Create Keystore

Endpoint

POST /apiops/projects/{projectName}/keystores/

Authentication

Requires a Personal API Access Token.

Authorization: Bearer YOUR_TOKEN

Request

Headers

Header	Value	Required
Authorization	Bearer `{token}`	Yes
Content-Type	application/json	Yes

Path Parameters

Parameter	Type	Required	Description
projectName	string	Yes	Project name

Request Body

The request body should contain a KeystoreCreateDTO object with the following structure:

{
  "name": "my-keystore",
  "description": "Keystore for API security",
  "keyStoreEnvironmentList": [
    {
      "environmentName": "production",
      "file": "base64-encoded-keystore-file-content",
      "password": "keystore-password",
      "alias": "my-alias",
      "keyStoreType": "JKS"
    }
  ]
}

Request Body Fields

Field	Type	Required	Description
name	string	Yes	Keystore name (unique identifier)
description	string	No	Keystore description
keyStoreEnvironmentList	array[object]	Yes	List of keystore environments

Keystore Environment Object

Field	Type	Required	Description
environmentName	string	Yes	Environment name where keystore will be deployed
file	string (base64)	Yes	Base64-encoded keystore file content
password	string	Yes	Keystore password
alias	string	No	Default alias for the keystore
keyStoreType	string	Yes	Keystore type: `JKS` or `PKCS12`

Notes

Request Format: This API uses application/json content type. Unlike the Certificate API, files are not uploaded via multipart/form-data. Instead, keystore file content must be base64-encoded and included in the JSON body.
name must be unique within the project
Keystore is automatically deployed to all specified environments after creation
Keystore file must be provided as base64-encoded content in the file field
environmentName is used to identify the environment (not environmentId)
keyStoreType must match the actual keystore file format
To encode a keystore file to base64, you can use command-line tools like base64 (Linux/Mac) or certutil -encode (Windows), or any base64 encoding library in your programming language

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "message": "Deployment completed successfully",
    "environmentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployed successfully"
      }
    ]
  }
}

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "Keystore (name: my-keystore) is already exist! Try update operation if want to change its value."
}

cURL Example

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/keystores/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-keystore",
    "description": "Keystore for API security",
    "keyStoreEnvironmentList": [
      {
        "environmentName": "production",
        "file": "base64-encoded-keystore-file-content",
        "password": "keystore-password",
        "alias": "my-alias",
        "keyStoreType": "JKS"
      }
    ]
  }'

Example 2: Create Keystore with Multiple Environments

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/keystores/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-keystore",
    "description": "Keystore for API security",
    "keyStoreEnvironmentList": [
      {
        "environmentName": "production",
        "file": "base64-encoded-keystore-file-content",
        "password": "prod-password",
        "alias": "prod-alias",
        "keyStoreType": "JKS"
      },
      {
        "environmentName": "staging",
        "file": "base64-encoded-keystore-file-content",
        "password": "staging-password",
        "alias": "staging-alias",
        "keyStoreType": "PKCS12"
      }
    ]
  }'

Notes and Warnings

Keystore Name:
- Must be unique within the project
- Cannot be changed after creation
Keystore Type:
- JKS: Java KeyStore format
- PKCS12: PKCS#12 format (also known as .p12 or .pfx)
Environment Name:
- Use environmentName (not environmentId) to specify the environment
- Environment name must exist and be accessible
Keystore File:
- Must be base64-encoded and included in the JSON body (not uploaded as a file)
- Example: Read your keystore file and encode it to base64: base64 -i keystore.jks (Linux/Mac) or certutil -encode keystore.jks temp.txt && type temp.txt (Windows)
- File content is encrypted before storage
- keyStoreType must match the actual file format
- Note: This API uses JSON body format. If you need to upload a file directly, consider using the Certificate API which supports multipart/form-data
Password:
- Keystore password is required for each environment
- Password is encrypted before storage
- Different environments can have different passwords
Automatic Deployment:
- Keystore is automatically deployed to all specified environments after creation
- Deployment results are returned in the response

Permissions

User must have SECRETS + MANAGE permission in the project. For deployment operations (when deploying keystores to environments), user must also have SECRETS + DEPLOY_UNDEPLOY permission.

List Keystores - List all keystores
Update Keystore - Update a keystore

Endpoint​

Authentication​

Header​

Request​

Headers​

Path Parameters​

Request Body​

Request Body Fields​

Keystore Environment Object​

Notes​

Response​

Success Response (200 OK)​

Error Response (400 Bad Request)​

cURL Example​

Example 2: Create Keystore with Multiple Environments​

Notes and Warnings​

Permissions​

Related Documentation​