Introduction

Last updated: 2021-09-13

IBM® Blockchain Platform provides a managed and full stack blockchain-as-a-service (BaaS) offering. It simplifies your journey to build a Hyperledger Fabric based blockchain network and allows you to deploy blockchain components in environments of your choice.

These APIs are for provisioning Fabric components and administering the IBM Blockchain Platform console. They do not include Fabric operations.

- Use Fabric CA APIs to perform CA operations such as registering or enrolling users.
- Use Fabric SDKs or Peer CLI commands, v1.4 or v2.2, to perform other Fabric operations.

A GoLang SDK/module is available. This module will allow you to use native Go functions to leverage the IBP API functionality.

With the Go tab selected GoLang code examples will appear to the right of each API in this panel.

# Install the Go SDK using the command:
go get -u github.com/IBM-Blockchain/ibp-go-sdk

GitHub

https://github.com/IBM-Blockchain/ibp-go-sdk

A Node SDK/module is available. This module will allow you to use native JS functions to leverage the IBP API functionality.

With the Node tab selected node.js code examples will appear to the right of each API in this panel.

# Install the Node SDK using the command:
npm i ibp-node-sdk

GitHub

https://github.com/IBM-Blockchain/ibp-node-sdk

A Python SDK/module is available. This module will allow you to use native Python functions to leverage the IBP API functionality.

With the Python tab selected python code examples will appear to the right of each API in this panel.

# Install the Python SDK using the command:
pip install --upgrade "ibp-python-sdk>=0.1.0"

GitHub

https://github.com/IBM-Blockchain/ibp-python-sdk

A Java SDK is available. This SDK will allow you to use native JS functions to leverage the IBP API functionality.

With the Java tab selected java code examples will appear to the right of each API in this panel.

Please see the install instructions in the GitHub repo.

# using SDKMan to use an installed Java 8
sdk use java 8.0.275.hs-adpt

# clone the repository
git clone https://github.com/IBM-Blockchain/ibp-java-sdk

# Package and Install to the local maven repository
mvn package install

GitHub

https://github.com/IBM-Blockchain/ibp-java-sdk

With the Curl tab selected curl examples will appear to the right of each API in this panel.

Updates

January 2021

  • SDKs
    • Added IBP SDK/modules for Node, Python, & Java. Details.
  • v3 APIs
    • New IBM Blockchain Platform console APIs using the route /v3/ are now available. Use of the earlier /v2/ & /v1/ APIs can continue. However,/v1/ is deprecated.
    • Added the /actions API to submit an action to an orderer, ca or peer. Actions include tasks such as restarting and various certificate renewals.
    • The create peer and orderer apis replaced the field config with crypto. crypto uses a different schema than config. See the desired create api for format details.
    • Component response have a new field called msp. See the get-component-data response for format details.
    • The import peer, orderer and CA apis now require the msp field. See the desired import api for format details.
    • CA responses moved the fields ca_name & tlsca_name to msp.ca.name & msp.tlsca.name respectively. See the get-component-data response for format details.
  • Create OS response change

August 2020

  • Updated configuration override options
    • More config settings are editable via config_override.
  • Go SDK Docs/Examples
    • A GoLang SDK/module for IBP APIs is available. Details.

March 2020

  • v2 APIs
    • New IBM Blockchain Platform console APIs using the route /v2/ are now available. Use of the earlier /v1/ APIs continues to be supported.
  • Configuration override
    • The IBM® Blockchain Platform APIs have been updated to allow you to customize the deployment of your component. The Fabric Certificate authority (CA), peer, and ordering node configuration files can now be customized by sending a configuration override in JSON. For more information, see Configuration Override.

Authentication

  • If you are looking for instructions on using APIs with the IBP Software (IBM Blockchain Platform on the OpenShift Container Platform or Kubernetes) refer to these instructions for authentication instead.

  • If you are looking for instructions on using APIs with the IBM Support for Hyperledger Fabric refer to these instructions for authentication instead.

  • If you are looking for instructions on using APIs with the IBM Blockchain on IBM Cloud, they are below:

Introduction

Authentication to each API is managed by IBM Cloud's Identity Access Management (IAM). To call each API, the user needs to be assigned a role that includes the required IAM permission (action). For more information about IAM roles and what permissions they have see the IBP Role to permissions mapping table.

To summarize: IAM users have roles, roles enable a set of actions, and each api looks for a required action.

Specifically, to authenticate an API request you need to provide an access/bearer token in each request. To do that we first need to create a service credential, then exchange the API key from the service credential for an access/bearer token. Finally, construct the authorization header with the access/bearer token.

To start, gather the following:

  • API-Key and API-Endpoint

    The (IAM) API key is used to authenticate your requests to your IBM Blockchain Platform service instance. The API-Endpoint is the url that allows you to access your service instance.

