6owO5iszLN7fc+uWm...", "keyID": "C10EFE498ABABC3F", "validUntil": "2022-03-03T11:00:00Z", "keyAlgorithm": "PGP" } { "privateKey": "-----BEGIN PGP PRIVATE KEY BLOCK-----\n\nlQOYBF6NaHkBCADV+7R21JQ2PEM5u60D/AFe45k+CbNN6owO5iszLN7fc+uWmDEG\nbiykEo56k6uifLDAF...", "publicKey": "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: BCPG v1.65\r\n\r\nmQENBF6NaHkBCADV+7R21JQ2PEM5u60D/AFe45k+CbNN6owO5iszLN7fc+uWm...", "keyID": "C10EFE498ABABC3F", "validUntil": "2022-03-03T11:00:00Z", "keyAlgorithm": "PGP" }
401	Unauthorized!	application/json model \| example { "title": "authentication", "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "required": [ "isAuthenticated" ], "properties": { "user": { "type": "string" }, "accessToken": { "type": "string" }, "message": { "type": "string" }, "role": { "type": "string" }, "isAuthenticated": { "type": "boolean" }, "isPermitted": { "type": "boolean", "default": false }, "sessionTimeout": { "type": "integer", "default": 1800 }, "enableTouch": { "type": "boolean", "default": true } } } { "user": "root", "message": "Oops!", "isAuthenticated": false, "isPermitted": false } { "user": "root", "message": "Oops!", "isAuthenticated": false, "isPermitted": false }
403	Forbidden! The user doesn't have sufficient permissions for 'generate'	application/json model \| example { "title": "authentication", "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "required": [ "isAuthenticated" ], "properties": { "user": { "type": "string" }, "accessToken": { "type": "string" }, "message": { "type": "string" }, "role": { "type": "string" }, "isAuthenticated": { "type": "boolean" }, "isPermitted": { "type": "boolean", "default": false }, "sessionTimeout": { "type": "integer", "default": 1800 }, "enableTouch": { "type": "boolean", "default": true } } } { "user": "root", "message": "You don't have sufficient permissions for ...", "role": "all", "isAuthenticated": true, "isPermitted": false } { "user": "root", "message": "You don't have sufficient permissions for ...", "role": "all", "isAuthenticated": true, "isPermitted": false }
420	'generate' failed!	application/json model \| example { "title": "error object with delivery date", "$schema": "http://json-schema.org/draft-04/schema#", "javaType": "com.sos.joc.model.common.Err420", "type": "object", "required": [ "deliveryDate", "error" ], "properties": { "deliveryDate": { "description": "Value is UTC timestamp in ISO 8601 YYYY-MM-DDThh:mm:ss.sZ or empty", "type": "string", "format": "date-time" }, "surveyDate": { "description": "Value is UTC timestamp in ISO 8601 YYYY-MM-DDThh:mm:ss.sZ or empty", "type": "string", "format": "date-time" }, "error": { "javaType": "com.sos.joc.model.common.Err", "type": "object", "required": [ "code", "message" ], "properties": { "code": { "type": "string" }, "message": { "type": "string" } } } } } { "deliveryDate": "2016-05-05T21:13:35Z", "surveyDate": "2016-05-05T21:13:33Z", "error": { "code": "JOC-420", "message": "generate failed!" } } { "deliveryDate": "2016-05-05T21:13:35Z", "surveyDate": "2016-05-05T21:13:33Z", "error": { "code": "JOC-420", "message": "generate failed!" } }
440	Login Timeout! The client's session has expired and must log in again.	application/json model \| example { "title": "authentication", "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "required": [ "isAuthenticated" ], "properties": { "user": { "type": "string" }, "accessToken": { "type": "string" }, "message": { "type": "string" }, "role": { "type": "string" }, "isAuthenticated": { "type": "boolean" }, "isPermitted": { "type": "boolean", "default": false }, "sessionTimeout": { "type": "integer", "default": 1800 }, "enableTouch": { "type": "boolean", "default": true } } } { "user": "root", "message": "Session has expired. Please log in again", "role": "all", "isAuthenticated": false, "isPermitted": false } { "user": "root", "message": "Session has expired. Please log in again", "role": "all", "isAuthenticated": false, "isPermitted": false }