# Kiteworks API — userSshPublicKeys Operations

**7 endpoints** | [Browse interactive reference](https://developer.kiteworks.com/api-reference/userSshPublicKeys.html) | [Download spec slice](https://developer.kiteworks.com/assets/specs/userSshPublicKeys.json)

> **Authentication required.** All requests must include a Bearer access token in the
> `Authorization` header. See [Authentication](https://developer.kiteworks.com/authentication.md) for how to
> obtain a token using OAuth 2.0 Authorization Code (PKCE) or JWT Bearer flow.

---

## POST /rest/userSshPublicKeys/create

**Summary:** Register an SSH public key for the current user

### Description:
  Registers an existing SSH public key for the current user.
### Precondition:
  SFTP access must be enabled for the user's profile and role.
### Response:
  The SSH public key is registered.
**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `name` | string | yes | The display name for the SSH public key (maximum 50 characters). |
| `publicKey` | string | yes | The SSH public key string to register. |

**Responses:**

| Code | Description |
|------|-------------|
| 201 | The SSH public key was successfully registered. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_INVALID_PARAMETER, ERR_SSH_PUBLIC_KEY_EXISTS |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**422 (ERR_INVALID_PARAMETER):**

```json
{
  "errors": [
    {
      "code": "ERR_INVALID_PARAMETER",
      "message": "Invalid Parameter Exception"
    }
  ]
}
```

**422 (ERR_SSH_PUBLIC_KEY_EXISTS):**

```json
{
  "errors": [
    {
      "code": "ERR_SSH_PUBLIC_KEY_EXISTS",
      "message": "Same ssh public key name exists"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/userSshPublicKeys/create" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "name": "string",
         "publicKey": "string"
       }'
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/userSshPublicKeys/create"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "name": "string",
  "publicKey": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
```

---

## POST /rest/userSshPublicKeys/generate

**Summary:** Generate a new SSH public/private key pair

### Description:
  Generates a new SSH public/private key pair for the current user and registers the public key.
### Precondition:
  SFTP access must be enabled for the user's profile and role.
### Response:
  The generated SSH public/private key pair is returned.
**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `name` | string | yes | The display name for the SSH public key (maximum 50 characters). |
| `passphrase` | string | no | Optional passphrase to protect the generated private key. |

**Responses:**

| Code | Description |
|------|-------------|
| 201 | The SSH key pair was successfully generated. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_INVALID_PARAMETER, ERR_SSH_PUBLIC_KEY_EXISTS |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**422 (ERR_INVALID_PARAMETER):**

```json
{
  "errors": [
    {
      "code": "ERR_INVALID_PARAMETER",
      "message": "Invalid Parameter Exception"
    }
  ]
}
```

**422 (ERR_SSH_PUBLIC_KEY_EXISTS):**

```json
{
  "errors": [
    {
      "code": "ERR_SSH_PUBLIC_KEY_EXISTS",
      "message": "Same ssh public key name exists"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/userSshPublicKeys/generate" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "name": "string",
         "passphrase": "string"
       }'
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/userSshPublicKeys/generate"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "name": "string",
  "passphrase": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
```

---

## DELETE /rest/userSshPublicKeys/{id}

**Summary:** Delete an SSH public key

### Description:
  Deletes the specified SSH public key belonging to the current user.
### Precondition:
  SFTP access must be enabled for the user's profile and role.
### Response:
  The SSH public key is deleted.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier of the entity. |

**Responses:**

| Code | Description |
|------|-------------|
| 204 | The SSH public key was successfully deleted. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_ENTITY_DELETED, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_ENTITY_DELETED):**

```json
{
  "errors": [
    {
      "code": "ERR_ENTITY_DELETED",
      "message": "Entity is deleted"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X DELETE \
  "https://{instance}.kiteworks.com/rest/userSshPublicKeys/:id" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier of the entity.

url = f"https://{{instance}}.kiteworks.com/rest/userSshPublicKeys/{id}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())
```

---

## GET /rest/userSshPublicKeys

**Summary:** List the current user's SSH public keys

### Description:
  Returns the list of SSH public keys registered for the current user.
### Precondition:
  SFTP access must be enabled for the user's profile and role.
### Response:
  A list of SSH public key records is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `limit` | query | no | Maximum number of SSH public keys to return. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The list of SSH public keys has been successfully returned. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/userSshPublicKeys" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

url = "https://{instance}.kiteworks.com/rest/userSshPublicKeys"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## GET /rest/admin/users/{id}/userSshPublicKeys

**Summary:** List SSH public keys for a user

### Description:
  Returns all SSH public keys associated with the specified user.
### Precondition:
  The user must be an administrator. SFTP must be enabled for the user's profile and system role.
### Response:
  A list of SSH public keys for the specified user is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the entity. |

**Responses:**

| Code | Description |
|------|-------------|
| 200 | The list of SSH public keys was returned successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/admin/users/:id/userSshPublicKeys" \
  -H "Authorization: Bearer YOUR_TOKEN"
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the entity.

