Overview

Documentation of the Open-Xchange OX Guard HTTP API


Version information

Version : 2.6.0

Contact information

Contact : Open-Xchange GmbH
Contact Email : info@open-xchange.com

URI scheme

Host : example.com
BasePath : /appsuite/api/oxguard
Schemes : HTTPS

Tags

  • login : The login module is used to obtain a Guard authentication token which can be used to decrypt encrypted data without providing the user’s password.

  • keys : The keys module provides functionality to create, receive and manage PGP key pairs.

  • settings : The settings module provides functionality for changing user related PGP options.

  • guest : This module provides access to guest functionality.

Consumes

  • application/x-www-form-urlencoded

Produces

  • application/json

Paths

Change Password

POST /guest?action=changepass

Description

Changes guest password

Parameters

Type Name Description Schema Default

Query

auth
required

The authorization code provided from previous login

string

Query

session
required

A session obtained during the login throug the Guest login

string

Body

ChangePassRequestData
required

Data containing necessary information to change a password.

ChangePassRequestData

Responses

HTTP Code Description Schema

200

New auth response

ChangePasswordResponse

Tags

  • guest

Perform reset of Guest account

POST /guest?action=doresetaccount

Description

Performs the reset of the Guest account. Requires secret token sent to them previously

Parameters

Type Name Description Schema Default

Body

DoResetAccountRequestData
required

Data containing necessary information to perform the reset.

DoResetAccountRequestData

Responses

HTTP Code Description Schema

200

"OK" or an error message in case of an error.

string

Tags

  • guest

Assigns Password

POST /guest?action=firstpass

Description

For new Guest account, assigns new password as well as password reset question/answer

Parameters

Type Name Description Schema Default

Body

GuestFirstPasswordRequestData
required

Data containing necessary information to assign a new password.

GuestFirstPasswordRequestData

Responses

HTTP Code Description Schema

200

New auth response

ChangePasswordResponse

Tags

  • guest

Gets email attachment

GET /guest?action=getattach

Description

Gets and email attachment

Parameters

Type Name Description Schema Default

Query

attname
required

name of the attachment

string

Query

auth
required

required authorization token

string

Query

cid
required

The context ID of the user

integer

Query

download
optional

If true, Content-disposition sent so that file is saved

boolean

Query

email
required

Guard email id

string

Query

language
required

language of the UI

string

Query

session
required

A session obtained during the login throug the Guest login

string

Responses

HTTP Code Description Schema

200

Response will contain decoded attachment stream. If download set, will have Content-Disposition set to "attachment" with the filename.

No Content

Produces

  • application/octet-stream

  • file-mime-type

Tags

  • guest

Gets email image

GET /guest?action=getattachcid

Description

Gets image contained in the body of an email (cid image)

Parameters

Type Name Description Schema Default

Query

auth
required

required authorization token

string

Query

cid
required

The context ID of the user

integer

Query

content_id
required

the image cid (image id)

string

Query

email
required

Guard email id

string

Query

session
required

A session obtained during the login throug the Guest login

string

Responses

HTTP Code Description Schema

200

Response will contain decoded attachment stream.

No Content

Produces

  • file-mime-type

Tags

  • guest

Get decoded email

POST /guest?action=getmail

Description

Gets decoded email

Parameters

Type Name Description Schema Default

Query

auth
required

The authorization code provided from previous login

string

Query

session
required

A session obtained during the login throug the Guest login

string

Body

GetMailRequestData
required

Data containing necessary information to change a password.

GetMailRequestData

Responses

HTTP Code Description Schema

200

Email Json

No Content

Tags

  • guest

Get reset question

GET /guest?action=getquestion

Description

Gets the question to be answered to verify password reset request

Parameters

Type Name Description Schema Default

Query

email
required

The email to be reset

string

Responses

HTTP Code Description Schema

200

Response will contain the question, error, or "nf" if not found

No Content

Produces

  • string

Tags

  • guest

Guest account reset, step 1

GET /guest?action=resetaccount

Description

First step to reset Guest account. Sends email with temporary token for user

Parameters

Type Name Description Schema Default

Query

templid
optional

Optional templateId for the user for customization

integer

Query

user
required

The email address of the user for the reset

string

Responses

HTTP Code Description Schema

200

A JSON with data:OK if success, else error message

No Content

Tags

  • guest

Reset password

GET /guest?action=resetpassword

Description

Performs a password reset for a Guest

Parameters

Type Name Description Schema Default

Query

answer
required

The answer to the challenge question

string

Query

email
required

The email to be reset

string

Query

language
optional

Language for the user

string

Query

templid
optional

The template id for the custom layout

integer

Responses

HTTP Code Description Schema

200

Response will contain 'No Match' or 'OK'

No Content

406

'Error decoding answer', 'Failed to change', or FailNotify

No Content

Produces

  • string

Tags

  • guest

Uploads email to cache

POST /guest?action=upload

Description

Guest emails are only stored for a limited time. After that, they need to be re-uploaded.