    You can get the API key and API Endpoint by creating a new service credential for your service instance:

    1. In your IBM Cloud dashboard, open the IBM Blockchain Platform service instance that you created.
    2. Click Service credentials from the left navigator.
    3. Click the "New Credential" button on the Service credentials page to create a new credential.
      1. Give the credential a Name to remember its purpose. Example, Test Service Credential.
      2. Select a permission (Manager, Writer, or Reader) from the Role drop-down. For more information about each role, see the table in Add and remove users from the console.
      3. Ignore the optional Select Service ID drop-down.
      4. Ignore the optional Inline configuration Parameters text-area.
      5. Click the Add button.
    4. After the new credential is created, click View credentials under the Actions table header. The field api_endpoint value is your API-Endpoint and the apikey value is your API-Key. An example service credential is shown in right pane ->.
      • apikey - This field is your IAM API key. The example steps on this page refer to this field as {API-Key}. It is a secret/password that does not expire. Keep this key in a secure location. You will use this value in the next step.
      • api_endpoint - This is your IBM Blockchain Platform console url. All API requests need be sent to this url. The examples in the right pane will use the symbol {API-Endpoint} to refer to this field. When copying an example, replace this text (including the brackets) with the url of your IBP console. Your url will look similar to https://abcd-ibpconsole-console.uss01.blockchain.cloud.ibm.com.

  • Access-Token

    Authenticate your app or service by including your IBM Cloud IAM access token (also known as a bearer token) in the HTTP requests as a header. Note that if you are using our SDKs, this is done for you. Thus you can skip this section. If you are using curl or a similar method we need to build the authorization HTTP header next. First lets get the access token:

    1. To generate an access token, you must send the IAM API-Key to an IAM exchange endpoint. The response will have an access/bearer token that is good for 1 hour. There is a curl example in the right pane -> and details below:

      • Method: POST
      • Endpoint: "https://iam.cloud.ibm.com/identity/token"
      • Data: "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey={API-Key}"
        • Replace {API-Key} including the brackets with your key.

      Access/bearer tokens are valid for one hour, but you can regenerate them as needed. To maintain access to the service, refresh the access token regularly.

API-Key and API-Endpoint.

The service credential looks similar to the following example, where the api_endpoint value is your API Endpoint and the apikey value is your API key.

// example service credential:

{
  "api_endpoint": "https://abcd-ibpconsole-console.uss01.blockchain.cloud.ibm.com",

  "apikey": "1234s4eoUn7aBRRngGkgYKPqtP3h81ByLs7xHcqJ_aReu",

  "iam_apikey_description": "Auto-generated for key abcd-1234-5678-ba06-23c43053df8c",

  "iam_apikey_name": "my test key",

  "iam_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Manager",

  "iam_serviceid_crn": "crn:v1:staging:public:iam-identity::a/1234037caee397faa45c55e087d26baa::serviceid:ServiceId-12345-9c37-4f68-8572-8d6e2aabbc7e"
}

Access-Token

Open a terminal and call this IAM API to generate an access/bearer token. First, replace the {API-Key} with the apikey value in your service credential.

curl -X POST "https://iam.cloud.ibm.com/identity/token"   -H "Accept: application/json"   -H "Content-Type: application/x-www-form-urlencoded"   -d "grant_type=urn:ibm:params:oauth:grant-type:apikey&apikey={API-Key}"

The response that is returned by this curl command contains multiple fields. Be sure to copy and use the value of the access_token field for the Bearer token authorization header.

// example response (values are abbreviated for brevity):
{
  "access_token": "eyJraWQiOiIyMDE5MDcyNCIsImFsZyI6IlJTMjU2In0.eyJpYW1faWQiTQzM...",

  "refresh_token": "OKCdugM9yM4QAuDqQBXC-FnkcqXGqbQPI5y3dWMDCNbUzXYIO-gwA0LzlFe...",

  "token_type": "Bearer",

  "expires_in": 3600,

  "expiration": 1577854800,

    "scope": "ibm openid"
}

The Go SDK/module will generate and renew the IAM api_token automatically! The only step you need to do is pass the apikey and the service instance url to the sdk.

// imports
import (
    "github.com/IBM-Blockchain/ibp-go-sdk/blockchainv3"
)

// Create an authenticator
authenticator := &core.IamAuthenticator{
    ApiKey: "{API-Key}",
}

// Create an instance of the "BlockchainV3Options" struct
options := &blockchainv3.BlockchainV3Options{
    Authenticator: authenticator,
    URL: "https://{API-Endpoint}",
}

The Node SDK/module will generate and renew the IAM api_token automatically! The only step you need to do is pass the apikey and the service instance url to the sdk.

// imports
const ibp = require('ibp-node-sdk');

// Create an authenticator
const authenticator = new ibp.IamAuthenticator({
    apikey: '{API-Key}',
});

// Create client from the "BlockchainV3" class
const client = ibp.BlockchainV3.newInstance({
  authenticator: authenticator,
  url: 'https://{API-Endpoint}',
});

The Python SDK/module will generate and renew the IAM api_token automatically! The only step you need to do is pass the apikey and the service instance url to the sdk.

# imports
from ibp_python_sdk import BlockchainV3, IAMAuthenticator, ApiException

# Create an authenticator
authenticator = IAMAuthenticator(
    apikey='{API-Key}'
)

# Create client from the "BlockchainV3" class
service = BlockchainV3(
    authenticator=authenticator
)
service.set_service_url('https://{API-Endpoint}')

The Java SDK will generate and renew the IAM api_token automatically! The only step you need to do is pass the apikey and the service instance url to the sdk.

