Lists keyproviders registered for the tenant

Facts

Rate limit Tier 1 (1000 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses

200

application/json

Successfully retrieved list of key providers

  • errorsarray of objects
    Show errors properties
    • arnstring
      Required

      The provider resource notation for the key.

    • namestring
      Required

      Name of key provider entry.

    • currentboolean

      Indicates whether the key is being used to encrypt/decrypt secrets.

    • tenantIdstring

      Tenant ID.

    • createdAtstring

      When key entry was created.

    • descriptionstring

      Description of key provider entry.

    • keyProviderstring

      Key Provider type.

      Can be one of: "AWS-KMS"

    • multiRegionboolean

      Indicates whether the key has multi-region configurations and has replica key in qcs secondary region.

    • replicaKeysarray of objects
      Show replicaKeys properties
      • arnstring

        Replica key keeps list of backup keys from the supported qcs secondary region.

      • regionstring

        Region indicates the backup qcs-region link to the primary region.

    • arnFingerPrintstring

      The ARN fingerprint.

    • promotedToCurrentAtstring

      When the key was promoted to being the current active one.

    • demotedFromCurrentAtstring

      When the key was demoted from being current to non active.

400

application/json

Bad Request

  • errorsarray of objects
    Required
    Show errors properties
    • codestring
      Required

      The error code.

    • metaobject

      Additional error object metadata.

    • titlestring
      Required

      Description of the error.

    • detailstring

      Extra information about the error.

417

application/json

Failed to load key providers from the registry

  • errorsarray of objects
    Required
GET /v1/encryption/keyproviders
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders',
    'method': 'GET',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

[
  {
    "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
    "name": "test name",
    "current": true,
    "description": "test description",
    "drCompliant": true,
    "keyprovider": "AWS-KMS",
    "multiRegion": true,
    "replicaKeys": [
      {
        "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
        "region": "eu-west-3"
      }
    ],
    "complianceError": {
      "code": "",
      "region": "",
      "message": ""
    }
  }
]

Registers a multi-region AWS-KMS key for the specific tenant

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Request Body

application/json

  • arnstring
    Required

    The provider resource notation for the key.

  • namestring
    Required

    Name of key provider entry.

  • descriptionstring

    Description of key provider entry.

  • keyProviderstring

    Key Provider type.

    Can be one of: "AWS-KMS"

Responses

201

application/json

Successfully registered the AWS-KMS key

  • arnstring
    Required

    The provider resource notation for the key.

  • namestring
    Required

    Name of key provider entry.

  • currentboolean

    Indicates whether the key is being used to encrypt/decrypt secrets.

  • tenantIdstring

    Tenant ID.

  • createdAtstring

    When key entry was created.

  • descriptionstring

    Description of key provider entry.

  • keyProviderstring

    Key Provider type.

    Can be one of: "AWS-KMS"

  • multiRegionboolean

    Indicates whether the key has multi-region configurations and has replica key in qcs secondary region.

  • replicaKeysarray of objects
    Show replicaKeys properties
    • arnstring

      Replica key keeps list of backup keys from the supported qcs secondary region.

    • regionstring

      Region indicates the backup qcs-region link to the primary region.

  • arnFingerPrintstring

    The ARN fingerprint.

  • promotedToCurrentAtstring

    When the key was promoted to being the current active one.

  • demotedFromCurrentAtstring

    When the key was demoted from being current to non active.

400

application/json

Bad Request

  • errorsarray of objects
    Required

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

403

application/json

Provided AWS-KMS key access forbidden. Check if key policy allows access from Qlik Cloud.

  • errorsarray of objects
    Required

406

application/json

Failed to register key

  • errorsarray of objects
    Required

408

application/json

Failed to return a response within the timeout window. The key provider (QlikVault, AWS-KMS) might be unavailable.

  • errorsarray of objects
    Required

409

application/json

The specified key is already registered

  • errorsarray of objects
    Required

417

application/json

Failed to validate AWS-KMS ARN structure

  • errorsarray of objects
    Required
POST /v1/encryption/keyproviders
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders" \
-X POST \
-H "Content-type: application/json" \
-H "Authorization: Bearer <API-key>" \
-d '{"arn":"arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456","name":"test name","current":false,"description":"test description","drCompliant":true,"keyprovider":"AWS-KMS","multiRegion":true,"replicaKeys":[{"arn":"arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456","region":"eu-west-3"}],"complianceError":[{"code":"","region":"","message":""}]}'
const https = require('https')
  const data = JSON.stringify({"arn":"arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456","name":"test name","current":false,"description":"test description","drCompliant":true,"keyprovider":"AWS-KMS","multiRegion":true,"replicaKeys":[{"arn":"arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456","region":"eu-west-3"}],"complianceError":[{"code":"","region":"","message":""}]})
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders',
    'method': 'POST',
    'headers': {
      'Content-type': 'application/json',
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  req.write(data)
  
This API is not included yet in qlik-cli

Request

{
  "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
  "name": "test name",
  "current": false,
  "description": "test description",
  "drCompliant": true,
  "keyprovider": "AWS-KMS",
  "multiRegion": true,
  "replicaKeys": [
    {
      "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
      "region": "eu-west-3"
    }
  ],
  "complianceError": [
    {
      "code": "",
      "region": "",
      "message": ""
    }
  ]
}

Response

{
  "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
  "name": "test name",
  "current": false,
  "description": "test description",
  "drCompliant": true,
  "keyprovider": "AWS-KMS",
  "multiRegion": true,
  "replicaKeys": [
    {
      "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
      "region": "eu-west-3"
    }
  ],
  "complianceError": [
    {
      "code": "",
      "region": "",
      "message": ""
    }
  ]
}

Retrieves key for a given fingerprint

Facts

Rate limit Tier 1 (1000 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters

  • arnFingerPrintstring
    Required

    The fingerprint of the requested provider key.

Responses

200

application/json

Successfully fetched key provider information

  • arnstring
    Required

    The provider resource notation for the key.

  • namestring
    Required

    Name of key provider entry.

  • currentboolean

    Indicates whether the key is being used to encrypt/decrypt secrets.

  • tenantIdstring

    Tenant ID.

  • createdAtstring

    When key entry was created.

  • descriptionstring

    Description of key provider entry.

  • keyProviderstring

    Key Provider type.

    Can be one of: "AWS-KMS"

  • multiRegionboolean

    Indicates whether the key has multi-region configurations and has replica key in qcs secondary region.

  • replicaKeysarray of objects
    Show replicaKeys properties
    • arnstring

      Replica key keeps list of backup keys from the supported qcs secondary region.

    • regionstring

      Region indicates the backup qcs-region link to the primary region.

  • arnFingerPrintstring

    The ARN fingerprint.

  • promotedToCurrentAtstring

    When the key was promoted to being the current active one.

  • demotedFromCurrentAtstring

    When the key was demoted from being current to non active.

400

application/json

Bad Request

  • errorsarray of objects
    Required

404

application/json

No entry match for the fingerprint was found

  • errorsarray of objects
    Required

414

application/json

Requested fingerprint length is too large

  • errorsarray of objects
    Required
GET /v1/encryption/keyproviders/{arnFingerPrint}
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/{arnFingerPrint}" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/{arnFingerPrint}',
    'method': 'GET',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
  "name": "test name",
  "current": false,
  "description": "test description",
  "drCompliant": true,
  "keyprovider": "AWS-KMS",
  "multiRegion": true,
  "replicaKeys": [
    {
      "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
      "region": "eu-west-3"
    }
  ],
  "complianceError": [
    {
      "code": "",
      "region": "",
      "message": ""
    }
  ]
}

Patches Name & Description of keyprovider information

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters

  • arnFingerPrintstring
    Required

    The fingerprint of an existing keyprovider key.

Request Body

Required

application/json

A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.

  • opstring
    Required

    The operation to be performed.

    Can be one of: "replace"

  • pathstring
    Required

    The property path.

  • valuestring
    Required

    The value to be used for this operation.

