The deleteAnsiX9241Key (DLK) operation is used to delete an ANSI key previously stored on the appliance. The DLK web service operation requires five parameters:
DID |
The unique encryption domain identifier. |
username |
The username (service credential) within the encryption domain with the authorization to call this web service. The user requires the Key Management Administrator privilege and Deletion privilege to execute this operation. |
password |
The password of the username to authenticate the credential of the requester. |
bankid |
An optional bank identifier used to identify this ANSI key. Currently only used for logging purposes. |
KeyToken |
The token that references the ANSI key to be deleted. |
When SAKA receives the request, it verifies the credentials presented against its internal database—or an optional LDAP directory server—and determines their authorization to request the DLK service by verifying if they are a member of the KMCAuthorized and DeletionAuthorized groups. If using LDAP, this group and its members must be created in the LDAP directory as a distinct task of the SAKA installation process; when using the internal database on the SAKA, this group is created automatically.
If the requester is authorized, SAKA locates the key identified by the KeyToken parameter. Once identified, the record is deleted from the appliance's database. The following values will be returned, either as a JSON or XML string; in the case of SOAP, the JSON or XML string is embedded in the objectContent attribute of the CCReturnObject object:
DID |
The unique encryption domain identifier for the domain that serviced this request. |
SRID |
A unique request identifier for this transaction. |
BankID |
The bank ID used in this request. |
KeyToken |
The token reference deleted by this request. |