How to generate an API Signing Key?

How to generate an API Signing Key?

You can use the following OpenSSL commands to generate the key pair in the required PEM format. If you're using Windows, you'll need to install Git Bash for Windows and run the commands with that tool.


1. Create a directory

      For your convenience, you can create a .oci directory to store the credentials:
      mkdir ~/.oci


2. Generate private key

      You can use the following command to generate the private key with no passphrase.

      openssl genrsa -out ~/.oci/oci_api_key.pem 2048

For security reasons, it is critical to ensure that only you can read/write the private key file. To enable the same, use the following command:

      chmod go-rwx ~/.oci/oci_api_key.pem


3. Generate public key:

      openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem


4. Upload public key to IAM

You can copy the contents of the public key to the clipboard using pbcopy, xclip or a similar tool (you'll need to paste the value into the console later). For example:

      cat ~/.oci/oci_api_key_public.pem | pbcopy

Your API requests will be signed with your private key and Oracle will use public key to verify the authenticity of your request. The public key must be uploaded to the IAM.


      • Related Articles

      • How to get the Key's Fingerprint?

        To generate key fingerprint, you need to upload the generated PEM public key in the Oracle cloud console. Follow the steps below to achieve the same: Open the console and sign in. View details of the user who will be calling the API with the key ...
      • Convert Certificate and Key (Private) into a keystore file

        When you have Certificate (.crt file) and Private key (.key file), which you want to convert into Keystore (.keystore file), please follow the below steps. Basic flow: <.crt file> ➕ <.key file> ➡️ <.p12 file> ➡️ <.keystore file> Step 1 - Convert ...
      • How can I generate SSH key for public key based authentication in Server monitor ?

        Please use two similar servers for this procedure. 1. A RSA or DSA key pair must be generated on the client system (SERVER1). Use the steps below to generate and use SSH2 keys. Login as the user for monitoring and go to the /home/username/.ssh/ ...
      • REST API Monitor - FAQS

        1. What should I do when Basic Authentication fails in REST API monitor? Verify if the credentials provided in the Applications Manager are correct. Try if sending username and password in Authorization request header works Get an BASE-64 encoded ...
      • Service Now Event Integration using Webhook / Rest API Action

        Steps to perform in Service Now 1) Login to your ServiceNow Instance(dev*****133.service-now.com) 2) Search for the Rest API Explorer and open it 3) In the Rest API Explorer page choose the Namespace and API Name with the proper API version. For ...