Encrypt blob

post

/api/pvlt/1.0/data/collections/{collection}/encrypt/blob

Creates ciphertext for the value of a BLOB type property.

Receives a query parameter, prop, containing the name of a BLOB type property, and raw bytes (not a JSON object) in the request body. The ciphertext is returned in the response body as raw bytes (application/octet-stream`).

See Encrypt for more information about the encryption process and request parameters.

Request

Path parameters

• collection - string required*

  The name of a collection.

  Match pattern: ^[a-zA-Z][a-zA-Z0-9_]*$Max length: 40Example: "customers"

Query parameters

• expiration_secs - string

  Encrypted object expiration time in seconds. If not set, the default expiration time is used. See the PVAULT_EXPIRATION_TOKENS variable. If set to an empty value, the encrypted ciphertext blob does not expire.

  Match pattern: ^[0-9]*$
• adhoc_reason - string

  An ad-hoc reason for accessing the Vault data. Required when reason is set to Other.

• reason - string required*

  Details of the reason for requesting the property. The default is set when no access reason is provided and PVAULT_SERVICE_FORCE_ACCESS_REASON is false.

  Allowed values: AppFunctionality, Analytics, Notifications, Marketing, ThirdPartyMarketing, FraudPreventionSecurityAndCompliance, AccountManagement, Maintenance, DataSubjectRequest, Other
• custom_audit - string

  Custom audit information to be included in the audit log.

• reload_cache - boolean

  Reloads the cache before the action.

• prop - string required*

  The name of a property.

  Match pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$Max length: 40Example: "first_name"
• type - string

  The type of the encryption:

  • randomized - generates a different randomized unpredictable, non-repeating ciphertext each time.
  • deterministic - generates the ciphertext deterministically based on the collection name, input object, and scope. Defaults to randomized if not set.

  Default: randomizedAllowed values: randomized, deterministic
• scope - string

  A classification for the encrypted object that is added to the ciphertext as associated data (AAD). An object encrypted with a scope can be decrypted only with the same scope.

  Default: default
• tags - string

  Comma-separated list of tags to attach to the metadata of the encrypted object. The maximum number of allowed tags is defined by the PVAULT_DB_MAX_TOKEN_TAGS environment variable (default 10). Tags are not supported for the deterministic encryption type.

  Max length: 256

Request body

Details of the encryption request.

application/octet-stream

string required*

Format: binary

Example

string

Possible responses

200

The request is successful.

application/octet-stream

string required*

Format: binary

Example

string

400

The request is invalid.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1001",
  "message": "The access reason is missing.",
  "context": {
    "reason": null
  }
}

401

Authentication credentials are incorrect or missing.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1005",
  "message": "The request is unauthorized.",
  "context": {}
}

403

The caller doesn't have the required access rights.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1007",
  "message": "The operation is forbidden due to missing capabilities.",
  "context": {
    "username": "WebServer"
  }
}

404

The collection or properties aren't found, or property values are invalid.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "objectid": "credit_cadr",
  "error_code": "PV3003",
  "message": "One or more values are invalid."
}

405

The operation is not allowed.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1026",
  "message": "The operation is not allowed in in-memory mode.",
  "context": {}
}

409

A conflict occurs.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV3218",
  "message": "Concurrent conflicting updates to the same object.",
  "context": {}
}

410

Access to a resource that is no longer available occurs.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1033",
  "message": "The resource is gone.",
  "context": {}
}

500

An error occurs on the server.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1000",
  "message": "Something went wrong",
  "context": {}
}

503

The service is unavailable.

application/json

object required*

Additional properties: falseProperties:

• context - object required*

  The error context.

  Values of additional properties are strings

  Example

  {
    "objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
  }
• error_code - string required*

  The error code.

  Example: "PVxxxx"
• message - string required*

  The error message.

  Example: "The object is not found."
• error_url - string

  The URL to the error documentation.

  Example: "https://docs.piiano.com/api/error-codes#PV1005"

Example

{
  "error_code": "PV1009",
  "message": "The operation timed out on the server.",
  "context": {}
}

Try the API

Authorization

API key:

Path parameters

Collection*:

Query parameters

Expiration_secs:

Adhoc_reason:

Reason*:

Custom_audit:

Reload_cache:

Prop*:

Type:

Scope:

Tags:

Request body

Content-Type:

Navigate to the docs of your local Vault installation to try the API directly from there.

Code examples

Example