Skip to content
API Enriched

ProcessPolicyInformation.

POST
/api/secret_management/namespaces/system/voltshare/process_policy_information
curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/secret_management/namespaces/system/voltshare/process_policy_information \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "policy": { "allowed_users": [ { "email": "hello@example.com", "tenant": "example" } ], "expiration_timestamp": "2026-04-15T12:00:00Z" }, "secret_name": "example" }'

ProcessPolicyInformation API takes policy and secret name as input and returns a document containing .

Examples of this operation.

Authorizations

Section titled “Authorizations”

Request Bodyrequired

Section titled “Request Bodyrequired”
Media typeapplication/json
ProcessPolicyRequest

ProcessPolicyRequest contains parameters ProcessPolicyInformation API.

object
policy
object
allowed_users
allowed_users

List of Users allowed to decrypt the secret.

Array<object>
<= 256 items
User Record

UserRecordType contains information about a user.

object
email
email

Email ID of the user.

string format: email
>= 1 characters <= 256 characters /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/
tenant
tenant

Tenant of the user.

string
>= 1 characters <= 256 characters
expiration_timestamp
expiration_timestamp

Until when this policy is valid. After expiration only author can decrypt the secret.

string format: date-time
<= 1024 characters
secret_name
secret_name

Name of the secret Required: YES.

string
>= 1 characters <= 256 characters
Examplegenerated
{
  "policy": {
    "allowed_users": [
      {
        "email": "hello@example.com",
        "tenant": "example"
      }
    ],
    "expiration_timestamp": "2026-04-15T12:00:00Z"
  },
  "secret_name": "example"
}

Responses

Section titled “Responses”

200

Section titled “200”

A successful response.

Media typeapplication/json
ProcessPolicyResponse

Response of the ProcessPolicyInformation API. It contains Processed Policy, HMAC of the policy and PublicKey to be used for encryption.

object
policy_document
object
author
object
email
email

Email ID of the user.

string format: email
>= 1 characters <= 256 characters /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/
tenant
tenant

Tenant of the user.

string
>= 1 characters <= 256 characters
blindfold_key_version
blindfold_key_version

Version of BlindfoldKey that will be used for encryption.

integer format: int64
creation_time
creation_time

Creation time for this policy document.

string format: date-time
<= 1024 characters
policy
object
allowed_users
allowed_users

List of Users allowed to decrypt the secret.

Array<object>
<= 256 items
User Record

UserRecordType contains information about a user.

object
email
email

Email ID of the user.

string format: email
>= 1 characters <= 256 characters /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/
tenant
tenant

Tenant of the user.

string
>= 1 characters <= 256 characters
expiration_timestamp
expiration_timestamp

Until when this policy is valid. After expiration only author can decrypt the secret.

string format: date-time
<= 1024 characters
policy_id
policy_id

A unique 31 bit number assigned to this policy.

string format: uint64
<= 1024 characters
secret_name
secret_name

Name of the secret.

string
<= 1024 characters
policy_document_hmac_base64
policy_document_hmac

Base64 encoded HMAC of the policy document.

string
<= 1024 characters
public_key
Public Key Document

PublicKey Document contains information about PublicKey used to encrypt symmetric encryption key. Private part of this key is ONLY with F5XC Secret Management service. Value of this field is a base64 string. When decoded, it unmarshal to PublicKeyDocumentType structure.

string
<= 1024 characters
Examplegenerated
{
  "policy_document": {
    "author": {
      "email": "hello@example.com",
      "tenant": "example"
    },
    "blindfold_key_version": 1,
    "creation_time": "2026-04-15T12:00:00Z",
    "policy": {
      "allowed_users": [
        {
          "email": "hello@example.com",
          "tenant": "example"
        }
      ],
      "expiration_timestamp": "2026-04-15T12:00:00Z"
    },
    "policy_id": "example",
    "secret_name": "example"
  },
  "policy_document_hmac_base64": "example",
  "public_key": "example"
}

401

Section titled “401”

Returned when operation is not authorized.

Media typeapplication/json
string format: string
Examplegenerated
example

403

Section titled “403”

Returned when there is no permission to access resource.

Media typeapplication/json
string format: string
Examplegenerated
example

404

Section titled “404”

Returned when resource is not found.

Media typeapplication/json
string format: string
Examplegenerated
example

409

Section titled “409”

Returned when operation on resource is conflicting with current value.

Media typeapplication/json
string format: string
Examplegenerated
example

429

Section titled “429”

Returned when operation has been rejected as it is happening too frequently.

Media typeapplication/json
string format: string
Examplegenerated
example

500

Section titled “500”

Returned when server encountered an error in processing API.

Media typeapplication/json
string format: string
Examplegenerated
example

503

Section titled “503”

Returned when service is unavailable temporarily.

Media typeapplication/json
string format: string
Examplegenerated
example

504

Section titled “504”

Returned when server timed out processing request.

Media typeapplication/json
string format: string
Examplegenerated
example