Skip to main content
POST
https://{tenantDomain}/api/v2
/
keys
/
encryption
Go
package example

import (
    context "context"

    management "github.com/auth0/go-auth0/management/management"
    client "github.com/auth0/go-auth0/management/management/client"
    keys "github.com/auth0/go-auth0/management/management/keys"
    option "github.com/auth0/go-auth0/management/management/option"
)

func do() {
    client := client.NewClient(
        option.WithToken(
            "<token>",
        ),
    )
    request := &keys.CreateEncryptionKeyRequestContent{
        Type: management.CreateEncryptionKeyTypeCustomerProvidedRootKey,
    }
    client.Keys.Encryption.Create(
        context.TODO(),
        request,
    )
}
import { ManagementClient } from "auth0";

async function main() {
const client = new ManagementClient({
token: "<token>",
});
await client.keys.encryption.create({
type: "customer-provided-root-key",
});
}
main();
import { ManagementClient } from "auth0";

async function main() {
const client = new ManagementClient({
token: "<token>",
});
await client.keys.encryption.create({
type: "customer-provided-root-key",
});
}
main();
curl --request POST \
--url https://{tenantDomain}/api/v2/keys/encryption \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{}'
import requests

url = "https://{tenantDomain}/api/v2/keys/encryption"

payload = {}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}/api/v2/keys/encryption",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([

]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
HttpResponse<String> response = Unirest.post("https://{tenantDomain}/api/v2/keys/encryption")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://{tenantDomain}/api/v2/keys/encryption")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{}"

response = http.request(request)
puts response.read_body
{
  "kid": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "parent_kid": "<string>",
  "public_key": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

type
enum<string>
required

Type of the encryption key to be created.

Available options:
customer-provided-root-key,
tenant-encryption-key

Response

The key was successfully created.

Encryption key

kid
string
required

Key ID

type
enum<string>
required

Key type

Available options:
customer-provided-root-key,
environment-root-key,
tenant-master-key,
tenant-encryption-key
state
enum<string>
required

Key state

Available options:
pre-activation,
active,
deactivated,
destroyed
created_at
string<date-time>
required

Key creation timestamp

updated_at
string<date-time>
required

Key update timestamp

parent_kid
string | null

ID of parent wrapping key

public_key
string | null

Public key in PEM format