Parameters

Type Name Description Schema Default

Query

auth
required

The authorization code provided from previous login

string

Query

itemid
required

The itemId for the email

string

Query

session
required

A session obtained during the login throug the Guest login

string

Responses

HTTP Code Description Schema

200

OK if success

No Content

406

'Not decodable' if password wrong for email or key unavailable, or other error message

No Content

Consumes

  • multipart/form-data

Produces

  • string

Tags

  • guest

DeleteExternalPublicKey

DELETE /keys?action=DeleteExternalPublicKey

Description

Deletes an uploaded external recipient key.

Parameters

Type Name Description Schema Default

Query

ids
required

The ids parameter from the ExternalPublicKeyRing object as obtained from the GetExternalPublicKeys request.

string

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key was deleted.

No Content

Tags

  • keys

InlineExternalPublicKey

PUT /keys?action=InlineExternalPublicKey

Description

Marks an uploaded external recipient key as "inline". An external public key which is marked as "inline" produces PGP/INLNE email encryption by default.

Parameters

Type Name Description Schema Default

Query

ids
required

The ids parameter from the ExternalPublicKeyRing object as obtained from the GetExternalPublicKeys request.

string

Query

inline
required

True, to mark the key ring as "inline", False to mark it as "not inline".

boolean

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key was marked as inline.

No Content

Tags

  • keys

addUserId

POST /keys?action=addUserId

Description

Adds a new user ID "name <email>" to the given key ring.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

email
required

The email part of "name <email>".

string

FormData

keyid
required

The master key ID of the key ring which should be changed.

integer(int64)

FormData

name
required

The name part of "name <email>".

string

Responses

HTTP Code Description Schema

200

An empty response in case the key was successfully marked as current.

No Content

Tags

  • keys

create

POST /keys?action=create

Description

Creates a new PGP key ring for the user and marks the new key ring as "current".

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

name
required

The user’s name which will be part of the key identity.

string

FormData

password
required

The new password which will be set to protect the private key.

string

Responses

HTTP Code Description Schema

200

The new created key ring.

CreateResponse

Tags

  • keys

delete

POST /keys?action=delete

Description

Deletes a specific PGP key ring

Parameters

Type Name Description Schema Default

Query

keyid
required

The master key ID of the key ring which should be deleted.

string

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

password
required

The password of the private key.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key has been deleted.

No Content

Tags

  • keys

downloadKey

POST /keys?action=downloadKey

Description

Downloads the ASCII armored representation of a specific PGP key ring owned by the user containing public and/or private PGP keys. This request fetches the raw ASCII armored PGP key ring data.

Parameters

Type Name Description Schema Default

Query

keyType
optional

Specifies if the public and/or the private key of the key ring should be fetched.

enum (public, private, public_private)

"public_private"

Query

keyid
optional

Specifies the ID of the key to fetch. If this parameter is omitted the key marked as "current" is returned instead.

integer(int64)

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

password
optional

The password of the private key (if keyType is set to 'private' or 'public_private')

string

Responses

HTTP Code Description Schema

200

The public and/or private part of the specified key ring as raw ASCII armored data.

string(binary)

Produces

  • application/pgp-keys

Tags

  • keys

getExternalPublicKeys

GET /keys?action=getExternalPublicKeys

Description

Gets a list of upload public keys for external recipients. A user can upload public key rings for other external communication partners. This requests gets the uploaded public key rings for externals including useful meta information.

Responses

HTTP Code Description Schema

200

The collection of uploaded external key rings.

GetExternalPublicKeysResponse

Tags

  • keys

getKey

POST /keys?action=getKey

Description

Gets a specific PGP key ring owned by the user containing public and/or private PGP keys. This request fetches detailed information about a specific PGP key ring.

Parameters

Type Name Description Schema Default

Query

keyType
optional

Specifies if the public and/or the private key of the key ring should be fetched.

enum (public, private, public_private)

"public_private"

Query

keyid
optional

Specifies the ID of the key to fetch. If this parameter is missing the key marked as "current" is returned instead.

integer(int64)

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

password
optional

The password of the private key (if keyType is set to 'private' or 'public_private')

string

Responses

HTTP Code Description Schema

200

The public and/or private part of the specified key ring.

