OX Guard API (2.6.0)

Download OpenAPI specification:Download

Documentation of the Open-Xchange OX Guard HTTP API


login

The login module is used to obtain a Guard authentication token which can be used to decrypt encrypted data without providing the user's password.

login

post /login=action=login
https://example.com/appsuite/api/oxguard/login=action=login

Performs a login against the OX Guard Server in order to obtain an authentication token and various user specific settings.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded

The new password which will be set to protect the private key.

ox_password
string

The plain text password of the user's OX Guard key, or null if just fetching user settings.

language
string
Default: "en_EN"

The language code of the client (for example "de_DE"), or null for the default value (en_EN).

Responses

200

Returns an object containing authentication information and settings.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "server": "string",
  • "cid": 0,
  • "primaryEmail": "string",
  • "pubKey": "string",
  • "auth": "string",
  • "recoveryAvail": true,
  • "lang":
    {
    },
  • "settings":
    {
    }
}

changepass

post /login=action=changepass
https://example.com/appsuite/api/oxguard/login=action=changepass

Changes the password of the user's current key

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded

Data containing necessary information in order to change the user's password.

oldpass
string

The current password of the key which will be replaced.

newpass
string

The new password to set.

Responses

200

Returns an object containing new authentication information.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "auth": "string"
}

secondary

get /login=action=secondary
https://example.com/appsuite/api/oxguard/login=action=secondary

Gets the user's secondary email address where password reset information will be sent to.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Responses

200

Returns the user's secondary email address or an empty response if no secondary email address is set for the user.

Response samples

Content type
application/json
Copy
Expand all Collapse all
"string"

changesecondary

post /login=action=changesecondary
https://example.com/appsuite/api/oxguard/login=action=changesecondary

Sets the user's secondary email address where password reset information will be sent to.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded

Data containing necessary information in order to change the user's password.

password
string

The password of the user's current OX Guard key.

email
string

The new secondary email address to set.

Responses

200

"OK" or an error message in case of an error.

Response samples

Content type
application/json
Copy
Expand all Collapse all
"string"

reset

get /login=action=reset
https://example.com/appsuite/api/oxguard/login=action=reset

Resets the password of the user's current key to a new random password which will be sent to the user's secondary email address, or primary address if no secondary email address is available.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Responses

200

"ok" if the new password was sent to the secondary email address, "primary" if it was sent to the primary email address, or an error message if password reset request failed.

Response samples

Content type
application/json
Copy
Expand all Collapse all
"string"

keys

The keys module provides functionality to create, receive and manage PGP key pairs.

hasKey

get /keys?action=hasKey
https://example.com/appsuite/api/oxguard/keys?action=hasKey

Checks if the user has at least one public and/or private PGP key available.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Responses

200

A JSON object which contains if the user has a private and/or public key setup.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "data":
    {
    },
  • "error": "string",
  • "error_params":
    [
    ],
  • "error_id": "string",
  • "error_desc": "string",
  • "error_stack":
    [
    ],
  • "code": "string",
  • "categories": "string",
  • "category": 0
}

create

post /keys?action=create
https://example.com/appsuite/api/oxguard/keys?action=create

Creates a new PGP key ring for the user and marks the new key ring as "current".

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded
password
required
string

The new password which will be set to protect the private key.

name
required
string

The user's name which will be part of the key identity.

Responses

200

The new created key ring.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "data":
    {
    },
  • "error": "string",
  • "error_params":
    [
    ],
  • "error_id": "string",
  • "error_desc": "string",
  • "error_stack":
    [
    ],
  • "code": "string",
  • "categories": "string",
  • "category": 0
}

delete

post /keys?action=delete
https://example.com/appsuite/api/oxguard/keys?action=delete

Deletes a specific PGP key ring

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

keyid
required
string

The master key ID of the key ring which should be deleted.

Request Body schema: application/x-www-form-urlencoded
password
required
string

The password of the private key.

