POST
Decrypt an Encrypted Data Encryption Key (DEK)

Authorizations

Authorization
string
header
required

A token sent in the Authorization header.

This can be one of two types:

  1. A short-lived JWT obtained from the /auth endpoint.
  2. A long-lived, static API Key provided during setup.

In both cases, the header format is Authorization: Bearer <token>.

Headers

x-request-id
string<uuid>
required

A unique identifier for this specific API call, generated by the client (Samvaad).

x-trace-id
string<uuid>

An identifier to trace a single request across multiple services.

x-request-timestamp
string<date-time>
required

The ISO 8601 timestamp of when the client sent the request.

Body

application/json

The request containing the key alias and the encrypted key data.

data
object
required

The request payload to decrypt a key.

Response

The DEK was successfully decrypted.

data
object
required

The response payload containing the decrypted key.