deliveryservices/{{xml_id}}/urisignkeys

DELETE

Deletes URISigning objects for a Delivery Service.

Auth. Required

Yes

Roles Required

admin1

Permissions Required

DS-SECURITY-KEY:DELETE, DS-SECURITY-KEY:READ, DELIVERY-SERVICE:READ, DELIVERY-SERVICE:UPDATE

Response Type

undefined

Request Structure

Table 326 Request Path Parameters

Name

Required

Description

xml_id

yes

xml_id of the desired delivery service

Response Structure

TBD

GET

Retrieves one or more URISigning objects for a delivery service.

Auth. Required

Yes

Roles Required

admin1

Permissions Required

DS-SECURITY-KEY:READ

Response Type

undefined

Request Structure

Table 327 Request Route Parameters

Name

Required

Description

xml_id

yes

xml_id of the desired delivery service

Response Structure

Issuer

a string describing the issuer of the URI signing object. Multiple URISigning objects may be returned in a response, see example

renewal_kid

a string naming the jwt key used for renewals

keys

json array of jwt symmetric keys

alg

this parameter repeats for each jwt key in the array and specifies the jwa encryption algorithm to use with this key, RFC 7518

kid

this parameter repeats for each jwt key in the array and specifies the unique id for the key as defined in RFC 7516

kty

this parameter repeats for each jwt key in the array and specifies the key type as defined in RFC 7516

k

this parameter repeats for each jwt key in the array and specifies the base64 encoded symmetric key see RFC 7516

#783 Response Example
{ "Kabletown URI Authority": {
    "renewal_kid": "Second Key",
    "keys": [
        {
            "alg": "HS256",
            "kid": "First Key",
            "kty": "oct",
            "k": "Kh_RkUMj-fzbD37qBnDf_3e_RvQ3RP9PaSmVEpE24AM"
        },
        {
            "alg": "HS256",
            "kid": "Second Key",
            "kty": "oct",
            "k": "fZBpDBNbk2GqhwoB_DGBAsBxqQZVix04rIoLJ7p_RlE"
        }
    ]
}}

POST

Assigns URISigning objects to a delivery service.

Auth. Required

Yes

Roles Required

admin1

Permissions Required

DS-SECURITY-KEY:CREATE

Response Type

undefined

Request Structure

Table 328 Request Path Parameters

Name

Required

Description

xml_id

yes

xml_id of the desired delivery service

Request Structure

Issuer

a string describing the issuer of the URI signing object. Multiple URISigning objects may be returned in a response, see example

renewal_kid

a string naming the jwt key used for renewals

keys

json array of jwt symmetric keys

alg

this parameter repeats for each jwt key in the array and specifies the jwa encryption algorithm to use with this key, RFC 7518

kid

this parameter repeats for each jwt key in the array and specifies the unique id for the key as defined in RFC 7516

kty

this parameter repeats for each jwt key in the array and specifies the key type as defined in RFC 7516

k

this parameter repeats for each jwt key in the array and specifies the base64 encoded symmetric key see RFC 7516

#784 Request Example
{ "Kabletown URI Authority": {
    "renewal_kid": "Second Key",
    "keys": [
        {
            "alg": "HS256",
            "kid": "First Key",
            "kty": "oct",
            "k": "Kh_RkUMj-fzbD37qBnDf_3e_RvQ3RP9PaSmVEpE24AM"
        },
        {
            "alg": "HS256",
            "kid": "Second Key",
            "kty": "oct",
            "k": "fZBpDBNbk2GqhwoB_DGBAsBxqQZVix04rIoLJ7p_RlE"
        }
    ]
}}

PUT

updates URISigning objects on a delivery service.

Auth. Required

Yes

Roles Required

admin1

Permissions Required

DS-SECURITY-KEY:UPDATE

Response Type

undefined

Request Structure

Table 329 Request Path Parameters

Name

Required

Description

xml_id

yes

xml_id of the desired delivery service

Request Structure

Issuer

a string describing the issuer of the URI signing object. Multiple URISigning objects may be returned in a response, see example

renewal_kid

a string naming the jwt key used for renewals

keys

json array of jwt symmetric keys

alg

this parameter repeats for each jwt key in the array and specifies the jwa encryption algorithm to use with this key, RFC 7518

kid

this parameter repeats for each jwt key in the array and specifies the unique id for the key as defined in RFC 7516

kty

this parameter repeats for each jwt key in the array and specifies the key type as defined in RFC 7516

k

this parameter repeats for each jwt key in the array and specifies the base64 encoded symmetric key see RFC 7516

#785 Request Example
{ "Kabletown URI Authority": {
    "renewal_kid": "Second Key",
    "keys": [
        {
            "alg": "HS256",
            "kid": "First Key",
            "kty": "oct",
            "k": "Kh_RkUMj-fzbD37qBnDf_3e_RvQ3RP9PaSmVEpE24AM"
        },
        {
            "alg": "HS256",
            "kid": "Second Key",
            "kty": "oct",
            "k": "fZBpDBNbk2GqhwoB_DGBAsBxqQZVix04rIoLJ7p_RlE"
        }
    ]
}}
1(1,2,3,4)

URI Signing Keys can only be created, viewed, deleted, or modified on Delivery Services that either match the requesting user’s Tenant or are descendants thereof.