MxCloudHSM - Rest API Walkthrough Demonstration

Microexperts MxCloudHSM module uses the HTTP Secure (HTTPS) extension for secure communication, with the end point secure inside the HSM firmware module. 

Why not get started with our Rest API walkthrough demonstration so you can examine the structure and tools provided.

The following HTTP API commands are available:

Command

 Method   

  Description

Status

 GET

  Retrieves HSM administration page

Logs

 GET

  Retrieves most recent command logs

Echo

 POST

  Request data is reversed and sent back as the response

Sign Token

 POST

  Signs a JWT (JSON Web Token)

Verify Token  

 POST

  Verifys a JWT (JSON Web Token)

Status

Retrieves the HSM administration page and displays general information

  • Current date
  • HSM
  • Time  and Temperature  
  • HSM firmware module version
  • Log usage
  • User

Request Header

URL: https://www.cloudhsms.com/status

Method: GET

Response Header

Content-type: text/html

Response Body

<!DOCTYPE html>
<html>
	<head>/head>
	<body>
		<h1>HSM Status Page</h1>
		<p>Firmware Version: 0.0.0.3</p>
		<p>Temperature: 25 ℃</p>
		<p>Time: 10:14:22 UTC</p>
		<p>Date: 15/05/2018</p>
		<p>Usage: 3 logs of 32767 logs (
			<b>0% full</b>)
		</p>
		<p>User: Basic</p>
	</body>
</html>

Response Status Codes

200  Success
400  Bad Request
404  Not Found

Logs

Retrieves the last 50 most recent command logs

Request Header

URL: https://www.cloudhsms.com/logs

Method: GET

Response Header

Content-type: application/json

Response Body

[
    {
        "log_number": "3",
        "date_time": "15/05/2018 10:14:22",
        "command": "status"
    },
    {
        "log_number": "2",
        "date_time": "15/05/2018 10:13:02",
        "command": "verify_token"
    },
    {
        "log_number": "1",
        "date_time": "15/05/2018 10:12:50",
        "command": "sign_token"
    }
]

Response Status Codes

200  Success
400  Bad Request
404  Not Found

Echo

Request data is reversed and sent back as the response

Request Header

URL: https://www.cloudhsms.com

Method: POST

Content-type: application/json

Response Body

  {
	"command":"echo",
	"data":	"1234"
}

Response Header

Content-type: application/json

Response Body

  {
	"command":"echo",
	"data":	"3214"
}

Response Status Codes

200  Success
400  Bad Request

Sign Token (JSON Web Token)

The header and payload of the JWT are passed to the HSM for signing with all the claims pre-populated

Request Header

URL: https://www.cloudhsms.com

Method: POST

Content-type: application/json

Request Body

Key Name Description
command   Command   HSM command
alg  Algorithm The algorithm in use for signing this JWT
typ Token type  The media type of the JWT itself
sub Subject A string or URI that uniquely identifies the party that this JWT carries information about
name  Name A string that uniquely identifies the intended receipient of this JWT
iat  Issued at A number in unix time representing the specific date and time when this JWT was issued
{
	"command":"sign_token",
	"header":{
	  "alg": "RS256",
	  "typ": "JWT"
	},
	"payload":{
	  "sub": "1234567890",
	  "name": "John Doe",
	  "iat": "1516239022"
	}
}

Response Header

Content-type: application/json

Response Body

Key Name Description
access_token Access Token A JWT
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoiMTUxNjIzOTAyMiJ9.yO11q/vnwyu6OTRxUWXGXhxdxPXCWk/7NZxB+jG6gKoUT2KpI3kkUq+ydg9WZyZIJYoNYiLh/MlvdvIKO17LlDYHijG+gbuLCt27N3L0V9YDFDUnFsPOgwwjMgJtot9W96Lk4y9SIt2v8HQ97fMJHoKW0nEfKZ/SsD/Vkv4vudgM8iwXjArfIKx6B0w0KaO+5cEkWYLs0ZT+2yzKmxexd0Wttlz+acIW7g5dCpoZWjQLFrUCPgRAP5FvABI+B4DOxWQQraSztAb1JY+DG4SXgREZX5iqorbNuZnEISivw0PLUOA1hSkeEGs0ju7tlLPO93xGik5Gho90gjm5+lqeHg=="
}

Response Status Codes

200  Success
400  Bad Request
   

Verify Token

Verify a JWT signature. (JSON Web Token)

Request Header

URL: https://www.cloudhsms.com

Method: POST

Content-type: application/json

Request Body

Key Name Description
command Command HSM command
access_token Access Token A JWT
  {
	"command":"verify_token",
	"access_token":	""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoiMTUxNjIzOTAyMiJ9.yO11q/vnwyu6OTRxUWXGXhxdxPXCWk/7NZxB+jG6gKoUT2KpI3kkUq+ydg9WZyZIJYoNYiLh/MlvdvIKO17LlDYHijG+gbuLCt27N3L0V9YDFDUnFsPOgwwjMgJtot9W96Lk4y9SIt2v8HQ97fMJHoKW0nEfKZ/SsD/Vkv4vudgM8iwXjArfIKx6B0w0KaO+5cEkWYLs0ZT+2yzKmxexd0Wttlz+acIW7g5dCpoZWjQLFrUCPgRAP5FvABI+B4DOxWQQraSztAb1JY+DG4SXgREZX5iqorbNuZnEISivw0PLUOA1hSkeEGs0ju7tlLPO93xGik5Gho90gjm5+lqeHg==""
}

Response Header

Content-type: application/json

Response Body

  {
	"token":"verified"
}

Response Status Codes

200  Success
400  Bad Request
   

GET IN TOUCH

If you would like more information on how our MxCloudHSM could secure your business.

Call +44 (0)1903 723 548 or email us at m.

CONTACT US

+44 (0) 1903 723 548


Microexpert Limited
Gratwicke House
10 East Street
Littlehampton
West Sussex
BN17 6AW, UK

© 2018 Microexpert. Registered number 01755695.

Search