Manage SSH keys

You can use REST API to manage SSH key creation and selection for Transfer CFT, SecureTransport, and partners. This functionality includes the ability to:

  • Create SSH keys for partners and products. A dedicated POST resource allows you to create SSH keys to be used later in an SFTP communication profile, referencing it by its alias.
  • Retrieve SSH keys from partners and products by name.
  • Create SSH keys when creating a communication profile.
  • Reference an existing SSH key using its alias in a communication profile. You can reference this SSH key in the same product or in the same partner.
  • Delete an SSH key or certificate, as long as it is not used in a flow's communication profile.
Resource Key type Required fields

/api/v2/partners/partnerID/sshkeys

Public name (equivalent of a UI alias), keyContent
/api/v2/products/productID/sshkeys Private name (equivalent of a UI alias), keyContent, keyPassword*

/api/v2/partners

/api/v2/partners/partnerID/communicationprofiles

Public keyAlias, KeyContent

/api/v2/products

/api/v2/products/productID/communicationprofiles or X-EncryptionKey**

Private keyAlias, KeyContent, keyPassword*

*See Encryption keys and credentials

**Central Governance prior to 1.1.3 SP6 requires that you pass keyPassword in the JSON body of the request. However, Central Governance 1.1.3 SP6 and higher supports passing the X-EncryptionKey as a command parameter, or specifying the keyPassword in the JSON body.

REST API resource

SSH or PGP keys

POST /api/v2/products/id/sshkeys

  • In create mode, the product SSH/PGP key must be a private  key.
  • The keyContent is  mandatory.
  • The keyPassword is optional for an SSH key.
  • You must set isPrivateKey true. 

PUT /api/v2/products/id/sshkeys

 

  • If isPrivateKey=true:
    • The keyContent must be a private key.
    • The keyPassword is required.
  • If isPrivateKey=false:
    • The keyContent must be a public key.
  • If you do not provide isPrivateKey:
    • The key content type is autodetected based on keyContent.

In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of keys imported during registration, such as the SecureTransport admind.

POST /api/v2/products/id/communicationprofiles

PUT /api/v2/products/id/communicationprofiles

  • Same as POST /api/v2/products/id/keys for new keys.
  • Same as PUT /api/v2/products/id/keys for updating keys.

The keyAlias takes the value of the key name.

POST /api/v2/partners

PUT /api/v2/partners

  • The keyContent must be a public key.
  • The keyContent is mandatory.
  • You must set isPrivateKey to false.
Note When using SSH keys in POST and PUT APIs, be certain to encode the key contents using Base64 or a similar tool.
Field Private SSH key Public SSH key
keyContent Private part in key pair SSH key
publicKeyContent Public part in key pair N/A

Actions for partners and products

POST and PUT

You can create or update an SSH key using partner or product resources. To update an SSH key used in a flow, you must set the _forced parameter to true. If you use a key in more than one entity, either a product or partner, PUT only updates the contents of the key for the current entity.

API POST and PUT commands for partners, products, and for partner and product communication profiles have the following characteristics:

  • Central Governance prior to 1.1.3 SP2 supports publicKeyContent/publicKeyAlias.
  • Central Governance 1.1.3 SP2 and higher supports both publicKeyContent/publicKeyAlias and KeyContent/KeyAlias for backwards compatibility.

GET

By default, GET retrieves all SSH keys for a partner or a product resource.

Note API GET commands for partners, products, and for partner and product communication profiles are not backwards compatible with Central Governance prior to 1.1.3 SP2:
  • Central Governance versions prior to 1.1.3 SP2 support publicKeyContent/publicKeyAlias
  • Central Governance 1.1.3 SP2 and higher supports KeyContent/KeyAlias

DELETE

You can remove an SSH key that is no longer used in a partner or product. However, you cannot remove a key if it is still used in a communication profile.

If a key is used in more than one entity, which can be a product or partner, DELETE only removes the key from the current entity. And, if the SSH key is used in flows, you must set the _forced parameter to true.

Key request fields

This table describes field settings when creating or updating a private key. For keys created during registration, isPrivateKey is set to false, so you can only update the public key in the key pair.