GetKeyResponse

Tags

  • keys

getKeys

GET /keys?action=getKeys

Description

Gets the the user’s collection of public PGP key rings.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

A collection of the user’s public key rings.

GetKeysResponse

Tags

  • keys

getRecipKey

GET /keys?action=getRecipKey

Description

Queries the public key of a recipient.

Parameters

Type Name Description Schema Default

Query

create
optional

True to create non existing keys for the requested user, False to not create keys with this request (default).

boolean

Query

email
optional

The email address of the recipient to search a key for.

string

Query

keyid
optional

Instead of using the email parameter it is also possible to perform the search by key ID.

integer(int64)

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

The public key ring of the recipient and some additional meta data.

GetRecipKeyResponse

Tags

  • keys

hasKey

GET /keys?action=hasKey

Description

Checks if the user has at least one public and/or private PGP key available.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

A JSON object which contains if the user has a private and/or public key setup.

HasKeyResponse

Tags

  • keys

revoke

POST /keys?action=revoke

Description

Reovkes a PGP key ring.

Parameters

Type Name Description Schema Default

Query

keyid
required

Specifies the ID of the master key to revoke.

integer(int64)

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

password
required

The password of the private key.

string

FormData

reason
optional

Specifies the reason why the key is being revoked.

enum (no_reason, key_superseded, key_compromised, key_retired, user_no_longer_valid)

"no_reason"

Responses

HTTP Code Description Schema

200

An empty response in case the key was revoked.

No Content

Tags

  • keys

setCurrentKey

PUT /keys?action=setCurrentKey

Description

Marks a Guard PGP key ring as "current".

Parameters

Type Name Description Schema Default

Query

keyid
required

The master key ID of the key ring which should be marked as "current".

integer(int64)

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key was successfully marked as current.

No Content

Tags

  • keys

shareExternalPublicKey

PUT /keys?action=shareExternalPublicKey

Description

Marks an uploaded external recipient key as shared or as not shared. An external public key which is marked as shared can be accessed from other OX Guard users in the same context.

Parameters

Type Name Description Schema Default

Query

ids
required

The ids parameter from the ExternalPublicKeyRing object as obtained from the GetExternalPublicKeys request.

string

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Query

shared
required

True, to mark the key ring as "shared", False to mark it as "not shared".

boolean

Responses

HTTP Code Description Schema

200

An empty response in case the key was marked as shared.

No Content

Tags

  • keys

upload

POST /keys?action=upload

Description

Uploads a new ASCII armored key ring to OX Guard. The key ring can contain public and/or private keys.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

key
required

The ASCII armored data of the key ring.

string

FormData

keyPassword
optional

The password of the private key. Can be omitted if the uploaded key ring does only contain public keys.

string

FormData

newPassword
optional

The new password to set for the imported private keys. Can be omitted if the uploaded key ring does only contain public keys.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key rings have been imported.

No Content

Tags

  • keys

uploadExternalPublicKey

POST /keys?action=uploadExternalPublicKey

Description

A user can upload public keys for other external communication partners. This requests uploads an ASCII armored public key of an external recipient for later user.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

FormData

key
required

The ASCII armored data of the key ring.

string

Responses

HTTP Code Description Schema

200

An empty response in case the key rings have been imported.

No Content

Tags

  • keys

changepass

POST /login=action=changepass

Description

Changes the password of the user’s current key

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Body

changePasswordData
required

Data containing necessary information in order to change the user’s password.

ChangePasswordRequestData

Responses

HTTP Code Description Schema

200

Returns an object containing new authentication information.

ChangePasswordResponse

Tags

  • login

changesecondary

POST /login=action=changesecondary

Description

Sets the user’s secondary email address where password reset information will be sent to.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Body

changeSecondaryData
required

Data containing necessary information in order to change the user’s password.

ChangeSecondaryRequestData

Responses

HTTP Code Description Schema

200

"OK" or an error message in case of an error.

string

Tags

  • login

login

POST /login=action=login

Description

Performs a login against the OX Guard Server in order to obtain an authentication token and various user specific settings.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Body

loginData
required

The new password which will be set to protect the private key.

LoginRequestData

Responses

HTTP Code Description Schema

200

Returns an object containing authentication information and settings.

LoginResponse

Tags

  • login

reset

GET /login=action=reset

Description

Resets the password of the user’s current key to a new random password which will be sent to the user’s secondary email address, or primary address if no secondary email address is available.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

"ok" if the new password was sent to the secondary email address, "primary" if it was sent to the primary email address, or an error message if password reset request failed.

string

Tags

  • login

secondary

GET /login=action=secondary

Description

Gets the user’s secondary email address where password reset information will be sent to.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Responses

HTTP Code Description Schema

200

Returns the user’s secondary email address or an empty response if no secondary email address is set for the user.

string

Tags

  • login

set

POST /settings=action=set

Description

Sets user specific PGP settings. The current active settings are returned within the login-response.