url = f"https://{{instance}}.kiteworks.com/rest/admin/users/{id}/userSshPublicKeys"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
```

---

## POST /rest/admin/users/{id}/userSshPublicKeys/create

**Summary:** Create an SSH public key for a user

### Description:
  Creates a new SSH public key record for the specified user using a provided public key string.
### Precondition:
  The user must be an administrator. SFTP must be enabled for the user's profile and system role.
### Response:
  The SSH public key record is created successfully.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the entity. |

**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `name` | string | yes | The display name for the SSH public key (maximum 50 characters). |
| `publicKey` | string | yes | The SSH public key string to register. |

**Responses:**

| Code | Description |
|------|-------------|
| 201 | The SSH public key record was created successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_INVALID_PARAMETER, ERR_SSH_PUBLIC_KEY_EXISTS |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**422 (ERR_INVALID_PARAMETER):**

```json
{
  "errors": [
    {
      "code": "ERR_INVALID_PARAMETER",
      "message": "Invalid Parameter Exception"
    }
  ]
}
```

**422 (ERR_SSH_PUBLIC_KEY_EXISTS):**

```json
{
  "errors": [
    {
      "code": "ERR_SSH_PUBLIC_KEY_EXISTS",
      "message": "Same ssh public key name exists"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/admin/users/:id/userSshPublicKeys/create" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "name": "string",
         "publicKey": "string"
       }'
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the entity.

url = f"https://{{instance}}.kiteworks.com/rest/admin/users/{id}/userSshPublicKeys/create"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "name": "string",
  "publicKey": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
```

---

## POST /rest/admin/users/{id}/userSshPublicKeys/generate

**Summary:** Generate an SSH key pair for a user

### Description:
  Generates a new SSH public/private key pair for the specified user and stores the public key.
### Precondition:
  The user must be an administrator. SFTP must be enabled for the user's profile and system role.
### Response:
  The newly generated public/private key pair is returned.

**Parameters:**

| Name | In | Required | Description |
|------|----|----------|-------------|
| `id` | path | yes | The unique identifier (UUID) of the entity. |

**Request Body:**

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `name` | string | yes | The display name for the SSH public key (maximum 50 characters). |
| `passphrase` | string | no | Optional passphrase to protect the generated private key. |

**Responses:**

| Code | Description |
|------|-------------|
| 201 | The SSH key pair was generated successfully. |
| 401 | Unauthorized  <i>Possible error codes: </i>ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED |
| 403 | Forbidden  <i>Possible error codes: </i>ERR_ACCESS_USER, ERR_PROFILE_SFTP_DISABLED, ERR_SYSTEM_ROLE_SFTP_DISABLED |
| 422 | Unprocessable Content  <i>Possible error codes: </i>ERR_INVALID_PARAMETER, ERR_SSH_PUBLIC_KEY_EXISTS |
| 490 | Request blocked by WAF |

**Response Examples:**

**401 (ERR_AUTH_INVALID_CSRF):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_INVALID_CSRF",
      "message": "Invalid CSRF Authentication"
    }
  ]
}
```

**401 (ERR_AUTH_UNAUTHORIZED):**

```json
{
  "errors": [
    {
      "code": "ERR_AUTH_UNAUTHORIZED",
      "message": "Unauthorized"
    }
  ]
}
```

**403 (ERR_ACCESS_USER):**

```json
{
  "errors": [
    {
      "code": "ERR_ACCESS_USER",
      "message": "Insufficient access permissions"
    }
  ]
}
```

**403 (ERR_PROFILE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_PROFILE_SFTP_DISABLED",
      "message": "SFTP is not enabled for this profile"
    }
  ]
}
```

**403 (ERR_SYSTEM_ROLE_SFTP_DISABLED):**

```json
{
  "errors": [
    {
      "code": "ERR_SYSTEM_ROLE_SFTP_DISABLED",
      "message": "SFTP role is not enabled on server"
    }
  ]
}
```

**422 (ERR_INVALID_PARAMETER):**

```json
{
  "errors": [
    {
      "code": "ERR_INVALID_PARAMETER",
      "message": "Invalid Parameter Exception"
    }
  ]
}
```

**422 (ERR_SSH_PUBLIC_KEY_EXISTS):**

```json
{
  "errors": [
    {
      "code": "ERR_SSH_PUBLIC_KEY_EXISTS",
      "message": "Same ssh public key name exists"
    }
  ]
}
```

**Code Samples:**

**cURL:**

```shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/admin/users/:id/userSshPublicKeys/generate" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "name": "string",
         "passphrase": "string"
       }'
```

**Python:**

```python
import requests

id = "VALUE"  # The unique identifier (UUID) of the entity.

url = f"https://{{instance}}.kiteworks.com/rest/admin/users/{id}/userSshPublicKeys/generate"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "name": "string",
  "passphrase": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
```

---
