Skip to main content
Version: 1.7.0

HMAC SHA256 - Create a new key share (before secret share import)

GET 

/hmac-sha256/create

notice

This API endpoint part of the Exchange API Vault. Please contact the Sodot team for access.

authorization

This API endpoint requires an API Key with at least one of the following Roles: KeysManager

Setup a new HMAC-SHA256 key share (before importing the full HMAC key) for the authenticated user.

All parties must call this function before calling import/import-secret-share. The returned keygen_id must be sent through an authenticated communication channel to all other devices we wish to share the HMAC key with. Once we have the keygen_id-s of all parties, then /hmac-sha256/import/import-secret-share can be called with the same key_id as was given here.

Unlike ECDSA and similar algorithms, HMAC does not involve a 'keygen' process. Instead, the user must import a pre-split secret share to these parties.

Request

Query Parameters

    key_name stringnull

Header Parameters

    AUTHORIZATION stringrequired

    The AUTHORIZATION header must be set to the API Key of the user. The API Key is returned when a new user is created using the /admin/create-user endpoint.

Responses

Schema

    key_idstringrequired
    key_namestring | nullnullable
    keygen_idstringrequired