Skip to main content
POST
https://{tenantDomain}/api/v2
/
keys
/
encryption
C#
using Auth0.ManagementApi;
using System.Threading.Tasks;
using Auth0.ManagementApi.Keys;

public partial class Examples
{
    public async Task Example() {
        var client = new ManagementClient(
            token: "<token>"
        );

        await client.Keys.Encryption.CreateAsync(
            new CreateEncryptionKeyRequestContent {
                Type = CreateEncryptionKeyType.CustomerProvidedRootKey
            }
        );
    }

}
package example

import (
context "context"

management "github.com/auth0/go-auth0/management/management"
client "github.com/auth0/go-auth0/management/management/client"
keys "github.com/auth0/go-auth0/management/management/keys"
option "github.com/auth0/go-auth0/management/management/option"
)

func do() {
client := client.NewClient(
option.WithToken(
"<token>",
),
)
request := &keys.CreateEncryptionKeyRequestContent{
Type: management.CreateEncryptionKeyTypeCustomerProvidedRootKey,
}
client.Keys.Encryption.Create(
context.TODO(),
request,
)
}
package com.example.usage;

import com.auth0.client.mgmt.ManagementApi;
import com.auth0.client.mgmt.resources.keys.encryption.requests.CreateEncryptionKeyRequestContent;
import com.auth0.client.mgmt.types.CreateEncryptionKeyType;

public class Example {
public static void main(String[] args) {
ManagementApi client = ManagementApi
.builder()
.token("<token>")
.build();

client.keys().encryption().create(
CreateEncryptionKeyRequestContent
.builder()
.type(CreateEncryptionKeyType.CUSTOMER_PROVIDED_ROOT_KEY)
.build()
);
}
}
<?php

namespace Example;

use Auth0\SDK\API\Management\Management;
use Auth0\SDK\API\Management\Keys\Encryption\Requests\CreateEncryptionKeyRequestContent;
use Auth0\SDK\API\Management\Types\CreateEncryptionKeyType;

$client = new Management(
token: '<token>',
);
$client->keys->encryption->create(
new CreateEncryptionKeyRequestContent([
'type' => CreateEncryptionKeyType::CustomerProvidedRootKey->value,
]),
);
from auth0.management import ManagementClient

client = ManagementClient(
token="<token>",
)

client.keys.encryption.create(
type="customer-provided-root-key",
)
require "auth0"

client = Auth0::Management.new(token: "<token>")

client.keys.encryption.create(type: "customer-provided-root-key")
import { ManagementClient } from "auth0";

async function main() {
const client = new ManagementClient({
token: "<token>",
});
await client.keys.encryption.create({
type: "customer-provided-root-key",
});
}
main();
import { ManagementClient } from "auth0";

async function main() {
const client = new ManagementClient({
token: "<token>",
});
await client.keys.encryption.create({
type: "customer-provided-root-key",
});
}
main();
curl --request POST \
--url https://{tenantDomain}/api/v2/keys/encryption \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{}'
{
  "kid": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "parent_kid": "<string>",
  "public_key": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

type
enum<string>
required

Type of the encryption key to be created.

Available options:
customer-provided-root-key,
tenant-encryption-key

Response

The key was successfully created.

Encryption key

kid
string
required

Key ID

type
enum<string>
required

Key type

Available options:
customer-provided-root-key,
environment-root-key,
tenant-master-key,
tenant-encryption-key
state
enum<string>
required

Key state

Available options:
pre-activation,
active,
deactivated,
destroyed
created_at
string<date-time>
required

Key creation timestamp

updated_at
string<date-time>
required

Key update timestamp

parent_kid
string | null

ID of parent wrapping key

public_key
string | null

Public key in PEM format