Product Documentation

The following request body is sent during the getuserkeys web service call:

  • URL: https://<FQDN>:<PORT>/skfs/rest/getuserkeys
  • HTTP Method: POST

  • FIDO2_0 request body:
    {
      "svcinfo": {
        "did": 1,
        "protocol": "FIDO2_0",
        "authtype": "PASSWORD",
        "svcusername": "fidoadminuser",
        "svcpassword": "Abcd1234!"
      },
      "payload": {
         "usernames": ["testuser2.strongkey.com","testuser"]
      }
    }
    

 

svcinfo Description

Value

Explanation

did

Unique identifier for a cryptographic domain in SKFS. Unless you are using a StrongKey Tellaro appliance, this defaults to 1.

protocol

The FIDO protocol to be used in this request (FIDO2_0).

authtype

The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication.

svcusername

The username of the service credential requesting this web service.

svcpassword

The password of the service credential requesting this web service.

     When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials under [ SKFS ⇒ Administration ⇒ Security ] for details).

 

payload Description

Value

Explanation

usernames

The array contains the list of usernames for which the registered keys should be fetched