When updating an SSH key, you can update the public key without having to provide the private key for the key pair.

Note For SSH keys, publicKeyContent is required for DSA keys, but is optional for RSA keys.

REST API resource

SSH keys

POST /api/v2/products/id/sshkeys

In create mode:

  • The product SSH key must be a private  key.
  • The keyContent is  mandatory.
  • The keyPassword is optional for an SSH key.
  • You must set isPrivateKey true. 

PUT /api/v2/products/id/sshkeys

 

In update mode:

  •  If isPrivateKey=true:
    • The keyContent must be a private key.
    • The keyPassword is required.
  • If isPrivateKey=false:
    • The keyContent must be a public key.
  • If you do not provide isPrivateKey:
    • The key content type is autodetected based on keyContent.

You can replace the corresponding certificate with a public one. This allows for the updating of keys imported during registration, such as the SecureTransport admind.

POST /api/v2/products/id/communicationprofiles

PUT /api/v2/products/id/communicationprofiles

  • Same as POST /api/v2/products/id/keys for new keys.
  • Same as PUT /api/v2/products/id/keys for updating keys.

The keyAlias takes the value of the key name.

POST /api/v2/partners

PUT /api/v2/partners

  • The keyContent must be a public key.
  • The keyContent is mandatory.
  • You must set isPrivateKey to false.
Note If the public key in a key pair is already used for another entity (a Partner), the private key is not imported but the sshkey credential is created.

Manage SSH keys for partners

Create an SSH key for a partner

Replace the following variables in the example with the actual Central Governance values.

  Variable Description
Financial Company (partner) {{ID-partnerFC}} Partner business identifier
{{name-partnerFC}} Partner name
{{hostname-partnerFC}} Communication profile host name
{{port-partnerFC}} Communication profile port

Create 2 SSH keys for a partner as shown below, where keyContent is the public SSH key from the partner.

POST /api/v2/partners/{{ID-partnerFC}}/sshkeys

{

"name": "server_sftp_1.pem",

"keyContent": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwzfa
JddOv5VgZk9YfLfFM79VIdynoNVngt7ni9MMRQQdrsTguchi6O5HoJqQSPj88e
EQ0nDcBovxN4NYqsNC1v8n8b5q2gCxf05OThU2Sf6lTfUs4wciI911tT0XfRl0
jbjiCYNr2V8RQIu4pFStxP9YYj86uFguYArIxBMIpuwIDAQAB",

"privateKey": false

}

POST /api/v2/partners/{{ID-partnerFC}}/sshkeys

{

"name": "server_sftp_2.pem",

"keyContent": " MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0udX

QyAGXxyhHdRsh+UCXtEnKmWWQ95UlourzvqB0NG2RxjgNRUNWwYji/EqvsnjTH+A/

k26XqEWOQFwyecjfCpC0Yu5jaHEKwP2s0tq1OLjvUNYQsUovtqDQYyNHt6SOzYT44

AZ9w5jomD8KLfhoVt1/wilfJiFcRi26ABFCcLdhRd3Ct74rd8pCdujYwJLlwEGJ0

60HyPYqrx2iKVVkC+0tJGlpAMZbU6lbQbOej1fbxvY2lBGeGJRReFgR0H3Szr5hMKp32

wMiuqeiH2LvFMRg3H+W63H5pDnsnQ+agizEyPWftH9VnPV1wKz6ZZUd42via89hhstw2w

DWlm0CwIDAQAB",

"isprivateKey": false

}

 

Retrieve SSH keys by alias

GET /api/v2/partners/{{ID-partnerFC}}/sshkeys?name=server_sftp_1.pem

{

"businessId": "a39df721-5592-4f04-baca-9b06ca80d948",

"name": "server_sftp_1.pem",

"keyContent": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDwzfa

JddOv5VgZk9YfLfFM79VIdynoNVngt7ni9MMRQQdrsTguchi6O5HoJqQSPj88e

EQ0nDcBovxN4NYqsNC1v8n8b5q2gCxf05OThU2Sf6lTfUs4wciI911tT0XfRl0

jbjiCYNr2V8RQIu4pFStxP9YYj86uFguYArIxBMIpuwIDAQAB",

"isprivateKey": false

}

Use an existing SSH key

Use an SSH key that was created previously in a new communication profile.

