Field | Value | Req/Default | Notes |
---|---|---|---|
id |
id | Auto-generated | Key's ID. Always starts with "jky_". Example: jky_0vRHaJyOFdkV3QVJpUJqJQ |
algo |
hs256 ,rs256 |
Required | Key's algorithm. |
expired |
boolean | Has this key been replaced? After a short time, key is deleted. | |
key |
string | Optional | The key; auto-generated if not provided. |
use |
sign |
Required | Key's use. |
Method | Permissions |
---|---|
List, Get, Create, Delete | admin_realm |
List all keys on the current realm.
Param | Value | Default | |
---|---|---|---|
after |
realm_id | ID of the last realm you've seen | |
max_results |
integer | 100 |
Range: 1-100 |
sort |
id |
id |
|
direction |
asc ,desc |
desc |
Status: 200
{ "more_results" : false,
"collection" : [
{ "id" : "jky_0vRHaJyOFdkV3QVJpUJqJQ",
"algo" : "hs256",
"expired" : false,
"key" : "jsk_m2y4UYnjRCXzuZVq57bJJSDoqOFMuQCFmLp4Nh9gcbk",
"realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
"use" : "sign"
}
]
}
[#<AuthRocket::JwtKey:0x3fde5d71d448>
id: "jky_0vRHaJyOFdkV3QVJpUJqJQ",
attribs: {
"algo"=>"hs256",
"expired"=>false,
"key"=>"jsk_m2y4UYnjRCXzuZVq57bJJSDoqOFMuQCFmLp4Nh9gcbk",
"realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
"use"=>"sign"
},
metadata: {
"more_results"=>false
}
]
Retrieve a specific key.
Status: 200
{ "id" : "jky_0vRHaJyOFdkV3QVJpUJqJQ",
"algo" : "hs256",
"expired" : false,
"key" : "jsk_m2y4UYnjRCXzuZVq57bJJSDoqOFMuQCFmLp4Nh9gcbk",
"realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
"use" : "sign"
}
#<AuthRocket::JwtKey:0x3fde5d71d448>
id: "jky_0vRHaJyOFdkV3QVJpUJqJQ",
attribs: {
"algo"=>"hs256",
"expired"=>false,
"key"=>"jsk_m2y4UYnjRCXzuZVq57bJJSDoqOFMuQCFmLp4Nh9gcbk",
"realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
"use"=>"sign"
}
Create a new key.
If key
is unspecified, will automatically generate a key.
POST /v1/jwt_keys
{ "jwt_key" :
{ "algo" : "hs256",
"use" : "sign"
}
}
key = AuthRocket::JwtKey.create(
algo: 'hs256',
use: 'sign'
)
Triggers a realm.updated
event.
Deletes a key.
By default, marks the key as expired and immediately quits using it for new tokens, but will continue to use it to verify existing tokens for a few hours.
To delete it immediately, use force=true
. This is useful if the key was compromised.
A replacement key will be automatically generated as soon as it’s needed, which in most cases will be very quickly. If you desire to create your own replacement key, it is recommended to create the new key first and then delete the old one.
Param | Value | Default | |
---|---|---|---|
force |
boolean | false |
Delete immediately instead of in a few hours |
DELETE /v1/jwt_keys/:key_id
DELETE /v1/jwt_keys/:key_id&force=true
key=AuthRocket::JwtKey.find 'jky_0vRHaJyOFdkV3QVJpUJqJQ'
key.delete
key.delete force: true
Triggers a realm.updated
event.
Questions? Find a Typo? Get in touch.