Decrypts a secret
For connections, the secrets are encrypted in json form. When creating connections in an automated fashion, secrets have to be first converted into the proper representation. This endpoint can be used to obtain the representation of a secret of an existing connection.
Authorization
bearerAuth The bearer token used is the session token that you receive from the handshake exchange.
In: header
Request Body
application/json
The internal encrypted representation of the secret
Response Body
application/json
application/json
application/json
curl -X POST "http://localhost:21721/secret/decrypt" \ -H "Content-Type: application/json" \ -d '{ "encrypted": { "encryptedToken": { "token": "lX6JOtL-mKbuUBR4nYdhJsv3RzrXm+f+JLLKpkSAfg==" }, "secret": { "encryptedValue": "VR1brTq1-i3p5fLcz5O58tmbnmDjRKL5IOmSkFaQag==", "type": "locked" } } }'{
"decrypted": "123"
}{
"message": "string"
}{
"error": {
"cause": {},
"stackTrace": [],
"suppressed": [],
"localizedMessage": "string",
"message": "string"
}
}Establish session POST
Prior to sending requests to the API, you first have to establish a new API session via the handshake endpoint. In the response you will receive a session token that you can use to authenticate during this session. This is done so that the daemon knows what kind of clients are connected and can manage individual capabilities for clients. If your client is running on the same system as the daemon, you can choose the local authentication method to avoid having to deal with API keys. If your client does not have file system access, e.g. if it is running remotely, then you have to use an API key. Note that for development you can also turn off the required authentication in the XPipe settings menu, allowing you to send unauthenticated requests. Certain connection IDs are hardcoded, e.g. the ID of the local machine connection. This makes it easier to perform actions on it across systems. The local machine connection ID is "f0ec68aa-63f5-405c-b178-9a4454556d6b". This one will be used in many of these samples.
Encrypts a secret POST
For connections, the secrets are encrypted in json form. When creating connections in an automated fashion, secrets have to be first converted into the proper representation. To obtain the representation of a secret of an existing connection, use the decrypt endpoint. The secret encryption method depends on your vault setup. Without any vault user and passphrase, the secret will be encrypted with a generic vault key. If you have a vault user and custom passphrase set up, the secret will be encrypted with your passphrase key.