Here only the SSH key alias is mandatory.

POST /api/v2/partners/{{ID_partnerFC}}/communicationprofiles

{

"name": "sftp_server_com_profile",

"description": null,

"type": "SERVER",

"protocol": "SFTP",

"tags":[],

"enabled": true,

"clientAuthentication": "PUBLIC_KEY",

"fipsEnabled": false,

"publicKeyAlias": "server_sftp_1.pem",

"hosts":[

"{{hostname-partnerFC}}"

],

"port": {{port-partnerFC}}

}

]

}

Create a SSH key in a communication profile

You can create a partner SSH key while creating a new communication profile.

POST /api/v2/partners/{{ID-partnerFC}}/communicationprofiles

{

"name": "sftp_client_com_profile",

"description": null,

"type": "CLIENT",

"protocol": "SFTP",

"tags":[],

"enabled": true,

"clientAuthentication": "PUBLIC_KEY",

"fipsEnabled": false,

"publicKeyAlias": "client_sftp.pem",

"publicKeyContent": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZoI0KyL+SkkP9COY
E+4OTKOtQWuNx65r2sYnIjGYb1jNE2xaq682/uPUKygnmit17IVnT5D
YgJJOa0+OP30LDWGkn2emePfRy4WsfbmKxowTBsIWLJJ6xehbQPTYl+8m74tG2Ig8bJ
XhkDr9tXXVe9LL7AyMqHSThxvLD4crcoQIDAQAB",

"hosts":[

"{{hostname-partnerFC}}"

],

"port": {{port-partnerFC}}

}

Manage SSH keys for products

Create a product SSH key

You can create an SSH key for a product while creating a new communication profile.