// imports
import com.ibm.cloud.blockchain.v3.Blockchain;
import com.ibm.cloud.blockchain.v3.model.*;
import com.ibm.cloud.sdk.core.*;

// Create an IAM authenticator
IamAuthenticator authenticator = new IamAuthenticator("{API-Key}");

// Create client
Blockchain bc = new Blockchain("myIbp", authenticator);
bc.setServiceUrl("https://{API-Endpoint}");

Build HTTP Header

Using the response of the access token api call you can now create the http Authorization header. This header authorizes all IBP console APIs (given the IAM API key has the necessary role). It should follow this format:

Authorization: Bearer {Access-Token}
  • If you are using curl, the header can be set with this argument: -H "Authorization: Bearer {Access-Token}"
  • Replace the text {Access-Token} (including the brackets) with the value of your access_token field. However, note that the JSON response contains multiple fields. Only copy the value of the access_token field.
  • With the Authorization header set, the hard part is done. Next pick an api, set the route, set a body (if applicable) and fire!

Response Codes

The IBM Blockchain Platform APIs use standard HTTP status codes to indicate whether a method completed successfully. A 200-299 status code indicates a success. A 400-599 status code indicates a failure. All APIs will respond with JSON and set the response header Content-Type to application/json.

HTTP Status Code Description Recovery
2xx OK The request was successful. The response contains details.
4xx Invalid Request There is some issue with the request such as invalid permission, invalid input, or invalid route. Correct and try again.
5xx Internal Error The request could not be processed due to an internal issue or an issue with a dependency. Wait a few minutes and try again.

Rate Limits

All endpoints are protected by a rate limiter. If a client exceeds the limit, the server will not process the request and respond with a status code of 429. The client should back off and try the same request later.

There is a "base" limit of 25 requests per minute which applies to APIs that change state. Requests that do not alter state, such as one's with a GET method, have a a limit of 4 x base or 100 requests per min. These limits can be customized with the Change IBP console settings API.

  • The remaining requests a client can make (of the same type) before hitting the limit can be seen in the response header X-RateLimit-Remaining
  • When the limit is exceeded a UNIX timestamp (UTC) of when the client can retry is returned in the response header X-RateLimit-Reset
  • API rates are applied to individual clients

Examples

This page is broken up into three panes. The leftmost pane contains navigation. The middle pane has API documentation. The far right contains syntax examples of each API.

Curl Examples

A curl example appears to the right of each documented api (if the Curl tab is selected). If you are unfamiliar with cURL, it is free software that allows you to send HTTP requests by using a command line interface. It is the quickest way to interact with the IBM Blockchain Platform APIs.

After curl is installed locally (it is often already installed by many operating systems), you can copy the example curl text and paste it into command line. Remember to replace the placeholders in the curl example with specific values for your service instance.

Most of the curl examples have placeholder values. They need to be replaced to use the API. For example, the fields api_url, grpcwp_url, tls_cert, admins, root_certs & tls_root_certs in all curl examples are examples. They must be replaced with values for your components or identities.

In most cases the API will be rejected if the examples are left unchanged. This is especially true for certificate examples.

SDK Examples

SDK examples will appear to the right of each documented api (based on the selected language). More SDK details.

Postman

APIs are available to download a working Postman collection, which includes example API requests for all the APIs. If you are unfamiliar with Postman, it is free software that allows you to send and save HTTP requests by using a graphical user interface. It is easier to use than curl (less error prone).

See the Generate Postman collection APIs in the Download examples section to download a collection for your preferred auth. When Postman is installed, you can import this collection and then use Postman to interact with the APIs.

Just like the other examples, these examples will contain placeholder values. The placeholder values must be replaced to have a properly working request.

OpenAPI

There is an API to download the OpenAPI file (also known as the swagger file) that is used to build this page. If you are unfamiliar with OpenAPI, it is a file-based documentation standard that allows an application to document supported HTTP requests. Our version of the file documents the APIs offered by the IBM Blockchain Platform console. It is the same file that helped generate the API section below.

After you download the file, you can use it with various tools that support OpenAPI v3. For example, you can copy and paste the file into a swagger editor to browse the APIs we offer through an offline interface. See the Download OpenAPI file API in the Download examples section to get the swagger file.

SDK

We currently offer GoLang, Node, Python, & Java SDKs. These modules will allow you to use native functions to leverage the IBP API functionality. The SDK syntax can also be found in this documentation. Click on the desired language (near the top right of this window) to see language specific example syntax instead of curl examples. These examples will appear to the right of each API as you scroll through them.

For detailed SDK installation and auth setup refer to the SDK's readme:

The examples (in the right pane of this window) contain placeholder text which will need to be replaced. The placeholders will use curly brackets around title case names, such as:

- {API-Endpoint} - Replace this text (including the brackets) with the url of your IBP console. It will be similar to https://abcd-ibpconsole-console.uss01.blockchain.cloud.ibm.com.
- {Component-ID} - Replace this text (including the brackets) with the id of a component. Components ids are strings, similar to mypeer.
- {API-Key} - Replace this text (including the brackets) with your IAM API Key. See that the auth instructions to obtain one.

GoLang code examples will appear to the right of each API in this panel.

# Install the Go SDK using the command:
go get -u github.com/IBM-Blockchain/ibp-go-sdk

GitHub

https://github.com/IBM-Blockchain/ibp-go-sdk

Node.js code examples will appear to the right of each API in this panel.

