Skip to main content
POST
/
api
/
v1
/
kms
/
keys
/
{keyId}
/
sign
cURL
curl --request POST \
  --url https://us.infisical.com/api/v1/kms/keys/{keyId}/sign \
  --header 'Content-Type: application/json' \
  --data '
{
  "data": "<string>",
  "isDigest": false
}
'
{
  "signature": "<string>",
  "keyId": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Path Parameters

keyId
string<uuid>
required

The ID of the key to sign the data with.

Body

application/json
signingAlgorithm
enum<string>
required
Available options:
RSASSA_PSS_SHA_512,
RSASSA_PSS_SHA_384,
RSASSA_PSS_SHA_256,
RSASSA_PKCS1_V1_5_SHA_512,
RSASSA_PKCS1_V1_5_SHA_384,
RSASSA_PKCS1_V1_5_SHA_256,
ECDSA_SHA_512,
ECDSA_SHA_384,
ECDSA_SHA_256,
ML_DSA_44,
ML_DSA_65,
ML_DSA_87
data
string
required

The data in string format to be signed (base64 encoded).

isDigest
boolean
default:false

Whether the data is already digested or not. Please be aware that if you are passing a digest the algorithm used to create the digest must match the signing algorithm used to sign the digest.

Response

Default Response

signature
string
required
keyId
string<uuid>
required
signingAlgorithm
enum<string>
required
Available options:
RSASSA_PSS_SHA_512,
RSASSA_PSS_SHA_384,
RSASSA_PSS_SHA_256,
RSASSA_PKCS1_V1_5_SHA_512,
RSASSA_PKCS1_V1_5_SHA_384,
RSASSA_PKCS1_V1_5_SHA_256,
ECDSA_SHA_512,
ECDSA_SHA_384,
ECDSA_SHA_256,
ML_DSA_44,
ML_DSA_65,
ML_DSA_87