POST api/v2/products/id/communicationprofiles

{

    "name": "sftp2",

    "type": "SERVER",

    "protocol": "SFTP",

    "enabled": true,

    "networkZone": "Private",

    "clientAuthentication": "PUBLIC_KEY",

    "fipsEnabled": false,

    "keyAlias": "cris1.pem",

    "keyContent": "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUlGS3pCVkJna3Foa2lHOXcwQkJRMHdTREFuQmdrcWhraUc5dzBCQlF3d0dnUVVyaFVOT1EwRkNjcUZPK29TCm5NZXdBRzd6b1FrQ0FpY1FNQjBHQ1dDR1NBRmxBd1FCQWdRUUM3OHV1QzB6elZJazRvaHhmUy9oY2dTQ0JOQUQKVGdxTXZtUm0vMWVrbXJXeEpVWTVxQ1dhZWJNVjJyK2t5WWJpV05ZSEhlWmVFYUNKTVVYZDBFczN5VVBwRTFCZgp4bHp4RG1nNWEwYlVFQ3Y3SXU0VVk3K0g4UW05aGJXTktZMURNNVdyUTJuL2M5dGEzUlhzZFFkelNIVmpkSU5kCmR2dWUrcm5JR3l4ZGpzeFJvS2dZQ2c1NC9wamxwMFRQK1F4emc4SWtjUG9FN2NydWdnQVVWWE1MM09oTHJxM1MKRVVSNnZvOGVycjM1elprRUJ6NE1TZUY5RzdqbkhuRXdkdkJtVUo2TDJEdUl0azBwYTBEZGZPVzlWeEJtMG5MVwpCdkNHci84dEgvcndTeHhvemFlRURPYW85K2ZBd1ZlUGFUK1Juc2RKMkNVWi9saVFOdW1uNUhYVFo2UEJxMUZCClZmako5T1ZCNEgreTNBWjJoTGQxYjJoc1docHY0MUticiszQW10ZXRvK0V2TFpxUXYvY3gxVDNvY2lTaWtScEcKTDl1MVVtUERuRG5NQTlsYW9lNWZ4Qzdydnp2aUxyNDc1QkJEOHRCSEFPVlVLcmhxc1UzNTFvM2xyaEhtbTQxQQoyZnZyZDdLZ1FGOU56d3I3dlZrYUFLN0NpUnRZMFRvSVZtNkhFTUFwN2RPM3d1QUhpMHlLeEtPbXZxdGV0WlI5CmphN0pLY3VrTlZLeUJGdWJnL01KOEVISkFySWkzTEdXaHZBdjBVdGdOSnNmOWcwODIrdlBsd082UzRyTW1WM1gKMW95aUlISkFUaExrZ2Rsb0ZDZ2FkS3ZDWjFIZXMvS2xWanJiYWJTYTlMK1E0bjlPN0M1YXFqQnBPbXlHRTlYRwo0YS90L3ozZjhIeVJSY08yNGEwcUs0aGROWFgwSEgyZHRIaWo2aTlLczEydzB5VkV0SFZwa2J5bjJ3Tm84V1VvClRhK296RDV4RVRWZmtwRHZmVy90L2gzbW40UkIvanovUVhYcGVySmFCd2dEMTM3RzFaVko1Unllc3NWOEdzTlMKTVNPUUJicXo3OEQ0aTdEVUY0UGY4Z2cwL0tOQVJDL0ttUW1iQ3hUdmJFeGlSM1pSb1IxT1FuKzdIb0ttQ21iWQo1WlhRakE1cG5kUHNxUFIrSzR6aHZ1aFlSMTFqUUVtTXA4d1p1ekhiWnJpWElQeDVMeG4wL2lPWElDaXlNY1drCkxyc2JTYkhmWXdjMmlGM0ZFcS9KMVA0SVJJVEpna0JWZWVWZDIvMDNzTXRYR2FNZUlWSkxFd1F4WUczcDdUV0oKSWpiU2J3OGUyUUV5V3BXdkEzM2Y2eXE5VDcyQVlNemRSTGluei9zd2Zpb3lqSit3Ri8rbW03dCs0blp1MndkRwpkUlJPSnBlc3c1RmZpR1BWakJxTEdodnBNRDVNRktlNVpGYmJTTE9oaWZvd0p6OEpoaWd2TXJhem0yMm44eGtOCjJDdHZHV1dhTkNncG5nL0l1dmFEMHRxUmphd2xtaldOVHlGRmFyZlFZMG03TzhYWkZiQlpZRWhadmF1dk9kTmYKUmttVnpLYlNiQzZrcHNDYVlpQTFReWxTOXFKVk40WHA0bjE3eVh1MkNqRlh6azRsMWd1UzV5SC82c0Jha0tYKwpiWFY5bG01K0J4YXVMZnZmb3RNZ0E0S3lRbHpWWDNTLzh1QlF0c2Eyb3RtUHZUM1ZkZWRKN0U2N1RiYXIrY0R0CkFvOHBjb3RpL0QzdFFnb242M2Q2YlozU1gvZzMzSVg3aXFnVEJUQ3dDMGg0WnZYbzlTaW1QNVdXaW9GcmlkMnAKRVhXWnJISUlEUjZiN2h4TkJpV3R4OGR4cXRPbm5IbVBJc1IzZXk0eTgyWGl1aXBEZlVValEySVZ6c2ZpVUs4YQpickZ3VHJ0eU8wUGFkWmZpdTZZZ2FHbE5GNXJEZ0VseEJPNU8zOERoMjh6MWtBb05PTVg1ajVJVHFXQVR0SDB1Cmowa1VWUG1VMHRuTFM4OHNMVkJNQUYwOEFnM2xwVi9WeDNKT3UzRjJkWkVqT1A4cjVCWUtvRm9DMHRCcnBwbEYKZFdNR2xWYndhZDBWV2Z2VzQzN1U4S1RYajFTWG5rYmFkMmE1Q3pxbk5jK3I4Z0JhVHJWZXlRVGJERXB0WnJzTQpGUXYzTUpBSU5hTi9xQU5yWVBhVGtlS2hwR29wN293ZXhFUkZER2hsd0E9PQotLS0tLUVORCBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQo=",