# Install the Node SDK using the command:
npm i ibp-node-sdk

GitHub

https://github.com/IBM-Blockchain/ibp-node-sdk

Python code examples will appear to the right of each API in this panel.

# Install the Python SDK using the command:
pip install --upgrade "ibp-python-sdk>=0.1.0"

GitHub

https://github.com/IBM-Blockchain/ibp-python-sdk

Java code examples will appear to the right of each API in this panel.

# using SDKMan to use an installed Java 8
sdk use java 8.0.275.hs-adpt

# clone the repository
git clone https://github.com/IBM-Blockchain/ibp-java-sdk

# Package and Install to the local maven repository
mvn package install

GitHub

https://github.com/IBM-Blockchain/ibp-java-sdk

Configuration Override

You have the option of customizing the configuration of a CA, peer, or ordering node by setting the configuration override field in certain APIs. Normally the components that are deployed by the IBM Blockchain console APIs are configured with default Fabric values that are provided by the fabric-ca-server-config.yaml, orderer.yaml, and core.yaml files. However, you can customize your component's settings by providing the field config_override in the body of a create or update component API. The value of the field would contain the desired configuration. You can use the override to deploy a High Availability (HA) CA or deploy components that use a Hardware Security Module (HSM). For more information about the override, High Availability CAs, or HSMs, see Advanced deployment options.

You can find the configuration fields documented in the Fabric configuration sample files:

Examples

Methods

Get component data

Get the IBP console's data on a component (peer, CA, orderer, or MSP). The component might be imported or created.

API Availability:

  • available on all IBP distributions.

Get the IBP console's data on a component (peer, CA, orderer, or MSP). The component might be imported or created.

Get the IBP console's data on a component (peer, CA, orderer, or MSP). The component might be imported or created.

Get the IBP console's data on a component (peer, CA, orderer, or MSP). The component might be imported or created.

Get the IBP console's data on a component (peer, CA, orderer, or MSP). The component might be imported or created.

GET /ak/api/v3/components/{id}
(blockchain *BlockchainV3) GetComponent(getComponentOptions *GetComponentOptions) (result *GenericComponentResponse, response *core.DetailedResponse, err error)
(blockchain *BlockchainV3) GetComponentWithContext(ctx context.Context, getComponentOptions *GetComponentOptions) (result *GenericComponentResponse, response *core.DetailedResponse, err error)
getComponent(params)
get_component(self,
        id: str,
        *,
        deployment_attrs: str = None,
        parsed_certs: str = None,
        cache: str = None,
        ca_attrs: str = None,
        **kwargs
    ) -> DetailedResponse
ServiceCall<GenericComponentResponse> getComponent(GetComponentOptions getComponentOptions)

Auditing

Calling this method generates the following auditing event.

  • blockchain.components.read

Request

Instantiate the GetComponentOptions struct and set the fields to provide parameter values for the GetComponent method.

Use the GetComponentOptions.Builder to create a GetComponentOptions object that contains the parameter values for the getComponent method.

Path Parameters

  • id
    Required*
    string

    The id of the component to retrieve. Use the Get all components API to determine the component id.

Query Parameters

  • deployment_attrs
    string

    Set to 'included' if the response should include Kubernetes deployment attributes such as 'resources', 'storage', 'zone', 'region', 'admin_certs', etc. Default responses will not include these fields.

    This parameter will not work on imported components.

    It's recommended to use cache=skip as well if up-to-date deployment data is needed.

    Allowable values: [included,omitted]

    Example: included

  • parsed_certs
    string

    Set to 'included' if the response should include parsed PEM data along with base 64 encoded PEM string. Parsed certificate data will include fields such as the serial number, issuer, expiration, subject, subject alt names, etc. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Example: included

  • cache
    string

    Set to 'skip' if the response should skip local data and fetch live data wherever possible. Expect longer response times if the cache is skipped. Default responses will use the cache.

    Allowable values: [skip,use]

    Example: skip

  • ca_attrs
    string

    Set to 'included' if the response should fetch CA attributes, inspect certificates, and append extra fields to CA and MSP component responses.

    • CA components will have fields appended/updated with data fetched from the /cainfo?ca=ca endpoint of a CA, such as: ca_name, root_cert, fabric_version, issuer_public_key and issued_known_msps. The field issued_known_msps indicates imported IBP MSPs that this CA has issued. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported MSPs are checked. Default responses will not include these fields.
    • MSP components will have the field issued_by_ca_id appended. This field indicates the id of an IBP console CA that issued this MSP. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported/created CAs are checked. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Example: included

parameter

WithContext method only

GetComponentOptions

The GetComponent options.

parameters

  • id
    Required*
    string

    The id of the component to retrieve. Use the Get all components API to determine the component id.

  • deploymentAttrs
    string

    Set to 'included' if the response should include Kubernetes deployment attributes such as 'resources', 'storage', 'zone', 'region', 'admin_certs', etc. Default responses will not include these fields.

    This parameter will not work on imported components.

    It's recommended to use cache=skip as well if up-to-date deployment data is needed.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html
  • parsedCerts
    string

    Set to 'included' if the response should include parsed PEM data along with base 64 encoded PEM string. Parsed certificate data will include fields such as the serial number, issuer, expiration, subject, subject alt names, etc. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html
  • cache
    string

    Set to 'skip' if the response should skip local data and fetch live data wherever possible. Expect longer response times if the cache is skipped. Default responses will use the cache.

