Retiring a Grant
Function
Description: This API is used to retire a grant. After a grant is retired, the grantee no longer has the permission to perform operations on the granted key. For example, user A grants user B the permission to operate on key A, and grants user C the permission to revoke the grant. In this case, users A, B, and C can all retire the grant. After the grant is retired, user B can no longer use the key A.
Note: The following users can retire a grant:
User who created the grant.
Users specified by retiring_principal.
Users specified by grantee_principal in a grant list that contains retire-grant.
URI
POST /v1.0/{project_id}/kms/retire-grant
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API that is used for obtaining a user token. The value of X-Subject-Token in the response header is the user token. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
key_id |
Yes |
String |
Key ID. It should be 36 bytes and match the regular expression ^[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12}$. Example: 0d0466b0-e727-4d9c-b35d-f84bb474a37f |
grant_id |
Yes |
String |
Grant ID, which contains 64 bytes and matches the regular expression ^[A-Fa-f0-9]{64}$. Example: 7c9a3286af4fcca5f0a385ad13e1d21a50e27b6dbcab50f37f30f93b8939827d |
sequence |
No |
String |
36-byte sequence number of a request message. Example: 919c82d4-8046-4722-9094-35c3c6524cff |
Response Parameters
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 404
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 502
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Status code: 504
Parameter |
Type |
Description |
---|---|---|
error |
Object |
Error message. |
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code returned for an error request. |
error_msg |
String |
Error information returned for an error request. |
Example Requests
{ "key_id" : "0d0466b0-e727-4d9c-b35d-f84bb474a37f", "grant_id" : "7c9a3286af4fcca5f0a385ad13e1d21a50e27b6dbcab50f37f30f93b8939827d" }
Example Responses
None
Status Codes
Status Code |
Description |
---|---|
200 |
Request processing succeeded. |
400 |
Invalid request parameters. |
401 |
You must enter a username and password to access the requested page. |
403 |
Authentication failed. |
404 |
The requested resource does not exist or is not found. |
500 |
Internal service error. |
502 |
Failed to complete the request. The server received an invalid response. |
504 |
Gateway timed out. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot