Help Center/ Data Encryption Workshop/ API Reference/ APIs/ Key Pair Management APIs/ Key Pair Management/ Creating and Importing an SSH Key Pair
Updated on 2025-09-15 GMT+08:00
View PDF

Creating and Importing an SSH Key Pair

Function

Creating and Importing an SSH Key Pair

Calling Method

For details, see Calling APIs.

URI

POST /v3/{project_id}/keypairs

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token.

Can be obtained by calling the IAM API for obtaining the user token (the value of X-Subject-Token in the response header).
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

keypair

Yes

CreateKeypairAction object

Parameter in the request body for creating a key pair
Table 4 CreateKeypairAction

Parameter

Mandatory

Type

Description

name

Yes

String

SSH key pair name.

  • The key pair name must be unique.

  • The SSH key pair name can contain at most 255 characters, including letters, digits, underscores (_), and hyphens (-).

type

No

String

SSH key pair type. The value can be ssh or x509.

public_key

No

String

String of an imported public key

scope

No

String

Tenant-level or user-level. The value can be domain or user.

user_id

No

String

User that an SSH key pair belongs to

key_protection

No

KeyProtection object

Private key hosting and protection for the SSH key pair.
Table 5 KeyProtection

Parameter

Mandatory

Type

Description

private_key

No

String

Private key of the imported SSH key pair.

encryption

Yes

Encryption object

How a private key is encrypted and stored.
Table 6 Encryption

Parameter

Mandatory

Type

Description

type

Yes

String

Value options:

- default: The default encryption mode. Applicable to sites where KMS is not deployed.

- kms: KMS encryption mode.

If the KMS service is not available at the site, set this parameter to default.

kms_key_name

No

String

KMS key name.

  • If type is set to kms, you must enter the KMS key name or ID.

kms_key_id

No

String

KMS key ID.

  • If type is set to kms, you must enter the KMS key name or ID.

Response Parameters

Status code: 200

Table 7 Response body parameters

Parameter

Type

Description

keypair

CreateKeypairResp object

SSH key pair details
Table 8 CreateKeypairResp

Parameter

Type

Description

name

String

SSH key pair name

type

String

SSH key pair type. The value can be ssh or x509.

public_key

String

Public key information about an SSH key pair

private_key

String

Private key information about an SSH key pair.

- When an SSH key pair is created, the response contains private_key information.

- When an SSH key pair is imported, the response does not contain private_key information.

fingerprint

String

Fingerprint information about an SSH key pair

user_id

String

User that an SSH key pair belongs to

Status code: 400

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error Codes

error_msg

String

Description

Example Requests

{
  "keypair" : {
    "name" : "demo2"
  }
}

Example Responses

Status code: 200

Request succeeded.

{
  "keypair" : {
    "name" : "demo",
    "type" : "ssh",
    "public_key" : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQAB...",
    "private_key" : "-----BEGIN RSA PRIVATE KEY-----...",
    "fingerprint" : "49:ef:73:2b:9b:7f:2e:0c:58:d3:e3:42:8e:28:04:3b",
    "user_id" : "e4f380899b1248918f3d37098dc63746"
  }
}

Status code: 400

Error response

{
  "error_code" : "KPS.XXX",
  "error_msg" : "XXX"
}

Status Codes

Status Code

Description

200

Request succeeded.

400

Error response

Error Codes

See Error Codes.

Parent Topic: Key Pair Management