    Allowable values: [skip,use]

    Examples:
    value
    _source
    _lines
    _html
  • caAttrs
    string

    Set to 'included' if the response should fetch CA attributes, inspect certificates, and append extra fields to CA and MSP component responses.

    • CA components will have fields appended/updated with data fetched from the /cainfo?ca=ca endpoint of a CA, such as: ca_name, root_cert, fabric_version, issuer_public_key and issued_known_msps. The field issued_known_msps indicates imported IBP MSPs that this CA has issued. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported MSPs are checked. Default responses will not include these fields.
    • MSP components will have the field issued_by_ca_id appended. This field indicates the id of an IBP console CA that issued this MSP. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported/created CAs are checked. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html

parameters

  • id
    Required*
    str

    The id of the component to retrieve. Use the Get all components API to determine the component id.

  • deployment_attrs
    str

    Set to 'included' if the response should include Kubernetes deployment attributes such as 'resources', 'storage', 'zone', 'region', 'admin_certs', etc. Default responses will not include these fields.

    This parameter will not work on imported components.

    It's recommended to use cache=skip as well if up-to-date deployment data is needed.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html
  • parsed_certs
    str

    Set to 'included' if the response should include parsed PEM data along with base 64 encoded PEM string. Parsed certificate data will include fields such as the serial number, issuer, expiration, subject, subject alt names, etc. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html
  • cache
    str

    Set to 'skip' if the response should skip local data and fetch live data wherever possible. Expect longer response times if the cache is skipped. Default responses will use the cache.

    Allowable values: [skip,use]

    Examples:
    value
    _source
    _lines
    _html
  • ca_attrs
    str

    Set to 'included' if the response should fetch CA attributes, inspect certificates, and append extra fields to CA and MSP component responses.

    • CA components will have fields appended/updated with data fetched from the /cainfo?ca=ca endpoint of a CA, such as: ca_name, root_cert, fabric_version, issuer_public_key and issued_known_msps. The field issued_known_msps indicates imported IBP MSPs that this CA has issued. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported MSPs are checked. Default responses will not include these fields.
    • MSP components will have the field issued_by_ca_id appended. This field indicates the id of an IBP console CA that issued this MSP. Meaning the MSP's root cert contains a signature that is derived from this CA's root cert. Only imported/created CAs are checked. Default responses will not include these fields.

    Allowable values: [included,omitted]

    Examples:
    value
    _source
    _lines
    _html

GetComponentOptions

The getComponent options.

  • curl -X GET "https://{API-Endpoint}/ak/api/v3/components/{Component-ID}?cache=skip&deployment_attrs=included" -H "Authorization: Bearer {Access-Token}"
  • // Create an authenticator
authenticator := &core.IamAuthenticator{
    ApiKey: "{API-Key}",
}

// Create an instance of the "BlockchainV3Options" struct
options := &blockchainv3.BlockchainV3Options{
    Authenticator: authenticator,
    URL: "https://{API-Endpoint}",
}

// Create an instance of the "BlockchainV3" service client.
service, err := blockchainv3.NewBlockchainV3(options)
if err != nil {
    return
}

// Get data for component
opts := service.NewGetComponentOptions("{Component-ID}")
result, detailedResponse, err := service.GetComponent(opts)
fmt.Println("result:", result)
fmt.Println("response:", detailedResponse)
  • // Create an authenticator
const authenticator = new ibp.IamAuthenticator({
  apikey: '{API-Key}',
});

// Create client from the "BlockchainV3" class
const client = ibp.BlockchainV3.newInstance({
  authenticator: authenticator,
  url: 'https://{API-Endpoint}',
});

// Get data for component
try {
  const response = await client.getComponent({ id: '{Component-ID}' });
  console.log('response:', response.result);
  // handle good response here
} catch (e) {
  console.error('error response:', e.body);
  // handle error here
}
  • try {
  // Create an IAM authenticator.
  IamAuthenticator authenticator = new IamAuthenticator("{API-Key}");

  Blockchain bc = new Blockchain("myIbp", authenticator);
  bc.setServiceUrl("https://{API-Endpoint}");

  // get all the peer components
  GetComponentsOptions options = new GetComponentsOptions.Builder().id({id})
        .build();
  ServiceCall<GeResponse> call = bc.getComponents(options);
  Response<GetResponse> response = call.execute();

  if (response.getStatusCode() != 200) {
      throw new RuntimeException("Error code "+response.getStatusCode()+" : "+response.getStatusMessage());
  }
  GenericComponentResponse l = response.getResult();

  System.out.println(l);
} catch (ServiceResponseException e) {
   // essential to catch and get the debugging information
  RuntimeException wrappedError = new RuntimeException(e.getDebuggingInfo().toString());
  wrappedError.initCause(e);
  throw wrappedError;
}
  • # Create an authenticator
authenticator = IAMAuthenticator(
  apikey='{API-Key}'
)

# Create client from the "BlockchainV3" class
client = BlockchainV3(
  authenticator=authenticator
)
client.set_service_url('https://{API-Endpoint}')

# Get data for component
try:
  response = client.get_component(id='{Component-ID}')
  print(f'response: {response.result}')
  # handle good response here 
except ApiException as e:
  print(f'error response: {e.message}')
  # handle error here

Response

Response Body

GenericComponentResponse

Contains the details of a component. Not all components have the same fields, see description of each field for details.

