POST SSH/AddSelfServicePrivateKey

Assigns an existing keyset to a policy folder.

Requirements

  • Permissions:  The caller must have Create permission to the policy folder where the key will be added.
  • Token scope:  SSH:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

ContactEmail

(Optional)The email contact to use if the key owner is outside the organization.

FolderId

The GUID of the policy folder. Enclose the GUID in curly braces. For example, {724a3db3-8855-4ea9-986f-519f0c571148}. To get the GUID, call POST Config/DnToGuid.

KeysetId

(Optional) KeysetId to apply to the policy folder. The keys must conform to all policy settings. For example if the keys are too old or too small, an error occurs. If no KeysetId is specified, new keyset will be created. To get the KeysetId, call GET SSH/KeysetDetails.

Location

The host or computer name.

Notes

Any additional information.

Owner

The identity that will own the key.

Returns

Response description

Name

Description

KeyId The description of the key format.

KeySetId

The identifier for a set of public and private keys. The value is hexadecimal. If there is no private key password, the format is

EncryptedPrivateKey-[unique number]. For example, EncryptedPrivateKey-3.

Notes Additional information.

Response

Returns Success and True, when the private key exported successfully. Otherwise, returns the SSH SshWebResponse object.

Example: Provision a private key to a device

Request

POST https://tpp.venafi.example/vedsdk/SSH/AddSelfServicePrivateKey
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "FolderId":"{26f6e7d5-2653-4662-bfbc-55fcc21477b8}",
   "KeysetId":"94ED6AA79F736C4DAE53AB473418B9905896CFC9",
   "Owner":"local:admin",
   "ContactEmail":"name@example.com",
   "Notes":"Assign my keyset to \\Policy\\Building4Lab1",
   "Location":"9.5.45.11"
}

Response

HTTP/1.1 200 OK
{
   "KeyId":25964,
   "KeysetId":"94ED6AA79F736C4DAE53AB473418B9905896CFC9",
   "Notes":"Assign my keyset to \\Policy\\Building4Lab1",
   "Response":{
      "Success":true
   }
}