Get Key Info

Available in Classic and VPC

Get key details.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
GET	/keys/{keyTag}

Request headers

For information about the headers common to all Key Management Service APIs, see the account authentication method in Key Management Service request headers.

Request path parameters

You can use the following path parameters with your request:

Field	Type	Required	Description
`keyTag`	String	Required	Key tag Unique identifier for the key derived from the key name Check through Get key list. Use to request encryption or decryption with REST APIs. Key tags are not treated as confidential information.

Request example

The request example is as follows:

curl --location --request GET 'https://ocapi.ncloud.com/kms/v1/keys/a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`code`	String	-	Success or Failure
`data`	Object	-	Response result
`data.keyId`	Integer	-	Key identifier
`data.keyTag`	String	-	Key tag Unique identifier for the key derived from the key name Use to request encryption or decryption with REST APIs. Key tags are not treated as confidential information.
`data.keyName`	String	-	A unique name for the key specified upon creation Key names are not treated as confidential information.
`data.nrn`	String	-	Resource identifier used by NAVER Cloud Platform NRNs are not treated as confidential information.
`data.baseUrl`	String	-	API call domain (endpoint) by key boundary
`data.keyType`	String	-	Key type See Create Key.
`data.status`	String	-	Key status `ENABLE` \| `DISABLE` \| `REVOKE` `ENABLE`: available `DISABLE`: disabled `REVOKE`: pending deletion See Manage key status for more information on the key status.
`data.keystoreId`	Integer	-	Logical keystore identifier assigned to the user
`data.currentVersion`	Integer	-	Current key version The latest version of the key is displayed.
`data.protectionType`	String	-	Key storage method `BASIC` \| `COMMON_HSM` `BASIC`: Store encrypted on internal storage. `COMMON_HSM`: Store on HSM (Hardware Security Module).
`data.memo`	String	-	Key notes Additional information and descriptions of the key entered upon creation
`data.isConvergent`	Boolean	-	Whether to set convergent encryption `true` \| `false` `true`: set `false`: not set
`data.isAutoRotation`	Boolean	-	Whether to enable key auto-rotation `true` \| `false` `true`: set (enable) `false`: not set (disable)
`data.rotationPeriod`	Integer	-	Automatic key rotation cycle (day)
`data.nextRotationDate`	Long	-	Next scheduled rotation date and time (millisecond) Unix timestamp format
`data.registerDate`	Long	-	Key creation date and time (millisecond) Unix timestamp format
`data.destroyDate`	Long	-	Scheduled key deletion date and time (millisecond) Unix timestamp format Included only in keys in the Pending deletion status

Response status codes

For information about the HTTP status codes common to all Key Management Service APIs, see Key Management Service response status codes.

Response example

The response example is as follows:

{
    "code": "SUCCESS",
    "data": {
        "keyId": 12345,
        "keyTag": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5r6",
        "keyName": "{KEY_NAME}",
        "nrn": "nrn:PUB:KMS::7891:Key/000-12345",
        "keyType": "AES256",
        "status": "ENABLE",
        "keystoreId": 1234,
        "currentVersion": 1,
        "protectionType": "BASIC",
        "memo": "{KEY_DESCRIPTION}",
        "isConvergent": true,
        "isAutoRotation": true,
        "rotationPeriod": 90,
        "nextRotationDate": 1741156631314,
        "registerDate": 1733380631000,
        "baseUrl": "https://ocapi.ncloud.com"
    }
}