GenericComponentResponse

Contains the details of a component. Not all components have the same fields, see description of each field for details.

GenericComponentResponse

Contains the details of a component. Not all components have the same fields, see description of each field for details.

GenericComponentResponse

Contains the details of a component. Not all components have the same fields, see description of each field for details.

GenericComponentResponse

Contains the details of a component. Not all components have the same fields, see description of each field for details.

Status Code

  • 200

    Request was successful.

  • 401

    Request is unauthorized (invalid credentials).

  • 403

    Request is forbidden (credentials lack permission).

  • 404

    Component in request was not found.

Example responses
  • {
  "id": "myca-2",
  "type": "fabric-ca",
  "display_name": "Example CA",
  "grpcwp_url": "https://n3a3ec3-mypeer-proxy.ibp.us-south.containers.appdomain.cloud:8084",
  "api_url": "grpcs://n3a3ec3-mypeer.ibp.us-south.containers.appdomain.cloud:7051",
  "operations_url": "https://n3a3ec3-mypeer.ibp.us-south.containers.appdomain.cloud:9443",
  "msp": {
    "ca": {
      "name": "org1CA",
      "root_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    },
    "tlsca": {
      "name": "org1tlsCA",
      "root_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    },
    "component": {
      "tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
      "ecert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
      "admin_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    }
  },
  "msp_id": "Org1",
  "location": "ibmcloud",
  "node_ou": {
    "enabled": true
  },
  "resources": {
    "ca": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "peer": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "orderer": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "proxy": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "statedb": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    }
  },
  "scheme_version": "v1",
  "state_db": "couchdb",
  "storage": {
    "ca": {
      "size": "4GiB",
      "class": "default"
    },
    "peer": {
      "size": "4GiB",
      "class": "default"
    },
    "orderer": {
      "size": "4GiB",
      "class": "default"
    },
    "statedb": {
      "size": "4GiB",
      "class": "default"
    }
  },
  "timestamp": 1537262855753,
  "tags": [
    "fabric-ca"
  ],
  "version": "1.4.6-1",
  "zone": "-"
}
  • {
  "id": "myca-2",
  "type": "fabric-ca",
  "display_name": "Example CA",
  "grpcwp_url": "https://n3a3ec3-mypeer-proxy.ibp.us-south.containers.appdomain.cloud:8084",
  "api_url": "grpcs://n3a3ec3-mypeer.ibp.us-south.containers.appdomain.cloud:7051",
  "operations_url": "https://n3a3ec3-mypeer.ibp.us-south.containers.appdomain.cloud:9443",
  "msp": {
    "ca": {
      "name": "org1CA",
      "root_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    },
    "tlsca": {
      "name": "org1tlsCA",
      "root_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    },
    "component": {
      "tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
      "ecert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
      "admin_certs": [
        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCkNlcnQgZGF0YSB3b3VsZCBiZSBoZXJlIGlmIHRoaXMgd2FzIHJlYWwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
      ]
    }
  },
  "msp_id": "Org1",
  "location": "ibmcloud",
  "node_ou": {
    "enabled": true
  },
  "resources": {
    "ca": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "peer": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "orderer": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "proxy": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    },
    "statedb": {
      "requests": {
        "cpu": "100m",
        "memory": "64M"
      },
      "limits": {
        "cpu": "8000m",
        "memory": "16384M"
      }
    }
  },
  "scheme_version": "v1",
  "state_db": "couchdb",
  "storage": {
    "ca": {
      "size": "4GiB",
      "class": "default"
    },
    "peer": {
      "size": "4GiB",
      "class": "default"
    },
    "orderer": {
      "size": "4GiB",
      "class": "default"
    },
    "statedb": {
      "size": "4GiB",
      "class": "default"
    }
  },
  "timestamp": 1537262855753,
  "tags": [
    "fabric-ca"
  ],
  "version": "1.4.6-1",
  "zone": "-"
}
  • Unauthorized
  • Unauthorized

Remove imported component

Remove a single component from the IBP console.

  • Using this api on an imported component removes it from the IBP console.
  • Using this api on a created component removes it from the IBP console but it will not delete the component from the Kubernetes cluster where it resides. Thus it orphans the Kubernetes deployment (if it exists). Instead use the Delete component API to delete the Kubernetes deployment and the IBP console data at once.

API Availability:

  • available on all IBP distributions.

Remove a single component from the IBP console.

  • Using this api on an imported component removes it from the IBP console.
  • Using this api on a created component removes it from the IBP console but it will not delete the component from the Kubernetes cluster where it resides. Thus it orphans the Kubernetes deployment (if it exists). Instead use the Delete component API to delete the Kubernetes deployment and the IBP console data at once.

Remove a single component from the IBP console.

  • Using this api on an imported component removes it from the IBP console.
  • Using this api on a created component removes it from the IBP console but it will not delete the component from the Kubernetes cluster where it resides. Thus it orphans the Kubernetes deployment (if it exists). Instead use the Delete component API to delete the Kubernetes deployment and the IBP console data at once.

Remove a single component from the IBP console.

