openapi: 3.0.0 info: title: Key Management API description: Due to regulatory requirements applicable to our EU/UK sellers, for certain APIs, developers need to add digital signatures to the respective HTTP call. The Key Management API creates keypairs that are required when creating digital signatures for the following APIs:
privateKey
values are not returned. In order to further ensure the security of confidential client information, eBay does not store privateKey
values in any system. If a developer loses their privateKey
they must generate new keypairs set using the createSigningKey
method.
operationId: getSigningKeys
responses:
'200':
description: OK
content:
application/json:
schema:
$ref: '#/components/schemas/QuerySigningKeysResponse'
'400':
description: Bad Request
x-response-codes:
errors:
'210005':
domain: API_KEYS
category: REQUEST
description: You must request with a token having valid application client id.
'401':
description: Unauthorized
'403':
description: Forbidden
'500':
description: Internal Server Error
x-response-codes:
errors:
'210000':
domain: API_KEYS
category: APPLICATION
description: There was a problem with an eBay internal system or process. Contact eBay developer support for assistance.
security:
- api_auth:
- https://api.ebay.com/oauth/api_scope
post:
tags:
- signing_key
description: This method creates keypairs using one of the following ciphers:getSigningKey
and getSigningKeys
methods, in order to further ensure the security of confidential client information, eBay does not store the Private Key value in any system. If a developer loses their Private Key they must generate new keypairs using the createSigningKey
method.signingKeyId
associated with the application key making the call.privateKey
value is not returned. In order to further ensure the security of confidential client information, eBay does not store the privateKey
value in any system. If a developer loses their privateKey
they must generate new keypairs using the createSigningKey
method.
operationId: getSigningKey
parameters:
- name: signing_key_id
in: path
description: The system-generated eBay ID of the keypairs being requested.
required: true
schema:
type: string
responses:
'200':
description: OK
content:
application/json:
schema:
$ref: '#/components/schemas/SigningKey'
'400':
description: Bad Request
x-response-codes:
errors:
'210005':
domain: API_KEYS
category: REQUEST
description: You must request with a token having valid application client id.
'401':
description: Unauthorized
'403':
description: Forbidden
'404':
description: Not found
x-response-codes:
errors:
'210002':
domain: API_KEYS
category: REQUEST
description: The signing key with id {signingKeyId} was not found.
'500':
description: Internal Server Error
x-response-codes:
errors:
'210000':
domain: API_KEYS
category: APPLICATION
description: There was a problem with an eBay internal system or process. Contact eBay developer support for assistance.
security:
- api_auth:
- https://api.ebay.com/oauth/api_scope
components:
schemas:
CreateSigningKeyRequest:
type: object
properties:
signingKeyCipher:
type: string
description: The enumerated value for the cipher to be used to create the signing key. Refer to SigningKeyCiper for the list of supported enum values. For implementation help, refer to eBay API documentation
description: This request creates a new signing key.
Error:
type: object
properties:
category:
type: string
description: Identifies the type of erro.
domain:
type: string
description: Name for the primary system where the error occurred. This is relevant for application errors.
errorId:
type: integer
description: A unique number to identify the error.
format: int32
inputRefIds:
type: array
description: An array of request elements most closely associated to the error.
items:
type: string
longMessage:
type: string
description: A more detailed explanation of the error.
message:
type: string
description: Information on how to correct the problem, in the end user's terms and language where applicable.
outputRefIds:
type: array
description: An array of request elements most closely associated to the error.
items:
type: string
parameters:
type: array
description: An array of name/value pairs that describe details the error condition. These are useful when multiple errors are returned.
items:
$ref: '#/components/schemas/ErrorParameter'
subdomain:
type: string
description: 'Further helps indicate which subsystem the error is coming from. System subcategories include: Initialization, Serialization, Security, Monitoring, Rate Limiting, etc.'
description: This type defines the fields that can be returned in an error.
ErrorParameter:
type: object
properties:
name:
type: string
description: The object of the error.
value:
type: string
description: The value of the object.
QuerySigningKeysResponse:
type: object
properties:
signingKeys:
type: array
description: An array of metadata information for keypairs owned by a user.
items:
$ref: '#/components/schemas/SigningKey'
description: This container stores metadata information for all keypairs that are owned by a user.
SigningKey:
type: object
properties:
creationTime:
type: integer
description: The UNIX timestamp when the SigningKey
was created. This time is represented as the number of seconds from "1970-01-01T00:00:00Z", as measured in UTC, until the date and time the SigningKey
was created.
format: int32
expirationTime:
type: integer
description: The UNIX timestamp when the SigningKey
expires. This time is represented as the number of seconds from "1970-01-01T00:00:00Z", as measured in UTC, until the date and time the SigningKey
expires.creationTime
.
format: int32
jwe:
type: string
description: This is the JSON Web Encrypted (JWE) value for the publicKey
.
privateKey:
type: string
description: This is the Private Key that has been generated using the specified signingKeyCipher
.privateKey
value will only be returned in the response payload of the createSigningKey
method.getSigningKey
or getSigningKeys
methods.Developers are strongly advised to download their privateKey
value as Privacy Enhance Mail (PEM) format and store it locally for future reference. In order to guarantee the security of confidential client information, eBay does not store privateKey
values on any system.privateKey
they must generate new keypairs set using the createSigningKey
method.
publicKey:
type: string
description: This is the Public Key that has been generated using the specified signingKeyCipher
.