Responses

204

Successfully patched key provider information

400

application/json

Failed to decode key provider patch request payload

  • errorsarray of objects
    Required

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

404

application/json

No entry match for the fingerprint was found

  • errorsarray of objects
    Required

417

application/json

Failed to patch key provider information

  • errorsarray of objects
    Required
PATCH /v1/encryption/keyproviders/{arnFingerPrint}
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/{arnFingerPrint}" \
-X PATCH \
-H "Content-type: application/json" \
-H "Authorization: Bearer <API-key>" \
-d '[{"op":"replace","path":"/name","value":"New Encryption Key"}]'
const https = require('https')
  const data = JSON.stringify([{"op":"replace","path":"/name","value":"New Encryption Key"}])
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/{arnFingerPrint}',
    'method': 'PATCH',
    'headers': {
      'Content-type': 'application/json',
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  req.write(data)
  
This API is not included yet in qlik-cli

Request

[
  {
    "op": "replace",
    "path": "/name",
    "value": "New Encryption Key"
  }
]

Deletes the key information

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters

  • arnFingerPrintstring
    Required

    The fingerprint of the requested provider key.

Responses

204

application/json

Successfully deleted key

  • responsestring

    Successful response message.

400

application/json

Bad Request

  • errorsarray of objects
    Required

404

application/json

No entry match for the fingerprint was found

  • errorsarray of objects
    Required

417

application/json

Failed to delete keyprovider information

  • errorsarray of objects
    Required

424

application/json

The requested key is being used and cannot be deleted

  • errorsarray of objects
    Required
DELETE /v1/encryption/keyproviders/{arnFingerPrint}
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/{arnFingerPrint}" \
-X DELETE \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/{arnFingerPrint}',
    'method': 'DELETE',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "message": "Keyprovider metadata deleted successfully"
}

Migrates existing cipherkeys from current key provider to requested key provider.

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters

  • arnFingerPrintstring
    Required

    The fingerprint of an existing key provider key.

Responses

200

application/json

Successfully initiated cipherkeys migration

  • idstring

    Migration operation ID.

  • statestring

    Migration operation state.

    Can be one of: "New""InProgress""Completed"

  • progressnumber

    Progress in percentage.

  • tenantIdstring

    Tenant ID.

  • completedAtstring
  • initiatedAtstring
  • migratingTostring

    The new key ARN that keys should be migrated to.

  • migratingFromstring

    The key ARN being migrated from (in case of QlikVault, could be a short name only).

  • migratingToPrefixstring

    The new key prefix (to help services know which prefix should NOT be migrated).

  • migratingToFingerprintstring

    The new key ARN fingerprint.

400

application/json

Bad Request

  • errorsarray of objects
    Required

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

404

application/json

No entry match for the fingerprint was found

  • errorsarray of objects
    Required

412

application/json

Failed to initiate migration

  • errorsarray of objects
    Required

424

application/json

Failed to prepare migration

  • errorsarray of objects
    Required

428

application/json

There is already an ongoing migration for the tenant

  • errorsarray of objects
    Required
POST /v1/encryption/keyproviders/{arnFingerPrint}/actions/migrate
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/{arnFingerPrint}/actions/migrate" \
-X POST \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/{arnFingerPrint}/actions/migrate',
    'method': 'POST',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "state": "New",
  "progress": 42,
  "tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "completedAt": "2018-10-30T07:06:22Z",
  "initiatedAt": "2018-10-30T07:06:22Z",
  "migratingTo": "string",
  "migratingFrom": "string",
  "migratingToPrefix": "string",
  "migratingToFingerprint": "string"
}

Validates AWS-KMS key access and usage

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters

  • arnFingerPrintstring
    Required

    The fingerprint of an existing keyprovider key.

Responses

201

application/json

Successfully validated key

  • arnstring
    Required

    The provider resource notation for the key.

  • namestring
    Required

    Name of key provider entry.

  • currentboolean

    Indicates whether the key is being used to encrypt/decrypt secrets.

  • tenantIdstring

    Tenant ID.

  • createdAtstring

    When key entry was created.

  • descriptionstring

    Description of key provider entry.

