Renew Token Set

Prev Next

Available in Classic and VPC

Recreate a token set (access token and refresh token).

Caution
  • Recreating a token set does not automatically discard existing token sets.
  • The token possesses all the permissions of the key held by the user who requested its creation.
  • Token generators do not manage the tokens they generate, so they can't be destroyed individually. Therefore, it is crucial to take extra precautions to prevent token leakage.

Request

This section describes the request format. The method and URI are as follows:

Method URI
PUT /keys/{keyTag}/token-set

Request headers

For information about the headers common to all Key Management Service APIs, see Key Management Service request headers.

Request path parameters

You can use the following path parameters with your request:

Field Type Required Description
keyTag String Required Key tag
  • Unique identifier for the key derived from the key name
  • Check through Get key list
  • Use to request encryption or decryption with REST APIs
  • Key tags are not treated as confidential information

Request body

You can include the following data in the body of your request:

Field Type Required Description
accessTokenHours Integer or String Optional Access token validity time (hour)
  • 1-17520 (default: 72)
  • UL: Enter for unlimited.
refreshTokenHours Integer/String Optional Refresh token validity time (hour)
  • 1-17520 (default: 2160)
  • UL: Enter for unlimited.

Request example

The request example is as follows:

curl --location --request PUT 'https://ocapi.ncloud.com/kms/v1/keys/a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6/token-set' \
--header 'x-ncp-ocapi-token: {Refresh Token}' \
--data '{
  "accessTokenHours": 72,
  "refreshTokenHours": 2160
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field Type Required Description
code String - Success or Failure
data Object - Response result
data.refreshToken String - JSON Web Token (JWT) type refresh token recreated
data.accessToken String - JSON Web Token (JWT) type access token recreated

Response status codes

For information about the HTTP status codes common to all Key Management Service APIs, see Key Management Service response status codes.

Response example

The response example is as follows:

{
  "code": "SUCCESS",
  "data": {
    "refreshToken": "{JWT_REFRESH_TOKEN}",
    "accessToken": "{JWT_ACCESS_TOKEN}"
  }
}