Skip to main content

Create a public key for a service account

POST /organizations/{organization_id}/serviceaccounts/{serviceaccount_id}/publickeys

Creates a public key for the specified service account.

Parameters

Name Type In Required Description

organization_id

string

path

True

ID of the organization.

  • example: 666a3f38-d4fa-5b62-a391-a69029758d32

serviceaccount_id

string

path

True

ID of the service account.

  • example: 118df263-44d0-4154-8daa-ff61cb471557

Request Body

Indicates the desired values for the public key to be created.

Name Type Required Description

expirationTimestamp

string

False

The date and time when the public key expires. This is only applicable when an RSA key is provided for the public key. When a certificate is provided, the value is set to the certificate's expiration timestamp.

publicKey

string

True

Public X.509 certificate or RSA key in PEM format converted to a string with escaped new line characters (\n).

type

string

True

Media type of the resource. Defined values are:

  • "application/vnd.netapp.bxp.publickey"

version

string

True

Version of the resource. Defined values are:

  • "1.0"

Example request
{
  "expirationTimestamp": "2026-06-24T16:25:08Z",
  "publicKey": "-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0B...\\n-----END PUBLIC KEY-----\\n",
  "type": "application/vnd.netapp.bxp.publickey",
  "version": "1.0"
}

Response

Status: 201, Returns information about the newly created public key in the JSON response body.
Name Type Required Description

audience

string

True

The value that must be included in the 'audience' claim of the private key JWT token.

expirationTimestamp

string

True

The date and time when the public key expires.

fingerprint

string

True

The SHA-1 fingerprint of the public X.509 certificate or RSA key that was provided for the public key.

id

string

True

Globally unique identifier of the resource conforming to the UUIDv4 schema.

keyType

string

True

Type of the public key. Defined values are:

  • "X509_CERTIFICATE" - The public key is an X.509 certificate.

  • "RSA_KEY" - The public key is an RSA key.

metadata

type_bxp_metadata

True

Metadata associated with the resource.

state

string

True

The state of the public key. Defined values are:

  • "ENABLED" - The public key is enabled.

  • "DISABLED" - The public key is disabled.

type

string

True

Media type of the resource. Defined values are:

  • "application/vnd.netapp.bxp.publickey"

version

string

True

Version of the resource. Defined values are:

  • "1.0"

Example response
{
  "audience": "https://netapp-cloud-account.auth0.com/",
  "expirationTimestamp": "2026-06-24T16:25:08Z",
  "fingerprint": "33:0E:66:6A:D0:89:EA:78:10:7D:5A:35:FF:C5:51:E9:3A:CB:47:A8",
  "id": "4336388b-2992-43af-81de-ba9284b7dc36",
  "keyType": "RSA_KEY",
  "metadata": {
    "createdBy": "8f84cf09-8036-51e4-b579-bd30cb07b269",
    "creationTimestamp": "2025-06-24T16:25:08Z",
    "modificationTimestamp": "2025-06-24T16:25:08Z",
    "modifiedBy": "8f84cf09-8036-51e4-b579-bd30cb07b269"
  },
  "state": "ENABLED",
  "type": "application/vnd.netapp.bxp.publickey+json",
  "version": "1.0"
}

Error

Status: 400, Bad request
Name Type Required Description

correlationId

string

False

Internal UUID representing the request or trace ID related.

detail

string

False

Details about the problem.

invalidParams

array[invalidParams]

False

List of invalid parameters.

status

string

True

HTTP error code related to the problem.

title

string

True

Title description of the problem.

type

string

True

Content-type of the object.

Example error response
{
  "detail": "The supplied query parameters are invalid.",
  "status": "400",
  "title": "Invalid query parameters",
  "type": "https://bluexp.netapp.io/problems/1"
}

Error

Status: 401, Unauthorized
Name Type Required Description

correlationId

string

False

Internal UUID representing the request or trace ID related.

detail

string

False

Details about the problem.

invalidParams

array[invalidParams]

False

List of invalid parameters.

status

string

True

HTTP error code related to the problem.

title

string

True

Title description of the problem.

type

string

True

Content-type of the object.

Example error response
{
  "detail": "The request is missing the required bearer token.",
  "status": "401",
  "title": "Missing bearer token",
  "type": "https://bluexp.netapp.io/problems/1"
}

Error

Status: 403, Forbidden
Name Type Required Description

correlationId

string

False

Internal UUID representing the request or trace ID related.

detail

string

False

Details about the problem.

invalidParams

array[invalidParams]

False

List of invalid parameters.

status

string

True

HTTP error code related to the problem.

title

string

True

Title description of the problem.

type

string

True

Content-type of the object.

Example error response
{
  "detail": "The requested operation isn't permitted.",
  "status": "403",
  "title": "Operation not permitted",
  "type": "https://bluexp.netapp.io/problems/11"
}

Error

Status: 404, Not found
Name Type Required Description

correlationId

string

False

Internal UUID representing the request or trace ID related.

detail

string

False

Details about the problem.

invalidParams

array[invalidParams]

False

List of invalid parameters.

status

string

True

HTTP error code related to the problem.

title

string

True

Title description of the problem.

type

string

True

Content-type of the object.

Example error response
{
  "detail": "The collection specified in the request URI wasn't found.",
  "status": "404",
  "title": "Collection not found",
  "type": "https://bluexp.netapp.io/problems/2"
}

Error

Status: 409, Conflict
Name Type Required Description

correlationId

string

False

Internal UUID representing the request or trace ID related.

detail

string

False

Details about the problem.

invalidParams

array[invalidParams]

False

List of invalid parameters.

status

string

True

HTTP error code related to the problem.

title

string

True

Title description of the problem.

type

string

True

Content-type of the object.

Example error response
{
  "detail": "The request body JSON contains a field that conflicts with an idempotent value.",
  "status": "409",
  "title": "JSON resource conflict",
  "type": "https://bluexp.netapp.io/problems/10"
}

Definitions

See Definitions

type_bxp_label

Name/value pair.

Name Type Required Description

name

string

True

Name of the label.

value

string

True

Value of the label.

type_bxp_metadata

Metadata associated with the resource.

Name Type Required Description

createdBy

string

False

UUID of the user who created the resource.

creationTimestamp

string

False

Resource creation date.

labels

array[type_bxp_label]

False

Array of name/value pairs representing additional information for the resource.

modificationTimestamp

string

False

Resource modification date.

modifiedBy

string

False

UUID of the user who modified the resource.

invalidParams

Name Type Required Description

name

string

True

Name of the invalid parameter.

reason

string

True

Reason why the parameter is invalid.