  • keyProviderstring

    Key Provider type.

    Can be one of: "AWS-KMS"

  • multiRegionboolean

    Indicates whether the key has multi-region configurations and has replica key in qcs secondary region.

  • replicaKeysarray of objects
    Show replicaKeys properties
    • arnstring

      Replica key keeps list of backup keys from the supported qcs secondary region.

    • regionstring

      Region indicates the backup qcs-region link to the primary region.

  • arnFingerPrintstring

    The ARN fingerprint.

  • promotedToCurrentAtstring

    When the key was promoted to being the current active one.

  • demotedFromCurrentAtstring

    When the key was demoted from being current to non active.

400

application/json

Bad Request

  • errorsarray of objects
    Required

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

404

application/json

No entry match for the fingerprint was found

  • errorsarray of objects
    Required

408

application/json

Failed to return a response within the timeout window. The key provider (QlikVault, AWS-KMS) might be unavailable.

  • errorsarray of objects
    Required
POST /v1/encryption/keyproviders/{arnFingerPrint}/actions/test
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/{arnFingerPrint}/actions/test" \
-X POST \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/{arnFingerPrint}/actions/test',
    'method': 'POST',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
  "name": "test name",
  "current": false,
  "description": "test description",
  "drCompliant": true,
  "keyprovider": "AWS-KMS",
  "multiRegion": true,
  "replicaKeys": [
    {
      "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
      "region": "eu-west-3"
    }
  ],
  "complianceError": [
    {
      "code": "",
      "region": "",
      "message": ""
    }
  ]
}

Lists keyproviders registered for the tenant [Qlik, AWS-KMS]

Facts

Rate limit Tier 1 (1000 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses

200

application/json

Successfully retrieved list of key providers

  • errorsarray of objects

400

application/json

Bad Request

  • errorsarray of objects
    Required

417

application/json

Failed to load key providers from the registry

  • errorsarray of objects
    Required
GET /v1/encryption/keyproviders/actions/list
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/actions/list" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/actions/list',
    'method': 'GET',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

[
  {
    "arn": "#QLIK_MANAGED_KEY_PROVIDER#",
    "name": "Qlik Internal Kms",
    "tenantId": "ImTRa-bkJTD-NZRYjNBa_rDhwSVA6Qo8",
    "createdAt": "Qlik managed",
    "description": "Default key management service",
    "keyprovider": "Qlik",
    "arnFingerPrint": "ImTRa-bkJTD-NZRYjNBa_rDhwSVA6Qo8",
    "promotedToCurrentAt": "2023-06-21T18:45:57Z",
    "demotedFromCurrentAt": "0001-01-01T00:00:00Z"
  },
  {
    "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
    "name": "CMK - 01",
    "tenantId": "ImTRa-bkJTD-NZRYjNBa_rDhwSVA6Qo8",
    "createdAt": "2023-06-21T18:43:49Z",
    "drCompliant": true,
    "keyprovider": "AWS-KMS",
    "multiRegion": true,
    "replicaKeys": [
      {
        "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-1237c011a37erft67ei987c7612q456",
        "region": "eu-west-3"
      }
    ],
    "arnFingerPrint": "9f352c5a9c1618485051892cb57467e4",
    "complianceError": {
      "code": "",
      "region": "",
      "message": ""
    },
    "promotedToCurrentAt": "2023-06-21T18:43:54Z",
    "demotedFromCurrentAt": "2023-06-21T18:45:57Z"
  },
  {
    "arn": "arn:aws:kms:eu-west-1:111222334455:key/mrk-2678f8123w236c3123469387dc2ce561",
    "name": "CMK - 02",
    "current": true,
    "tenantId": "ImTRa-bkJTD-NZRYjNBa_rDhwSVA6Qo8",
    "createdAt": "2023-06-21T18:59:17Z",
    "description": "CMK migration test",
    "drCompliant": false,
    "keyprovider": "AWS-KMS",
    "multiRegion": true,
    "replicaKeys": [
      {
        "arn": "arn:aws:kms:eu-west-3:111222334455:key/mrk-2678f8123w236c3123469387dc2ce561",
        "region": "eu-west-3"
      }
    ],
    "arnFingerPrint": "12342c83b25f9e36543bca28f69e4210",
    "complianceError": {
      "code": "Encryption-88",
      "region": "eu-west-3",
      "message": "The policy of the provided key does not allow the required action [eu-west-3] [GenerateDataKey]."
    },
    "promotedToCurrentAt": "2023-06-21T18:59:18Z",
    "demotedFromCurrentAt": "0001-01-01T00:00:00Z"
  }
]