Responses

200

An empty response in case the key has been deleted.

getKeys

get /keys?action=getKeys
https://example.com/appsuite/api/oxguard/keys?action=getKeys

Gets the the user's collection of public PGP key rings.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Responses

200

A collection of the user's public key rings.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "data":
    {
    },
  • "error": "string",
  • "error_params":
    [
    ],
  • "error_id": "string",
  • "error_desc": "string",
  • "error_stack":
    [
    ],
  • "code": "string",
  • "categories": "string",
  • "category": 0
}

getKey

post /keys?action=getKey
https://example.com/appsuite/api/oxguard/keys?action=getKey

Gets a specific PGP key ring owned by the user containing public and/or private PGP keys. This request fetches detailed information about a specific PGP key ring.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

keyid
integer <int64>

Specifies the ID of the key to fetch. If this parameter is missing the key marked as "current" is returned instead.

keyType
string
Default: "public_private"
Enum: "public" "private" "public_private"

Specifies if the public and/or the private key of the key ring should be fetched.

Request Body schema: application/x-www-form-urlencoded
password
string

The password of the private key (if keyType is set to 'private' or 'public_private')

Responses

200

The public and/or private part of the specified key ring.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "data":
    {
    },
  • "error": "string",
  • "error_params":
    [
    ],
  • "error_id": "string",
  • "error_desc": "string",
  • "error_stack":
    [
    ],
  • "code": "string",
  • "categories": "string",
  • "category": 0
}

downloadKey

post /keys?action=downloadKey
https://example.com/appsuite/api/oxguard/keys?action=downloadKey

Downloads the ASCII armored representation of a specific PGP key ring owned by the user containing public and/or private PGP keys. This request fetches the raw ASCII armored PGP key ring data.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

keyid
integer <int64>

Specifies the ID of the key to fetch. If this parameter is omitted the key marked as "current" is returned instead.

keyType
string
Default: "public_private"
Enum: "public" "private" "public_private"

Specifies if the public and/or the private key of the key ring should be fetched.

Request Body schema: application/x-www-form-urlencoded
password
string

The password of the private key (if keyType is set to 'private' or 'public_private')

Responses

200

The public and/or private part of the specified key ring as raw ASCII armored data.

setCurrentKey

put /keys?action=setCurrentKey
https://example.com/appsuite/api/oxguard/keys?action=setCurrentKey

Marks a Guard PGP key ring as "current".

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

keyid
required
integer <int64>

The master key ID of the key ring which should be marked as "current".

Responses

200

An empty response in case the key was successfully marked as current.

upload

post /keys?action=upload
https://example.com/appsuite/api/oxguard/keys?action=upload

Uploads a new ASCII armored key ring to OX Guard. The key ring can contain public and/or private keys.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded
key
required
string

The ASCII armored data of the key ring.

keyPassword
string

The password of the private key. Can be omitted if the uploaded key ring does only contain public keys.

newPassword
string

The new password to set for the imported private keys. Can be omitted if the uploaded key ring does only contain public keys.

Responses

200

An empty response in case the key rings have been imported.

uploadExternalPublicKey

post /keys?action=uploadExternalPublicKey
https://example.com/appsuite/api/oxguard/keys?action=uploadExternalPublicKey

A user can upload public keys for other external communication partners. This requests uploads an ASCII armored public key of an external recipient for later user.

query Parameters
session
required
string

A session ID previously obtained from the Appsuite HTTP login module.

Request Body schema: application/x-www-form-urlencoded
key
required
string

The ASCII armored data of the key ring.

Responses

200

An empty response in case the key rings have been imported.

getExternalPublicKeys

get /keys?action=getExternalPublicKeys
https://example.com/appsuite/api/oxguard/keys?action=getExternalPublicKeys

Gets a list of upload public keys for external recipients. A user can upload public key rings for other external communication partners. This requests gets the uploaded public key rings for externals including useful meta information.

Responses

200

The collection of uploaded external key rings.

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "data":
    {