    "publicKeyContent": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncHPIIWqRQB90xwCjYQcFHTLEL7unC5eJ4JEZGp/CULqbvKoHXFLmkIc+D0U3+vHOlrgIiQHxHNAMK1s0Q2g3mrhWCpsxp1fY1hgZErsiX5MfkmwkgJs5NV2bw3zIGNmxAZ02CkLMhsnVtmZH5xV5K+R0C/7ZsoxYc+t8oZgyCPsfGQaYBJb3EE2Wxw9ch42VLOcqFssLm4FbI5jPGf15iOeh3Xaz3ckONNuTzWxfUXDlYIkOSLE8k7tEM+jsC/aDhuljOw+nAaLxCldWmcyTFGMV7NQJZLLmNmxsBp+SUjGY54BC21JAfxAc+1IoYK00ABxzm/IJNXB8Pzp/p0g5wIDAQAB",

    "keyPassword": 2,

    "hasPrivateKey": true,

    "hosts": [

      "qaf-cg-db-2.lab.buch.axway.int"

    ],

    "port": 2323

  }

Where the following are encrypted using base64:

  • keyContent: The private SSH key.
  • publicKeyContent: The public part of the SSH key. The publicKeyContent is required for DSA keys, but is optional for RSA keys.

Alternatively, you can create the SSH key using a dedicated command:

POST /api/v2/products/id/sshkeys

{

   "name": "private_ssh_key",

   "keyContent": "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUlGS3pCVkJna3Foa2lHOXcwQkJRMHdTREFuQmdrcWhr

aUc5dzBCQlF3d0dnUVV4L1ZiZlZ2Tmk0ejRhUS80Cm91SjRZVlNkbXpZQ0FpY1FNQjBHQ1dDR1NBRmxBd1FCQWdRUVprRkNkdVh2ZUlKSkdXSk

daeTI0WlFTQ0JORDEKUy9yU1kwczB5c1hPVXJXSVJDRmFRTEVsMmtNN1N5VUJxMEtwN1VFdTVFYkF2MDlMYStZUDNzaVBIU3BhdkIwbApUaFNF

TXRhRHUrS1RtY2RXK3hZMS9Ncm56MW5XZ3JCL2g0bldTK3Qwb012NGJLSHVIbTNQZlQ5NmU5TElrckZUCktvUXh1Z21zNFYxRjhqbEkwV0lkSG

1sdVQ4R2tsV0xabWJFcTl4bWorTGZ0RXpmOXBYTG9ESkluUHBnZFZuM08KS0w5VTZ1TitjU3gvTC8rc0Fkb2tHZnJoZXJlNXBVMmhGUU5zeVlJ

ZUVBb3h6WDNaSGZ6U1lXMmtRaTl4ZjRudwpOUnRyZFo1UElnNnRzWVUxSUdIdGRrV055V3o2MEI5bThrWnRJY29IdlViTVBzbE50MVlNVFoyQ0

UxUUtNT3Q2CkJtOWhXeDB1dC85cHp2OGs5OWZxVVE0UGVzR0dMNFh6MGZrcVZzQ2htVCs2RUtPL3VES0pmR0FZNGMrYWdYZloKTnZ6djZNdXZW

eE5FK2sxSmE0UDlsVnNzUnU2NFZnd0sxTjRtRjF6eFNhRzg3VDFLKzhmamFDT3UxRlhGUkpjcApPaGVhS3dkTW12Q0VpZzBETFpIQVRDTWQxTz

R5d0RaS29LenJmT0R2Z3RzQVlXTmRqNjZXenpuMDAyalhDMkVSClM4NUpYTGNENHVLcDJNODQ5MXlBbm9WczcvVW5XSzhUVEpBY3RTUS8ybkx1

T1prY0VLOUMxeFhNN2dxbER4UTcKK1dYZUVYQU11UC9TdlBxckFyS1hHQk9yNjdSblpDKzhiK0N5NlhVQk5vd0FIMHpLVmtCWU90WWJ2S3A5cU

FSLwpPa2NDdGY4YW1BUHpPQlorKzgwTjlsRnV6VjlZSzdxQjhqVm5PMVFuMFlxcE41YlVLT0hYUzF2TWVYK3krdWw3Cmd1a29YWXBXKzV5NSta

