verify - verify
Verifies a signature using a specified key.
The VERIFY operation is applicable to symmetric keys stored in Azure Key Vault. VERIFY is not strictly necessary for asymmetric keys stored in Azure Key Vault since signature verification can be performed using the public portion of the key but this operation is supported as a convenience for callers that only have a key-reference and not the public portion of the key. This operation requires the keys/verify permission.
POST {vaultBaseUrl}/keys/{key-name}/{key-version}/verify?api-version=7.4URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
key-name
|
path | True |
string |
The name of the key. |
|
key-version
|
path | True |
string |
The version of the key. |
|
vault
|
path | True |
string |
The vault name, for example https://myvault.vault.azure.net. |
|
api-version
|
query | True |
string |
Client API version. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| alg | True |
The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. |
|
| digest | True |
string |
The digest used for signing. |
| value | True |
string |
The signature to be verified. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
The verification result. |
|
| Other Status Codes |
Key Vault error response describing why the operation failed. |
Examples
Verify
Sample request
POST https://myvault.vault.azure.net//keys/testkey/9885aa558e8d448789683188f8c194b0/verify?api-version=7.4
{
"alg": "RS512",
"value": "RUE3Nzg4NTQ4QjQ5RjFFN0U2NzAyQzhDNEMwMkJDOTA1MTYyOTUzNjI5NDhBNzZDQTlFOTM1NDA2M0ZGMjk2Mg",
"digest": "aKFG8NXcfTzqyR44rW42484K_zZI_T7zZuebvWuNgAoEI1gXYmxrshp42CunSmmu4oqo4-IrCikPkNIBkHXnAW2cv03Ad0UpwXhVfepK8zzDBaJPMKVGS-ZRz8CshEyGDKaLlb3J3zEkXpM3RrSEr0mdV6hndHD_mznLB5RmFui5DsKAhez4vUqajgtkgcPfCekMqeSwp6r9ItVL-gEoAohx8XMDsPedqu-7BuZcBcdayaPuBRL4wWoTDULA11P-UN_sJ5qMj3BbiRYhIlBWGR04wIGfZ3pkJjHJUpOvgH2QajdYPzUBauOCewMYbq9XkLRSzI_A7HkkDVycugSeAA"
}
Sample response
{
"value": true
}Definitions
| Name | Description |
|---|---|
| Error |
The key vault server error. |
|
Json |
The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. |
|
Key |
The key vault error exception. |
|
Key |
The key verify parameters. |
|
Key |
The key verify result. |
Error
The key vault server error.
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| innererror |
The key vault server error. |
|
| message |
string |
The error message. |
JsonWebKeySignatureAlgorithm
The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm.
| Name | Type | Description |
|---|---|---|
| ES256 |
string |
ECDSA using P-256 and SHA-256, as described in https://tools.ietf.org/html/rfc7518. |
| ES256K |
string |
ECDSA using P-256K and SHA-256, as described in https://tools.ietf.org/html/rfc7518 |
| ES384 |
string |
ECDSA using P-384 and SHA-384, as described in https://tools.ietf.org/html/rfc7518 |
| ES512 |
string |
ECDSA using P-521 and SHA-512, as described in https://tools.ietf.org/html/rfc7518 |
| PS256 |
string |
RSASSA-PSS using SHA-256 and MGF1 with SHA-256, as described in https://tools.ietf.org/html/rfc7518 |
| PS384 |
string |
RSASSA-PSS using SHA-384 and MGF1 with SHA-384, as described in https://tools.ietf.org/html/rfc7518 |
| PS512 |
string |
RSASSA-PSS using SHA-512 and MGF1 with SHA-512, as described in https://tools.ietf.org/html/rfc7518 |
| RS256 |
string |
RSASSA-PKCS1-v1_5 using SHA-256, as described in https://tools.ietf.org/html/rfc7518 |
| RS384 |
string |
RSASSA-PKCS1-v1_5 using SHA-384, as described in https://tools.ietf.org/html/rfc7518 |
| RS512 |
string |
RSASSA-PKCS1-v1_5 using SHA-512, as described in https://tools.ietf.org/html/rfc7518 |
| RSNULL |
string |
Reserved |
KeyVaultError
The key vault error exception.
| Name | Type | Description |
|---|---|---|
| error |
The key vault server error. |
KeyVerifyParameters
The key verify parameters.
| Name | Type | Description |
|---|---|---|
| alg |
The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. |
|
| digest |
string |
The digest used for signing. |
| value |
string |
The signature to be verified. |
KeyVerifyResult
The key verify result.
| Name | Type | Description |
|---|---|---|
| value |
boolean |
True if the signature is verified, otherwise false. |