Resets tenant key provider to Qlik managed provider

Facts

Rate limit Tier 2 (100 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses

205

application/json

Successfully initiated key migration to Qlik managed provider

  • idstring

    Migration operation ID.

  • statestring

    Migration operation state.

    Can be one of: "New""InProgress""Completed"

  • progressnumber

    Progress in percentage.

  • tenantIdstring

    Tenant ID.

  • completedAtstring
  • initiatedAtstring
  • migratingTostring

    The new key ARN that keys should be migrated to.

  • migratingFromstring

    The key ARN being migrated from (in case of QlikVault, could be a short name only).

  • migratingToPrefixstring

    The new key prefix (to help services know which prefix should NOT be migrated).

  • migratingToFingerprintstring

    The new key ARN fingerprint.

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

406

application/json

There is already an ongoing migration in progress for the tenant

  • errorsarray of objects
    Required

412

application/json

Failed to initiate migration to Qlik managed provider

  • errorsarray of objects
    Required

424

application/json

Tenant is already using Qlik Managed provider

  • errorsarray of objects
    Required
POST /v1/encryption/keyproviders/actions/reset-to-default-provider
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/actions/reset-to-default-provider" \
-X POST \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/actions/reset-to-default-provider',
    'method': 'POST',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "state": "New",
  "progress": 42,
  "tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "completedAt": "2018-10-30T07:06:22Z",
  "initiatedAt": "2018-10-30T07:06:22Z",
  "migratingTo": "string",
  "migratingFrom": "string",
  "migratingToPrefix": "string",
  "migratingToFingerprint": "string"
}

Gets ongoing migration details

Facts

Rate limit Tier 1 (1000 requests per minute)
Categories externalmanage

Header Parameters

  • Authorizationstring
    Required

    The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses

200

application/json

Successfully fetched migration information

  • idstring

    Migration operation ID.

  • statestring

    Migration operation state.

    Can be one of: "New""InProgress""Completed"

  • progressnumber

    Progress in percentage.

  • tenantIdstring

    Tenant ID.

  • completedAtstring
  • initiatedAtstring
  • migratingTostring

    The new key ARN that keys should be migrated to.

  • migratingFromstring

    The key ARN being migrated from (in case of QlikVault, could be a short name only).

  • migratingToPrefixstring

    The new key prefix (to help services know which prefix should NOT be migrated).

  • migratingToFingerprintstring

    The new key ARN fingerprint.

400

application/json

Bad Request

  • errorsarray of objects
    Required

401

application/json

Unauthorized, Invalid JWT

  • errorsarray of objects
    Required

404

application/json

There is no ongoing migration for this tenant

  • errorsarray of objects
    Required

417

application/json

Failed to get ongoing migration information

  • errorsarray of objects
    Required
GET /v1/encryption/keyproviders/migration/actions/details
curl "https://your-tenant.us.qlikcloud.com/api/v1/encryption/keyproviders/migration/actions/details" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/encryption/keyproviders/migration/actions/details',
    'method': 'GET',
    'headers': {
      'Authorization': 'Bearer <API-key>'
    }
  }
  const req = https.request(options)
  
This API is not included yet in qlik-cli

Response

{
  "id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "state": "New",
  "progress": 42,
  "tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
  "completedAt": "2018-10-30T07:06:22Z",
  "initiatedAt": "2018-10-30T07:06:22Z",
  "migratingTo": "string",
  "migratingFrom": "string",
  "migratingToPrefix": "string",
  "migratingToFingerprint": "string"
}