R3BGNFNRWjkwWHUvemVXZEJVTFVrMms2dVhYWXVzOExlNnhSbTRDdldPRklmUW83MnIKL0xFeFFpMSszRGtUS2dweWFXSUhqTWRnbzVXcUlCd

WhQMUdWTHNpa0ZqSmFSdHRkTjg1UEhnZkdpaDM3MG9jWQpiaTdzLzdMTHAzTC94Q2dWckNaUHhML1R0QnkwVHJ6K1Z6elpzREg3WU5WWE9RQ29hNUdRWjBEbEZTVGFFSE91Cmdldi9QbkYwVG9Tc0g0VTBCMlNFRndPUUJKLysydzhnOWE3RGF5QlJONjNZSUR6cjA5Zk56OHZ0cHpTZURjUDUKSnJUdWRKWWVjTndGYmpqdEpHcy9xM2pkeFp4engyUTdWelFNTW5yNWVWdUk2T0dsMjJtVU9hbnUzNU5nTU1NYgpkaWtQZzlwNUFVa0Z0cUc4RG5MUFhjcXZQcEVXcmlXODZIMldleXMrZXBENG9EeEdIRzNUMnNzVjIwNlo2QVN2Cm8walNRM3NRSTBMT3hkVTVIRHcySjkyaFRvNW04UVBRWkJTM0M0Z3hybXFCbWlQbk55RnR5bjNlSXlFTWxaUTIKK3FXaUQ0WllJYVVzV3Q0ZkRZYjI1UlBxUm01RXdjM0d0a2tOcnN0UFY4SlNPTkdYQnJxZUt5NGNpYThKWUMzago4b0l4TXRyOU1PVDVFbGI5Ylc4N1JvWXNxWXUrelRSMk5vODE1Y1BYdzBVSCtaVGNuMHdpZ2RySHFsYzlYL0phCkdERkFYcTJUdG9DMzcwbk1FVG5PSFBHYWRlM1g0UVNscFJxTGFxckRxeWxjQ0ZmVWRSS3gzWE8xUjFTZENNT20KYzhFUjBMMm9rOFlxNVAxVDVLbWhPOFdNZFJWUDQ3M3JDaEtKUnJ3SCs4cUl3Y2hwQVpPOUR4bjdhKzdZUkQ5OQpBOTBrS1JLTGdSbzVkZmNsOW1FdUtRT05xYThQTlVKYjFaMXpWRDNDeEY2NURlalM2QU1WQ2U2MWJzVjNnR2JwCjY0S2F5UU5LL2w0S1hxK3ZoeTMxTFNTYjRsQVhqVExZdmxhUmlrSlNDMTB3Uk9iU05tRFZZZnVPdFNuK1R5YUUKcW1WdFZSYk11U2JpMzBsNk5UbFREZWxRZHEyeXBqMUhsUWluRitQRytXbWtjRmY4Y3dIRXJWbUpIQXdXQmYwMgpEN3VWRzF0UnJSbDBTVlA2YlRUODdYc0I2Nk05Y1N4N2RjUms0S25GMFE9PQotLS0tLUVORCBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQo=",

   "keyPassword": "test"

   "isPrivateKey": "true",

}

You can then reference it by name if you create or update a communication profile. If you already have a key, you can reference it using its alias. You do not need to use the privateKeyContent, publicKeyContent and keyPassword fields.

PUT api/v2/products/id/communicationprofiles

{

  "name": "sftp2",

    "type": "SERVER",

    "protocol": "SFTP",

    "enabled": true,

    "networkZone": "Private",

    "clientAuthentication": "PUBLIC_KEY",

    "fipsEnabled": false,

    "keyAlias": "cris3.pem",

    "hasPrivateKey": true,

    "hosts": [

      "qaf-cg-db-2.lab.buch.axway.int"

    ],

    "port": 2323

  }

Optionally, you can specify just the public key for the SSH key pair when creating a new private key.

