Skip to main content
GET
/
api
/
adm
/
KeyStores
/
actual
Get Active Keystore
curl --request GET \
  --url https://localhost:44371/api/adm/KeyStores/actual \
  --header 'Authorization: Bearer <token>'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Returns the keystore entry currently designated as active based on the current date falling within its activation and expiration date range. This is the keystore used by the system for all new encryption operations.

Input

None required.

Output

Returns a KeystoreGetActualEntryQueryResponse containing the active keystore details.

Example Request

GET /api/admin/KeyStores/actual
Authorization: Bearer {token}

Example Response (Success)

{
  "success": true,
  "code": 200,
  "errorMessage": null,
  "keystore": {
    "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
    "activationDate": "2024-01-01T00:00:00Z",
    "expirationDate": "2024-12-31T23:59:59Z",
    "description": "Q1 2024 Encryption Key"
  }
}

Example Response (No Active Keystore)

{
  "success": false,
  "code": 404,
  "errorMessage": "Active KeyStore does not exist"
}

Errors

  • 400 Bad Request — Malformed request.
  • 401 Unauthorized — Missing or invalid authentication.
  • 404 Not Found — No active keystore exists for current date; critical configuration issue.
  • 500 Internal Server Error — Unexpected error retrieving active keystore.

Notes

  • Selection logic: current date on/after activation date, before expiration date, marked active.
  • If multiple match, most recently activated one is returned.
  • Use cases: verify current encryption key, monitor rotation status, troubleshoot encryption issues.
  • If this returns error, system cannot perform encryption operations.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Response

Returns the currently active keystore entry.

Standard response structure containing operation status and error information. Represents a response that contains the actual key store entry when explicitly requested.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null

entry
object

The key store entry returned by the request.

Example:
{
  "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "dateCreated": "2025-10-30T10:30:00Z",
  "isActive": true,
  "dateModified": "2025-10-30T15:45:00Z"
}