Parameters

Type Name Description Schema Default

Query

session
required

A session ID previously obtained from the Appsuite HTTP login module.

string

Body

settingsData
required

The settings to apply for all keys owned by the user.

PGPSettingsData

Responses

HTTP Code Description Schema

200

"done" if the settings have been stored, an error message otherwise.

string

Tags

  • settings

Definitions

ChangePassRequestData

The data for creating password for a new Guest.

Name Description Schema

answer
optional

The required response to the question to verify a password reset. Can be blank if not supplied

string

newpass
optional

The new password for the new account. If no password reset option, can be blank

string

oldpass
optional

The old password

string

question
optional

A question to use in the event of a password reset. May be blank if not changing

string

ChangePasswordRequestData

The data for performing a password change.

Name Description Schema

newpass
optional

The new password to set.

string

oldpass
optional

The current password of the key which will be replaced.

string

ChangePasswordResponse

Name Description Schema

auth
optional

A new valid authentication token which can be used for authentication in further requests.

string

ChangeSecondaryRequestData

The data for performing the change of the secondary email address.

Name Description Schema

email
optional

The new secondary email address to set.

string

password
optional

The password of the user’s current OX Guard key.

string

CreateResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

KeyRing

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

DoResetAccountRequestData

The data for performing a rest of a Guest account.

Name Description Schema

email
optional

The email address of the Guest user

string

password
optional

The new password for the newly created account

string

resetid
optional

The reset token string found in the email sent to the user for verification

string

ExternalPublicKeyRing

Name Description Schema

ids
optional

The Identifier of the external key ring.

string

inline
optional

True, if the key is marked as inline, False otherwise.

boolean

publicRing
optional

PublicKeyRing

shareLevel
optional

The share level. A key is considered to be shared if the share level is greater than 0.

integer

shared
optional

True, if the key ring is shared, False otherwise

boolean

ExternalPublicKeyRingCollection

Name Description Schema

externalPublicKeyRings
optional

An array of PGP key rings belonging to external recipients.

< ExternalPublicKeyRing > array

GetExternalPublicKeysResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

ExternalPublicKeyRingCollection

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

GetKeyResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

KeyRing

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

GetKeysResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

KeyRingCollection

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

GetMailRequestData

The data for creating password for a new Guest.

Name Description Schema

item
optional

The itemId of the Guest email

string

GetRecipKeyResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

RecipKey

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

GuestFirstPasswordRequestData

The data for creating password for a new Guest.

Name Description Schema

answer
optional

The required response to the question to verify a password reset. Can be blank if not supplied

string

email
optional

The email address of the Guest user

string

itemId
optional

Item Id of the guest email. Must have a valid email item in order to help verify legit password change

string

newpass
optional

The new password for the new account. If no password reset option, can be blank

string

pin
optional

If the guest email was sent with optional PIN, must be provided here

string

question
optional

A question to use in the event of a password reset

string

HasKeyResponse

Name Description Schema

categories
optional

Either a single (String) or list (Array) of upper-case category identifiers to which the error belongs.

string

category
optional

Maintained for legacy reasons: The numeric representation of the first category.

integer

code
optional

Error code consisting of an upper-case module identifier and a four-digit message number, separated by a dash; e.g. "MSG-0012"

string

data
optional

HasKeyResult

error
optional

The translated error message. Present in case of errors.

string

error_desc
optional

The technical error message (always English) useful for debugging the problem. Might be the same as error message if there is no more information available.

string

error_id
optional

Unique error identifier to help finding this error instance in the server logs.

string

error_params
optional

As of 7.4.2: Empty JSON array. Before that: Parameters for the error message that would need to be replaced in the error string (in a printf-format style).

< string > array

error_stack
optional

If configured (see "com.openexchange.ajax.response.includeStackTraceOnError" in "server.properties") this field provides the stack trace of associated Java exception represented as a JSON array.

< string > array

HasKeyResult

An result object which describes if the user has a key pair available or not.

Name Description Schema

hasPrivateKey
optional

True, if the user has at least one private PGP key, False otherwise

boolean

hasPublicKey
optional

True, if the user has at least one public PGP key, False otherwise

boolean

KeyRing

The key ring of the response.

