{"id":26778,"date":"2025-09-02T03:29:38","date_gmt":"2025-09-02T10:29:38","guid":{"rendered":"https:\/\/www.expressplay.com\/?page_id=26778"},"modified":"2025-09-02T03:29:38","modified_gmt":"2025-09-02T10:29:38","slug":"skm-api-examples-and-cookbook","status":"publish","type":"page","link":"https:\/\/www.expressplay.com\/es\/skm-api-documentation\/skm-api-examples-and-cookbook\/","title":{"rendered":"SKM API Examples and Cookbook"},"content":{"rendered":"

Create a new Key, with a server-assigned value and KID<\/strong><\/h2>\n

 <\/p>\n

POST an empty body, or a body with an empty {} JSON Object. The server will create a new random key and assign it a new random KID.<\/p>\n

Because the server only stores encrypted keys, the kek parameter is required
\n 
\nRequest<\/strong><\/p>\n

POST \/keys?kek=000102030405060708090a0b0c0d0e0f HTTP\/1.1<\/code><\/p>\n

 <\/p>\n

Response<\/strong><\/p>\n

HTTP\/1.1 201 Created
\nContent-Type: application\/json
\nLocation: \/keys\/4e2df6b45e8257e187b2802b22ae7418
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n\"k\": \"a9b9033df0b9ca5447839e3d074817a0\",
\n\"ek\": \"5dbd06c0056b42fe0b8cf406679620c31bd619732730433d\",
\n\"kekId\": \"#1.afe008a381bdac03b412a92d54b92ddf\"
\n<\/span>}
\n<\/code><\/p>\n

 <\/p>\n

Get a key by KID, with server auto-creation of the key if it does not exist<\/strong><\/h2>\n

 
\nPOST a body with a partial JSON Key Object, including a kid field. If a Key Object with that KID already exists on the server, that object is returned, with an HTTP 200 response code. If no such Key Object already exists, a new one is created, with a new random key value.
\n
\nBecause the server only stores encrypted keys, the kek parameter is required
\n 
\nRequest<\/strong><\/p>\n

POST \/keys?kek=000102030405060708090a0b0c0d0e0f HTTP\/1.1
\nContent-Type: application\/json
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n<\/span>}
\n<\/code><\/p>\n

 <\/p>\n

Response if no key with that KID exists on the server<\/strong><\/p>\n

HTTP\/1.1 201 Created
\nContent-Type: application\/json
\nLocation: \/keys\/4e2df6b45e8257e187b2802b22ae7418
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n\"k\": \"a9b9033df0b9ca5447839e3d074817a0\",
\n\"ek\": \"5dbd06c0056b42fe0b8cf406679620c31bd619732730433d\",
\n\"kekId\": \"#1.afe008a381bdac03b412a92d54b92ddf\"
\n<\/span>}
\n<\/code><\/p>\n

 <\/p>\n

Response if a key with that KID already exists on the server<\/strong><\/p>\n

HTTP\/1.1 200 OK
\nContent-Type: application\/json
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n\"k\": \"a9b9033df0b9ca5447839e3d074817a0\",
\n\"ek\": \"5dbd06c0056b42fe0b8cf406679620c31bd619732730433d\",
\n\"kekId\": \"#1.afe008a381bdac03b412a92d54b92ddf\"
\n<\/span>}
\n<\/code><\/p>\n

 <\/p>\n

Using KIDs generated from strings<\/strong><\/h2>\n

 
\nIn some cases, it may be useful to have KIDs that correspond to a well-defined scheme, so that they can follow a pattern instead of being randomly generated.
\n
\nFor example, let\u2019s say we are deploying a system with live TV channels for streaming. Each channel must be encrypted with a different key, and the keys must change every day. Instead of picking a random KID for each channel for each day, a simpler approach is to use a pattern where we assign a key name to each channel\/day. We can represent the channel by its name and the day by the string YYYY.MM.DD. For example, the key name for channel CNN on December 18 2014 would be: CNN.2014.12.18
\n
\nWe can now use the ^string KID syntax instead of using hex KID representations. To obtain the key for Channel CNN for December 18 2014, we would get:<\/p>\n

 <\/p>\n

GET \/keys\/^CNN.2014.12.18<\/p><\/blockquote>\n

or, if we want the server to auto-create the key if it doesn\u2019t already exist:
\n <\/p>\n

POST \/keys<\/p><\/blockquote>\n

\nContent-Type: application\/json
\n
\n{\"kid\": \"^CNN.2014.12.18\"
\n<\/span>}
\n<\/code>
\nThis is much more convenient than having to remember a different random KID for each day for each channel.<\/p>\n

 <\/p>\n

Wrapping keys client-side<\/strong><\/h2>\n

 
\nSometimes it may be desirable to perform key wrapping\/unwrapping on the client side, instead of passing a KEK (Key Encryption Key) and ask the server to do it. For instance, the client may want to use a specific cryptographic random number generator, or may not want to pass a KEK to the server. This, of course, requires the client to be able to perform the proper AES Key Wrap cryptographic operations. To keep the wrapping\/unwrapping entirely client-side, simply ommit the kek query parameter in requests and supply the ek value when creating the key.<\/p>\n

 <\/p>\n

Request<\/strong><\/p>\n

POST \/keys HTTP\/1.1
\nContent-Type: application\/json
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n\"ek\": \"5dbd06c0056b42fe0b8cf406679620c31bd619732730433d\",
\n\"kekId\": \"my-kek-id-1234\"
\n<\/span>}
\n<\/code><\/p>\n

 <\/p>\n

Response<\/strong><\/p>\n

HTTP\/1.1 201 Created
\nContent-Type: application\/json
\nLocation: \/keys\/4e2df6b45e8257e187b2802b22ae7418
\n
\n{\"kid\": \"4e2df6b45e8257e187b2802b22ae7418\",
\n\"ek\": \"5dbd06c0056b42fe0b8cf406679620c31bd619732730433d\",
\n\"kekId\": \"my-kek-id-1234\"
\n<\/span>}
\n<\/code><\/p>","protected":false},"excerpt":{"rendered":"

Create a new Key, with a server-assigned value and KID   POST an empty body, or a body with an empty {} JSON Object. The server will create a new random key and assign it a new random KID. Because the server only stores encrypted keys, the kek parameter is required   Request POST \/keys?kek=000102030405060708090a0b0c0d0e0f […]<\/p>\n","protected":false},"author":131,"featured_media":0,"parent":26777,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-skm-api-documentation.php","meta":{"_acf_changed":false,"footnotes":""},"tax_page_type":[],"coauthors":[638],"class_list":["post-26778","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/pages\/26778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/users\/131"}],"replies":[{"embeddable":true,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/comments?post=26778"}],"version-history":[{"count":0,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/pages\/26778\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/pages\/26777"}],"wp:attachment":[{"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/media?parent=26778"}],"wp:term":[{"taxonomy":"tax_page_type","embeddable":true,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/tax_page_type?post=26778"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.expressplay.com\/es\/wp-json\/wp\/v2\/coauthors?post=26778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}