Join us for Google Workspace Developer Summit on October 8th and 9th in Sunnyvale, CA and October 21st and 22nd in Paris, France. Register today to connect with other developers and get a preview of the latest features and updates.

Method: digest

  • This API call takes a wrapped Data Encryption Key (DEK) and returns a base64 encoded resource key hash.

  • The request body requires an authorization token, a reason for the operation, and the wrapped key.

  • A successful response provides the resource key hash, while failures return a structured error reply.

  • The digest endpoint is used for this operation within the Key Access Control List Service (KACLS).

  • See the provided links for more details on authorization tokens, resource key hash, wrap API, rewrap API and structured errors.

This call takes a Data Encryption Key (DEK) wrapped with the wrap API, and returns the base64 encoded resource key hash.

See also: rewrap

HTTP request

POST https://KACLS_URL/digest

Replace KACLS_URL with the Key Access Control List Service (KACLS) URL.

Path parameters

None.

Request body

The request body contains data with the following structure:

JSON representation 
{
 "authorization": string,
 "reason": string,
 "wrapped_key": string
}
Fields
authorization

string

A JWT asserting that the user is allowed to unwrap a key for resource_name. See authorization tokens.
reason

string (UTF-8)

A passthrough JSON string providing additional context about the operation. The JSON provided should be sanitized before being displayed. Max size: 1 KB.
wrapped_key

string

The base64 binary object returned by wrap.

Response body

If successful, this method returns a base64 encoded resource key hash.

If the operation fails, a structured error reply should be returned.

JSON representation 
{
 "resource_key_hash": string
}
Fields
resource_key_hash

string

base64 encoded binary object. See resource key hash.

Example

Request

POSThttps://mykacls.example.com/v1/digest
{
"wrapped_key":"7qTh6Mp+svVwYPlnZMyuj8WHTrM59wl/UI50jo61Qt/QubZ9tfsUc1sD62xdg3zgxC9quV4r+y7AkbfIDhbmxGqP64pWbZgFzOkP0JcSn+1xm/CB2E5IknKsAbwbYREGpiHM3nzZu+eLnvlfbzvTnJuJwBpLoPYQcnPvcgm+5gU1j1BjUaNKS/uDn7VbVm7hjbKA3wkniORC2TU2MiHElutnfrEVZ8wQfrCEpuWkOXs98H8QxUK4pBM2ea1xxGj7vREAZZg1x/Ci/E77gHxymnZ/ekhUIih6Pwu75jf+dvKcMnpmdLpwAVlE1G4dNginhFVyV/199llf9jmHasQQuaMFzQ9UMWGjA1Hg2KsaD9e3EL74A5fLkKc2EEmBD5v/aP+1RRZ3ISbTOXvxqYIFCdSFSCfPbUhkc9I2nHS0obEH7Q7KiuagoDqV0cTNXWfCGJ1DtIlGQ9IA6mPDAjX8Lg==",
"authorization":"eyJhbGciOi...",
"reason":"{client:'drive' op:'read'}"
}

Response

{
"resource_key_hash":"qClT153ghqBOLPpdMsc4S4n6okPrRaLPBYT0zRcn+go="
}

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024年11月14日 UTC.