Key Service Management API
The Key Service Management API is mainly used to configure the behavior of the service.
The API is exposed by the Key Service.
OpenAPI Specificationβ
The API reference in the OpenAPI format can be found at this location: https://key-server-management.axprod.net/api/help
Authorizationβ
Only authorized users can make requests to the Management API. As a part of your Axinom DRM contract, Axinom provides you configuration data for your Key Service tenant, specifically:
- Key Service Management API URL, e.g. "https://key-server-management.axprod.net/api/"
- Tenant ID - a GUID, e.g.
c72d7f6a-c4b3-4141-b996-06c6266d5588
, used to uniquely identify your tenant - Management Key - a GUID, e.g.
8a276e90-6923-4bda-9f5e-8eddc9159a1e
The Management Key shall be passed to each Management API request inside the Authorization header:
Authorization: Basic base64("TenantID:ManagementKey")
In the example above, the header will be: Authorization: Basic YzcyZDdmNmEtYzRiMy00MTQxLWI5OTYtMDZjNjI2NmQ1NTg4OjhhMjc2ZTkwLTY5MjMtNGJkYS05ZjVlLThlZGRjOTE1OWExZQ==
It is not possible to recover the Management Key if itβs lost. It is possible to generate a new one by raising a ticket to Axinom Support (https://product-support.axinom.com).
Endpointsβ
The API exposes the following endpoints:
Content Keys Operationsβ
| Endpoint | Method | Description |
|---|---|---|
| /ContentKeys | POST | Creates a new content key |
| /ContentKeys | GET | Returns one or multiple content keys (only their metadata; not the real key value) |
| /ContentKeys | PUT | Updates the name of a content key |
| /ContentKeys | DELETE | Deletes a content key |
| /Import/ContentKeys | POST | Imports one or multiple content keys from a JSON array |
| /Export/ContentKeys | POST | Exports one or multiple content keys as a CPIX document |
Key Seeds Operationsβ
| Endpoint | Method | Description |
|---|---|---|
| /KeySeeds | POST | Creates a new Key Seed |
| /KeySeeds | GET | Returns one or multiple Key Seeds (only their metadata; not the real Key Seed value) |
| /KeySeeds | PUT | Updates the name of a Key Seed or makes it default |
| /KeySeeds | DELETE | Deletes a Key Seed |
| /Import/KeySeeds | POST | Imports one or multiple Key Seeds from a JSON array |
| /Export/KeySeeds | POST | Exports one or multiple Key Seeds as a PKSC document |
Other Operationsβ
| Endpoint | Method | Description |
|---|---|---|
| /Logs | GET | Returns one or multiple log entries |
Errorsβ
In case of an error, the service returns an HTTP status code following HTTP conventions.
Additionally, the service adds a human-readable explanation of the error in a custom HTTP header X-AxDRM-ErrorMessage.
If HTTP/1 is used the same error explanation is returned as HTTP ReasonPhrase.
We recommend that you rely on the X-AxDRM-ErrorMessage header because the ReasonPhrase is not supported by HTTP/2, and also some HTTP/1 client libraries do not support parsing the ReasonPhrase.
CORS clients, such as browsers, sometimes donβt have access to custom HTTP headers.
To enable such clients reading the informational headers, service adds Access-Control-Expose-Headers header to the response and explicitly enables reading of the "X-AxDrm-ErrorMessage" header.