Name Description Schema

contextId
optional

The context ID of the user

integer

current
optional

Whether the key ring is marked as "current" or not

boolean

privateRing
optional

PrivateKeyRing

publicRing
optional

PublicKeyRing

userId
optional

The user ID

integer

KeyRingCollection

Name Description Schema

keyRings
optional

An array of PGP key rings containing public and/or private PGP keys.

< KeyRing > array

KeySource

The original source of a key ring

Name Description Schema

name
optional

The name of the source

string

trustLevel
optional

The source’s level of trust. A higher value means a higher trusted source.

integer

trusted
optional

True if the Guard server thinks the source is trusful, False otherwise.

boolean

LoginRequestData

The data for performing a LoginRequest

Name Description Schema

encr_password
optional

The plain text password of the user’s OX Guard key, or null if just fetching user settings.

string

language
optional

The language code of the client (for example "de_DE"), or null for the default value (en_EN).
Default : "en_EN"

string

LoginResponse

Name Description Schema

auth
optional

The authentication token which can be used in further OX Guard requests.

string

cid
optional

The ID of the context the user belongs to.

integer

lang
optional

A set of availble languages translated for the user’s locale.

< string, string > map

primaryEmail
optional

The user’s primary email address.

string

pubKey
optional

The OX Guard server’s own public key.

string

recoveryAvail
optional

Describes if OX Guard password recovery is available for the user’s keys.

boolean

server
optional

The version of the OX Guard backend.

string

settings
optional

A settings object containing various OX Guard settings for the user.

settings

settings

Name Description Schema

inline
optional

True to use PGP inline by default when sending encrypted or signed emails, False to use PGP/MIME by default.

boolean

min_password_length
optional

The minimum length of an OX Guard key password.

integer

noDeletePrivate
optional

True if the user is prohibited to remove the private key, False if he is allowed to delete it.

boolean

noDeleteRecovery
optional

False if password recovery is available and the user is allowed to turn it off. True if the user is not allowed to remove the password recovery.

boolean

noRecovery
optional

True if the password recovery for keys is not available, False if the password recovery is available.

boolean

password_length
optional

The maximum length of an OX Guard key password.

integer

pgpdefault
optional

True to encrypt emails by default when composing, False to not encrypt emails by default.

boolean

pgpsign
optional

True to sign emails by default when composing, False to not sign emails by default.

boolean

PGPSettingsData

The user’s PGP settings.

Name Description Schema

inline
optional

True to use PGP inline by default when sending encrypted or signed emails, False to use PGP/MIME by default.

boolean

pgpdefault
optional

True to encrypt emails by default when composing, False to not encrypt emails by default.

boolean

pgpsign
optional

True to sign emails by default when composing, False to not sign emails by default.

boolean

PrivateKey

Private key meta data

Name Description Schema

expired
optional

True, if the key is marked as expired, False otherwise.

boolean

id
optional

The PGP key ID.

integer(int64)

masterKey
optional

True, if the key is the "master" key, false otherwise.

boolean

userIds
optional

An array containing all user identifiers.

< string > array

PrivateKeyRing

Name Description Schema

keys
optional

An array of private keys

< PrivateKey > array

ring
optional

The ASCII armored key material of the private key ring.

string

PublicKey

Public key meta data

Name Description Schema

creationTime
optional

The time stamp of creation (milliseconds since January 1, 1970, 00:00:00 GMT).

integer(int64)

encryptionKey
optional

True, if the key can be used for encryption, false otherwise.

boolean

expired
optional

True, if the key is marked as expired, False otherwise.

boolean

fingerPrint
optional

The hexadecimal representation of the key ID.

string

hasPrivateKey
optional

True, if the public key has a known corresponding private key.

boolean

id
optional

The PGP key ID.

integer(int64)

masterKey
optional

True, if the key is the "master" key, false otherwise.

boolean

revoked
optional

True, if the key has been revoked, false otherwise.

boolean

userIds
optional

An array containing all user identifiers.

< string > array

validSeconds
optional

The amount of seconds that the key is valid.

integer(int64)

PublicKeyRing

Name Description Schema

keys
optional

An array of public keys

< PublicKey > array

ring
optional

The ASCII armored key material of the public key ring.

string

RecipKey

The recipient’s key data

Name Description Schema

guest
optional

True, if the recipient is treated as guest, False otherwise.

boolean

keySource
optional

KeySource

newCreated
optional

True, if the key was created during this request with the "create" parameter set.

boolean

newKey
optional

True, if the key was created during this request with the "create" parameter set. Also True if the "create" parameter is missing but the key would have been created with the parameter present.

boolean

publicRing
optional

PublicKeyRing