Skip to main content
POST
/
api
/
v1
/
kms
/
keys
cURL
curl --request POST \
  --url https://us.infisical.com/api/v1/kms/keys \
  --header 'Content-Type: application/json' \
  --data '{
  "projectId": "<string>",
  "name": "<string>",
  "description": "<string>",
  "keyUsage": "encrypt-decrypt",
  "encryptionAlgorithm": "aes-256-gcm"
}'
{
  "key": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "description": "<string>",
    "isDisabled": false,
    "orgId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "name": "<string>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "projectId": "<string>",
    "keyUsage": "encrypt-decrypt",
    "kmipMetadata": "<any>",
    "version": 1,
    "encryptionAlgorithm": "<string>"
  }
}

Body

application/json
projectId
string
required
name
string
required
Required string length: 1 - 32
description
string
Maximum length: 500
keyUsage
enum<string>
default:encrypt-decrypt
Available options:
encrypt-decrypt,
sign-verify
encryptionAlgorithm
enum<string>
default:aes-256-gcm
Available options:
aes-256-gcm,
aes-128-gcm,
RSA_4096,
ECC_NIST_P256

Response

key
object
required