Key Creation

Below you find an example call to create a key in AWS KMS and associate it with a wallet managed by the Wallet API.

The only thing that is important to note for the creation, that our system is only compatible with the following Key types offered by the AWS KMS:

  • RSA , SECP256R1, SECP256K1
CURL

Endpoint: /keys/generate | API Reference

Example Request

curl -X 'POST' \
  'https://wallet.walt.id/wallet-api/wallet/f01f8f55-d098-4c53-b47b-c97552829b39/keys/generate' \
  -H 'accept: */*' \
  -H 'Content-Type: application/json' \
  -d '{
  "backend": "aws",
  "config": {
    "region": "eu-central-1",
    "accessKeyId": "accessKeyId",
    "secretKey": "secretKeyId",
  },
  "keyType": "secp256r1"
}'

Body

{
  "backend": "aws",
  "config": {
    "region": "eu-central-1",
    "accessKeyId": "accessKeyId",
    "secretKey": "secretKeyId"
  },
  "keyType": "secp256r1"
}

Body Parameters

  • backend: String - The location where the key is stored. In our case aws as we want to store it in aws's kms.
  • config
    • region: String - The region where the key is stored.
    • accessKeyId: String - The access key id for the AWS account.
    • secretKey: String - The secret key for the AWS account.
  • keyType: String - the algorithm used to generate the key. For AWS only RSA and secp256r1 and secp256k1 is possible.

Example Response

The API will respond with the ID of the key. This ID is the internal reference and can be used in operations such as DID create or key delete.

Kki22j4lUwo1gtDfdvdCgOE0hhKcNHgIZSzSxU0CugE
Hashicorp VaultOverview