Skip to main content
POST
/
api
/
adm
/
KeyStores
Create Keystore Entry
curl --request POST \
  --url https://localhost:44371/api/adm/KeyStores \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{}'
{
  "success": true,
  "code": 200,
  "errorMessage": null,
  "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6"
}

Description

Creates a new keystore entry with specified activation and expiration dates. The keystore can be used immediately if set as active, or scheduled for future activation as part of a key rotation strategy.

Input

  • Body: model (KeystoreCreateModel, required) — Keystore details including:
    • key (string, required) — Base64-encoded AES encryption key.
    • activationDate (datetime, required) — Date when keystore becomes active.
    • expirationDate (datetime, required) — Date when keystore expires.
    • description (string, optional) — Descriptive identifier for the key.

Output

Returns a KeystoreCommandResponse containing the ID of the newly created keystore entry.

Example Request

POST /api/admin/KeyStores
Content-Type: application/json
Authorization: Bearer {token}

{
  "key": "base64EncodedAesKey...",
  "activationDate": "2024-01-01T00:00:00Z",
  "expirationDate": "2024-12-31T23:59:59Z",
  "description": "Q1 2024 Encryption Key"
}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null,
  "keystoreId": "3fa85f64-5717-4562-b3fc-2c963f66afa6"
}

Errors

  • 400 Bad Request — Invalid key material, incorrect dates, or conflicting active keystores.
  • 401 Unauthorized — Missing or invalid authentication.
  • 404 Not Found — Referenced resources cannot be found.
  • 500 Internal Server Error — Unexpected error during keystore creation.

Notes

  • Keys must be generated using cryptographically secure random number generators (CSPRNG).
  • Keys must be transmitted over HTTPS to prevent interception.
  • Use cases include importing externally generated keys, scheduling key rotation, or disaster recovery.
  • Log keystore creation events for security auditing.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json

The keystore creation request containing encryption key details and activation dates.

Base structure for command requests that modify data. Represents a command used to create a new key store entry for administrative purposes.

keyBase64
string | null

Key

Response

Returns the ID of the newly created keystore entry.

Standard response structure containing operation status and error information. Standard command response indicating the result of a data modification. Create response containing the identifier of the newly created entity. Represents the response returned after a key store entry is created or updated.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null

id
string<guid>

Unique identifier of the newly created entity.

Example:

"3fa85f64-5717-4562-b3fc-2c963f66afa6"