POST /api/v2/products/id/sshkeys

{

     "name": "private_ssh_key_with_public_part",      

     "keyContent": "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUlGSERCT0Jna3Foa2lHOXcwQkJRMHdRVEFwQmdrcWhraUc5dzBCQlF3

d0hBUUlLdVZmMERvS0N2OENBZ2dBCk1Bd0dDQ3FHU0liM0RRSUpCUUF3RkFZSUtvWklodmNOQXdjRUNMS0NkTkVMSW1QdkJJSUV5S0JuUS82bnpZeFYKdWhGS1o5L0hB

V3FIVnZ1UTNaRlhubDVBZmhWdkUwa3pHTVdLb2J1K2pBZWg5WGZKVFNlMThsWVF3SDV1ZjMzUQpvcUx5ZkowTkZlMzZWVWpsdDcyR0VGSlVscjQrejNJS1

djbURONVZGbFljaG5EZkk2TEJUd2xTdVgrUVZiVi8yCm0xRGt6YmppNC9lWUpNOGR3RkFtZmtPdU9XV0NWa09JL2sxR1NwcWo5amVvUUdCbUJjL0NSNXg3

Z2kzQnB3U1EKZGo5L0k0aFEzLzFDczVxVzJuWUpIc2xJWkVkVFMzMFVSNWRNRWRlT1hhMWZseGNaODUvcTA3dFJ6cFB2dDc3dApMUEJKdEhtRGt5cDBZbX

duOFdoRkZvMVZKVi9nZ3JVZ0Qzb0JDbHFlM1h2WDdLOXp3U0NoMllNOERHdk0xTS9mCk5qZGM3RkVoQ1dHaUw0TXhzbHBwOUVCMnRNdFQ1MGl4R21mTVRp

OTR1eERnczFIUkJnZzBtUDV2NmdrcXdnRTgKeHBrcGtnUzZMNVFUVVVMaEZwVEQ3L3g5K2J3K0N1d2pTSGVEWlNvdXFQNzYyZ3hTRG1WZWtrZGNmOVJQe

UlCawpJWjlROEdmOVR0S1NNdjRxV2FXckdMSXpWNGFSbU51WHVjOFN6QzQ5SllqR3pDNnFkRHpWWVNrbHJIK2V3YXJOCktnbzlJaDNFSW1LVDlaYldNSG

tvdDRxNmJrTDVURFl0aCtpLytOR2pQcmp2WHJLdjk4KzhZNWt1R0F2akplNzIKQ3ZZY2tyL293Mng4UXNTRDJjSzU1amlraGFwRnNuYnE4cmI3ODFNQzV

OUXBWWFdEaWVhb2dQcnhNdUFJdm8vRgprQ2M5M0RLQWUxK25JeTd3UG5tRGRvM0hmeWYwMjlObzg0dGNOaEdNaEprNUQrb0Y2SlRFd1NJenQrZzhSWUpu

CmRaV3ByTkN1TkEyMW1ZV3lrbndvSG1uZDU2T2FQMU9sNUxPdGNodUVtbEdGVERqcHZGaHR6YVN1b2xBZU8rWi8KS3hxOXNDTmtaNTZIaW93NG9VWUNXe

lZhSHBNU3kxZmsvYnNHMHFBT1NXWmtyMis4TXZZd0dRQmZSeG1CVnZOTQphN2JDTnhaSnE4M0tRb0N0TCtQeFNlUEhmdG00YlhDaGlzYlFxbGhUR25ad1

VWSGlRNDNka2xRUWdSVlJIQVlDCmlKVEoxNFk0TFVFT1Bidlpaa093TDBIUWlsWExBVFVPbURrRGtGa3l3ZkNqS0lIZG44ZU13VGdUMHJvQjVZSEIKNEl

YTVcwVnp6djhGaFZFdkxrMmlvTlFVajFvMEVuZm5zTEJLa0lSSldPTGx0R25MTmRNN25WRGdFSm0vb0RlUwpkZlpBQU5rNXlZREJNMmh3c2hBMGxpaTk3

dWY2UUpaT1FMc3NkVWFUQ0ZqeWdQSzhVeHZ5Nm5yY1VDME9Tbk8xCktqelV6ZCtJZG01WDdJQWFMN09IRGtxSThvUkFPL2RUYVlYNVhYaVgvbWluTFBMb

nJPTmVYdVdQWG9VZnZTRGcKdHcraE5FL2k0eTFObk5RbFNhUWc0Y0xkaUdKZHRMVGhjbHJibjVFam1nYVVXbXBNT0pSeGwwWlNvZHVPai9lQwpLd2wzY2

