POST SSH/ImportAuthorizedKey

Adds or reuses a Base64 public key for a device. This method can import a key that will not otherwise be discovered by Venafi software or an agent. You can also call POST SSH/ImportPrivateKey.

Requirements

  • Token scope:  SSH:Discover

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

DeviceGuid

The GUID that identifies a device. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. To get the GUID, use POST SSH/KeysetDetails or the UI. For example:

Location of device GUID in UI

Filepath

Path of the file.

Format

The format of the SSH key. Can be omitted if the format is specified on device policy. Valid formats: OpenSSH, PuTTY, SSH2, or Tectia.

KeyContentBase64

Base64 contents of public key file, in OpenSSH or SSH2 format. For Tectia, this should be single key file (not authorization file).

Username

Name on user specified device that will own the key.

Returns

Response description

Name

Description

KeyId

Identifier of newly created.

Response

SshWebResponse object with result of the operation. For more information, see SSH SshWebResponse object.

Example: Import a public key

Request

POST https://tpp.venafi.example/vedsdk/SSH/ImportAuthorizedKey HTTP/1.1
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "KeyContentBase64":"c3NoLXJz...",
   "DeviceGuid":"{21a8574c-f448-4a8c-aa13-cbd6a07df49b}",
   "Username":"user",
   "Filepath":"/db/authkey/5",
   "Format":"OpenSSH"
}

Response

HTTP/1.1 200 OK{
   "KeyId":145,
   "SshWebResponse":{
      "Success":true
   }
}