post__organization_{orgId}_key
POST /organization/{idOrg}/key
Generate Organization Key
Generate a new RSA key pair for organization authentication and node registration.
This endpoint creates a new RSA key pair (2048-bit) for the specified organization. The public key is stored securely in the database, while the private key is returned as a downloadable PEM file for immediate use by bridge nodes.
Key Features:
Generates 2048-bit RSA key pairs for secure authentication
Private key returned as downloadable PEM file
Public key stored securely in the database
Automatic key-node association for registered nodes
System event logging for audit trails
Access Control:
Requires ADMINISTRATOR or OWNER role within the organization
Users can only manage keys for their own organization
Maximum key limit enforced per organization (default: 5 keys)
Security:
Private keys are only returned once during generation
Public keys are stored encrypted in the database
All operations are logged for security auditing
Quota Limits:
Maximum keys per organization: 5 (configurable via
ORGKEYS_MAXenvironment variable)Returns 400 error when quota exceeded
TypeScript Client Library
public generateOrgKey = async (idOrg: string): Promise<string> => {
return this.makeRequest<string>(`organization/${idOrg}/key`, 'POST');
};Code Samples
# You can also use wget
curl -X POST https://backend.flashback.tech/organization/{idOrg}/key \
-H 'Accept: application/x-pem-file' \
-H 'Authorization: Bearer {access-token}' \
--output private_key.pemPOST https://backend.flashback.tech/organization/{idOrg}/key HTTP/1.1
Host: localhost:3000
Accept: application/x-pem-file
Authorization: Bearer {access-token}const headers = {
'Accept':'application/x-pem-file',
'Authorization':'Bearer {access-token}'
};
fetch('https://backend.flashback.tech/organization/{idOrg}/key',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.blob();
}).then(function(blob) {
// Save the private key file
const url = window.URL.createObjectURL(blob);
const a = document.createElement('a');
a.href = url;
a.download = 'private_key.pem';
a.click();
});require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/x-pem-file',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://backend.flashback.tech/organization/{idOrg}/key',
params: {
}, headers: headers
# Save the private key to file
File.open('private_key.pem', 'w') { |f| f.write(result) }import requests
headers = {
'Accept': 'application/x-pem-file',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://backend.flashback.tech/organization/{idOrg}/key', headers = headers)
# Save the private key to file
with open('private_key.pem', 'w') as f:
f.write(r.text)<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/x-pem-file',
'Authorization' => 'Bearer {access-token}',
);
$client = new \GuzzleHttp\Client();
try {
$response = $client->request('POST','https://backend.flashback.tech/organization/{idOrg}/key', array(
'headers' => $headers,
)
);
// Save the private key to file
file_put_contents('private_key.pem', $response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...URL obj = new URL("https://backend.flashback.tech/organization/{idOrg}/key");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Accept", "application/x-pem-file");
con.setRequestProperty("Authorization", "Bearer {access-token}");
int responseCode = con.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK) {
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
response.append("\n");
}
in.close();
// Save the private key to file
Files.write(Paths.get("private_key.pem"), response.toString().getBytes());
}package main
import (
"bytes"
"net/http"
"io/ioutil"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/x-pem-file"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{})
req, err := http.NewRequest("POST", "https://backend.flashback.tech/organization/{idOrg}/key", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
if err == nil {
body, _ := ioutil.ReadAll(resp.Body)
ioutil.WriteFile("private_key.pem", body, 0644)
}
}Parameters
idOrg
path
string
true
Organization ID for which to generate the key
Example responses
200 Response
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA7VJTUt9Us8cKBwT1L6O5VfwlrP0xP2B5iZvr5Xq5BwL1K2Y3
...
-----END RSA PRIVATE KEY-----400 Response
{
"success": false,
"message": "Maximum number of organization keys (5) has been reached. Please delete existing keys before creating new ones."
}403 Response
{
"success": false,
"message": "Access denied: you can only manage keys for your own organization"
}Responses
Response Schema
Status Code 200
Body
string
false
none
RSA private key in PEM format
Status Code 400
» success
boolean
false
none
Operation success status
» message
string
false
none
Error message describing the issue
Status Code 403
» success
boolean
false
none
Operation success status
» message
string
false
none
Error message describing the permission issue
Status Code 500
» success
boolean
false
none
Operation success status
» message
string
false
none
Error message describing the internal error
To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth
Last updated
Was this helpful?