Z1NXJnUkd4bHBpSzQwdXcwRmR3NVBhWmdyYWZseVBINjBYaUhBWE8yMG1OYXFwUVc4RTdFalM1by82ClROZjFyZzdESXFOVi9sZ1I5NG5XNEphTzhnWTJ

VcmdNYi91Sm9OdWtKRUJ0emZXRDVxRkRRSDNJVWphekc5NTcKZ25yb3ovckptaXJieFJuTEx3ZkM0QVQ4Vm1Ba0RjcGQ5TDk4bFhsY0pTMXNqT3BCZXRk

WFFHN3VvTStQcEdkNApaY09wK2dOcUxJb3ROWklOVXpSK09aQXpzTk56UW56L3V0REFLd21DMUFTaE9vSFJHWEgxVVd1M2VkVFM0azJZCmhTOUYzMFFSW

U5nMGdSMUxZZk5Scm1RSVQxbG1jaTVXSXhKdkdIM05aaldwRk5JMWF4UUp1cHZxYktPZk5GbUEKdGRFemhlSU9VQVlKeG0rUWgzd0ZFOUFaZlZPN0RoN

FF5OXdQNWY4OEE1VXhqc2lhM21hNFkxKzRpNDlTK0tTcgpwU3lDam10dUlyaEJoZlkxME1xc0N3PT0KLS0tLS1FTkQgRU5DUllQVEVEIFBSSVZBVEUgS

0VZLS0tLS0K",

     "keyPassword":"test",

     "publicKeyContent": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF3NnMxYi9SM3ZPRi9wcDB

nclZUUgpJbGJ6QzhRemJjTzdscVNoN0F2a1pJaTJMNnRhL2hSTnJnazR0dGZYR2hiRDNBT3lhaXN2Z3dGNHk0Skx5L0JYCmFta0FSaER1RkI2UERtZVIxM

ytXT3lrUEhMNDBEdzFKZ0kyRnJKdGpyeVY2ZVk2L2JldUhMMTYzQjZMaUo4QSsKK0Zra1NMWS9wY0ZrK1NsRUVlcnVTNThQTG5tRTE4VERqaEVUT3IrdUZ

4RkFlQzlQL2RMYjNONHZXUkZHellrSwpzYXB4ZXNuQTZURUxnQ1VRR2xXVjN0VCtHVnpmMC9pTUUzUHROOW50YTJBZEt1OGZacmwrd2Yxd3NvUmpVeTM3C

kJoSytDa095c0JhN2NDVVFtMTJVOUQyUlMrRlEwMEgwYnpJWTlBRW15T1V6dGM1dTl5NlBhUmNJbVJGa3FjeTcKWXdJREFRQUIKLS0tLS1FTkQgUFVCTE

lDIEtFWS0tLS0tCg==",

     "isPrivateKey": "true"

}

Replace an SSH key for a partner or product

You can use a dedicated resource to replace an SSH key. However, for SSH keys that are imported at registration, you can only update the publicKeyContent of the SSH key (hasPrivateKey is set to False).

In the example below, the partner {{partnerID-FC}} contains a communication profile with an SSH key server_sftp_1.pem that you want to replace with the SSH key contents from server_sftp_2.pem.

Retrieve the business id of the SSH key to be replaced:

GET /api/v2/partners/{{ID-partnerFC}}/sshkeys

In update mode, you can replace the corresponding credential key with a public one. This will allow the update of keys imported at registration time like the admind for ST

PUT /api/v2/partners/{{ID-partnerFC}}/sshkeys/name=server_sftp_1.pem

{

"businessId": "ff7ea510-2d66-4b0a-a3b3-11f4581d9e7e",

"name": "server_sftp_1.pem",

"keyContent": "<server_sftp_2.pem encrypted Base64>",

"isPrivateKey": false

}

Note To obtain the contents of the new SSH key, in the UI temporarily create a server communication profile with this SSH key for the partner, and then perform a GET to retrieve the partner keys.

 

Central Governance | Document Directory

Related Links