  • Using this api on an imported component removes it from the IBP console.
  • Using this api on a created component removes it from the IBP console but it will not delete the component from the Kubernetes cluster where it resides. Thus it orphans the Kubernetes deployment (if it exists). Instead use the Delete component API to delete the Kubernetes deployment and the IBP console data at once.

Remove a single component from the IBP console.

  • Using this api on an imported component removes it from the IBP console.
  • Using this api on a created component removes it from the IBP console but it will not delete the component from the Kubernetes cluster where it resides. Thus it orphans the Kubernetes deployment (if it exists). Instead use the Delete component API to delete the Kubernetes deployment and the IBP console data at once.
DELETE /ak/api/v3/components/{id}
(blockchain *BlockchainV3) RemoveComponent(removeComponentOptions *RemoveComponentOptions) (result *DeleteComponentResponse, response *core.DetailedResponse, err error)
(blockchain *BlockchainV3) RemoveComponentWithContext(ctx context.Context, removeComponentOptions *RemoveComponentOptions) (result *DeleteComponentResponse, response *core.DetailedResponse, err error)
removeComponent(params)
remove_component(self,
        id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<DeleteComponentResponse> removeComponent(RemoveComponentOptions removeComponentOptions)

Auditing

Calling this method generates the following auditing event.

  • blockchain.components.remove

Request

Instantiate the RemoveComponentOptions struct and set the fields to provide parameter values for the RemoveComponent method.

Use the RemoveComponentOptions.Builder to create a RemoveComponentOptions object that contains the parameter values for the removeComponent method.

Path Parameters

  • id
    Required*
    string

    The id of the imported component to remove. Use the Get all components API to determine the component id.

parameter

WithContext method only

RemoveComponentOptions

The RemoveComponent options.

parameters

  • id
    Required*
    string

    The id of the imported component to remove. Use the Get all components API to determine the component id.

parameters

  • id
    Required*
    str

    The id of the imported component to remove. Use the Get all components API to determine the component id.

RemoveComponentOptions

The removeComponent options.

  • curl -X DELETE "https://{API-Endpoint}/ak/api/v3/components/{Component-ID}" -H "Authorization: Bearer {Access-Token}"
  • // Create an authenticator
authenticator := &core.IamAuthenticator{
    ApiKey: "{API-Key}",
}

// Create an instance of the "BlockchainV3Options" struct
options := &blockchainv3.BlockchainV3Options{
    Authenticator: authenticator,
    URL: "https://{API-Endpoint}",
}

// Create an instance of the "BlockchainV3" service client.
service, err := blockchainv3.NewBlockchainV3(options)
if err != nil {
    return
}

// Remove imported component
opts := service.NewRemoveComponentOptions("{Component-ID}")
result, detailedResponse, err := service.RemoveComponent(opts)
fmt.Println("result:", result)
fmt.Println("response:", detailedResponse)
  • // Create an authenticator
const authenticator = new ibp.IamAuthenticator({
  apikey: '{API-Key}',
});

// Create client from the "BlockchainV3" class
const client = ibp.BlockchainV3.newInstance({
  authenticator: authenticator,
  url: 'https://{API-Endpoint}',
});

// Remove imported component
try {
  const response = await client.removeComponent({ id: '{Component-ID}' });
  console.log('response:', response.result);
  // handle good response here
} catch (e) {
  console.error('error response:', e.body);
  // handle error here
}
  • try {
  // Create an IAM authenticator.
  IamAuthenticator authenticator = new IamAuthenticator("{API-Key}");

  Blockchain bc = new Blockchain("myIbp", authenticator);
  bc.setServiceUrl("https://{API-Endpoint}");

  // get all the peer components
  DeleteComponentOptions options = new DeleteComponentOptions.Builder().id({id})
        .build();
  ServiceCall<DeleteComponentResponse> call = bc.removeComponents(options);
  Response<DeleteComponentResponse> response = call.execute();

  if (response.getStatusCode() != 200) {
      throw new RuntimeException("Error code "+response.getStatusCode()+" : "+response.getStatusMessage());
  }
  DeleteComponentResponse deleteResponse = response.getResult();
} catch (ServiceResponseException e) {
   // essential to catch and get the debugging information
  RuntimeException wrappedError = new RuntimeException(e.getDebuggingInfo().toString());
  wrappedError.initCause(e);
  throw wrappedError;
}                      
  • # Create an authenticator
authenticator = IAMAuthenticator(
  apikey='{API-Key}'
)

# Create client from the "BlockchainV3" class
client = BlockchainV3(
  authenticator=authenticator
)
client.set_service_url('https://{API-Endpoint}')

# Remove imported component
try:
  response = client.remove_component(id='{Component-ID}')
  print(f'response: {response.result}')
  # handle good response here 
except ApiException as e:
  print(f'error response: {e.message}')
  # handle error here

Response

Response Body

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

Status Code

  • 200

    Request was successful.

  • 401

    Request is unauthorized (invalid credentials).

  • 403

    Request is forbidden (credentials lack permission).

Example responses
  • {
  "message": "deleted",
  "type": "fabric-peer",
  "id": "component-1",
  "display_name": "My Peer"
}
  • {
  "message": "deleted",
  "type": "fabric-peer",
  "id": "component-1",
  "display_name": "My Peer"
}
  • Unauthorized
  • Unauthorized

Delete component

Removes a single component from the IBP console and it deletes the Kubernetes deployment.

