POST SSH/ExportSelfServiceAuthorizedKey
Downloads public keys with manual provisioning. This API call does not currently apply to downloads from Authorized_keys files.
Requirements
- Permissions: If the caller must have Owner permission of the key. The permissions automatically set on the created virtual device object. Otherwise, the caller must have Read permission and Private Key Read permission to the policy folder
- Token scope: SSH
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
|
Name |
Description |
|---|---|
| KeyId | The identifier of key to download from Trust Protection Platform. To get the KeyId, call GET SSH/KeysetDetails. |
| Format | (Optional) Format of the key material:
OpenSSH, PuTTY, SSH2, or Tectia. (only for private keys). If format is not specified, the value is taken from the policy. If the policy format is not specified, the default is OpenSSH. |
Returns
For valid requests, SSH/ExportSelfServiceAuthorizedKey returns a HTTP 200 message and the following data in the message body:
|
Name |
Description |
|---|---|
|
KeyMaterial |
The description of the key format. |
| Response |
Returns Success and True when the private key exported successfully. Otherwise, returns the SSH SshWebResponse object. |
Example: Export a public key via SSH
Request
POST https://tpp.venafi.example/vedsdkvedsdk/SSH/ExportSelfServiceAuthorizedKey
Authorization:Bearer 4MyGeneratedBearerTknz==
{
"KeyId":453,
"Format":"SSH2",
}
Response
HTTP/1.1 200 OK
{
"KeyMaterial":"-----BEGIN RSA PRIVATE KEY-----\u000aMIIEog...
-----END RSA PRIVATE KEY-----\u000a",
"Response":{
"Success":true
}
}