Vault V2 Keys API Reference
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/key/generate' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Generate key
Generate a symmetric or asymmetric key.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/key/rotate' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Rotate key
Manually rotate a symmetric or asymmetric key. Optionally, provide new key value(s) created using the same algorithm as the original key.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/encrypt' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Encrypt
Encrypt a message using a key created for encryption purposes.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/decrypt' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Decrypt
Decrypt a message using the same key that was used for encryption.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/encrypt_structured' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Encrypt structured data
Encrypt structured data by selecting and encrypting parts of a JSON object using a JSONPath expression.
For example, use a JSONPath like $.batch_input[*].ssn
to select elements in the following JSON document:
{
"batch_input": [
{
"ssn": "123-45-6789"
},
{
"ssn": "987-65-4321"
}
]
}
Using this filter for encryption will return a JSON document where 123-45-6789
and 987-65-4321
are replaced with their encrypted values.
Find additional details in the Structured Data Encryption and JSON Path documentation.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/decrypt_structured' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Decrypt structured
Decrypt structured data by selecting encrypted parts of a JSON object using a JSONPath expression.
For example, use a JSONPath like $.batch_input[*].ssn
to select encrypted elements in the following JSON document:
{
"batch_input": [
{
"ssn": "CwAAAIfgVg2uv98KIMhAS17DQfznWEA8yXTqLvZFaXDafQIu"
},
{
"ssn": "CwAAADIqwKdF8LQc9SlAFvyf+G4wvsCgurmuVIWad9Ip5tl2"
}
]
}
Using this filter for decryption will return a JSON document with the encrypted values replaced by their decrypted counterparts.
Find additional details in the Structured Data Encryption and JSON Path documentation.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/encrypt_transform' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Encrypt using FPE
Encrypt using a Format Preserving Encryption (FPE) algorithm.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/decrypt_transform' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Decrypt using FPE
Decrypt using a Format Preserving Encryption (FPE) algorithm.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/encrypt_transform_structured' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Encrypt structured data using FPE
Encrypt structured data using a Format Preserving Encryption (FPE) algorithm by selecting and encrypting parts of a JSON object with a JSONPath expression.
For example, use a JSONPath like $.batch_input[*].ssn
to select elements in the following JSON document:
{
"batch_input": [
{
"ssn": "123-45-6789"
},
{
"ssn": "987-65-4321"
}
]
}
Using this filter for encryption will return a JSON document where 123-45-6789
and 987-65-4321
are replaced with their FPE-encrypted values.
Find additional information in the Format Preserving Encryption (FPE), Structured Data Encryption, and JSON Path documentation.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/decrypt_transform_structured' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Decrypt structured data using FPE
Decrypt structured data by selecting FPE-encrypted parts of a JSON object using a JSONPath expression.
For example, use a JSONPath like $.batch_input[*].ssn
to select FPE-encrypted elements in the following JSON document:
{
"batch_input": [
{
"ssn": "987-65-4321"
},
{
"ssn": "123-45-6789"
}
]
}
Using this filter for decryption will return a JSON document with the FPE-encrypted values replaced by their decrypted counterparts.
Find additional information in the Format Preserving Encryption (FPE), Structured Data Encryption, and JSON Path documentation.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/sign' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Sign
Sign a message using a key for creating and verifying cryptographic signatures.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/verify' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Verify signature
Verify a signature using a key for creating and verifying cryptographic signatures.
curl -sSLX POST 'https://vault.aws.us.pangea.cloud/v2/key/store' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Store key
Import and store a symmetric or asymmetric key as a Vault item.
Was this article helpful?