  • Using this api on an imported component will error out since its Kubernetes deployment is unknown and cannot be removed. Instead use the Remove imported component API to remove imported components.
  • Using this api on a created component removes it from the IBP console and it will delete the component from the Kubernetes cluster where it resides. The Kubernetes delete must succeed before the component will be removed from the IBP console.

API Availability:

  • available on IBM Cloud and IBP Software distributions (not available on "Import Only" IBP distributions).

Removes a single component from the IBP console and it deletes the Kubernetes deployment.

  • Using this api on an imported component will error out since its Kubernetes deployment is unknown and cannot be removed. Instead use the Remove imported component API to remove imported components.
  • Using this api on a created component removes it from the IBP console and it will delete the component from the Kubernetes cluster where it resides. The Kubernetes delete must succeed before the component will be removed from the IBP console.

Removes a single component from the IBP console and it deletes the Kubernetes deployment.

  • Using this api on an imported component will error out since its Kubernetes deployment is unknown and cannot be removed. Instead use the Remove imported component API to remove imported components.
  • Using this api on a created component removes it from the IBP console and it will delete the component from the Kubernetes cluster where it resides. The Kubernetes delete must succeed before the component will be removed from the IBP console.

Removes a single component from the IBP console and it deletes the Kubernetes deployment.

  • Using this api on an imported component will error out since its Kubernetes deployment is unknown and cannot be removed. Instead use the Remove imported component API to remove imported components.
  • Using this api on a created component removes it from the IBP console and it will delete the component from the Kubernetes cluster where it resides. The Kubernetes delete must succeed before the component will be removed from the IBP console.

Removes a single component from the IBP console and it deletes the Kubernetes deployment.

  • Using this api on an imported component will error out since its Kubernetes deployment is unknown and cannot be removed. Instead use the Remove imported component API to remove imported components.
  • Using this api on a created component removes it from the IBP console and it will delete the component from the Kubernetes cluster where it resides. The Kubernetes delete must succeed before the component will be removed from the IBP console.
DELETE /ak/api/v3/kubernetes/components/{id}
(blockchain *BlockchainV3) DeleteComponent(deleteComponentOptions *DeleteComponentOptions) (result *DeleteComponentResponse, response *core.DetailedResponse, err error)
(blockchain *BlockchainV3) DeleteComponentWithContext(ctx context.Context, deleteComponentOptions *DeleteComponentOptions) (result *DeleteComponentResponse, response *core.DetailedResponse, err error)
deleteComponent(params)
delete_component(self,
        id: str,
        **kwargs
    ) -> DetailedResponse
ServiceCall<DeleteComponentResponse> deleteComponent(DeleteComponentOptions deleteComponentOptions)

Auditing

Calling this method generates the following auditing event.

  • blockchain.components.delete

Request

Instantiate the DeleteComponentOptions struct and set the fields to provide parameter values for the DeleteComponent method.

Use the DeleteComponentOptions.Builder to create a DeleteComponentOptions object that contains the parameter values for the deleteComponent method.

Path Parameters

  • id
    Required*
    string

    The id of the component to delete. Use the Get all components API to determine the id of the component to be deleted.

parameter

WithContext method only

DeleteComponentOptions

The DeleteComponent options.

parameters

  • id
    Required*
    string

    The id of the component to delete. Use the Get all components API to determine the id of the component to be deleted.

parameters

  • id
    Required*
    str

    The id of the component to delete. Use the Get all components API to determine the id of the component to be deleted.

DeleteComponentOptions

The deleteComponent options.

  • curl -X DELETE "https://{API-Endpoint}/ak/api/v3/kubernetes/components/{Component-ID}" -H "Authorization: Bearer {Access-Token}"
  • // Create an authenticator
authenticator := &core.IamAuthenticator{
    ApiKey: "{API-Key}",
}

// Create an instance of the "BlockchainV3Options" struct
options := &blockchainv3.BlockchainV3Options{
    Authenticator: authenticator,
    URL: "https://{API-Endpoint}",
}

// Create an instance of the "BlockchainV3" service client.
service, err := blockchainv3.NewBlockchainV3(options)
if err != nil {
    return
}

// Delete component
opts := service.NewDeleteComponentOptions("{Component-ID}")
replace, detailedResponse, err := service.DeleteComponent(opts)
fmt.Println("result:", replace)
fmt.Println("response:", detailedResponse)
  • // Create an authenticator
const authenticator = new ibp.IamAuthenticator({
  apikey: '{API-Key}',
});

// Create client from the "BlockchainV3" class
const client = ibp.BlockchainV3.newInstance({
  authenticator: authenticator,
  url: 'https://{API-Endpoint}',
});

// Delete component
try {
  const response = await client.deleteComponent({ id: '{Component-ID}' });
  console.log('response:', response.result);
  // handle good response here
} catch (e) {
  console.error('error response:', e.body);
  // handle error here
}
  • try {
  // Create an IAM authenticator.
  IamAuthenticator authenticator = new IamAuthenticator("{API-Key}");

  Blockchain bc = new Blockchain("myIbp", authenticator);
  bc.setServiceUrl("https://{API-Endpoint}");

  DeleteComponentOptions options = new DeleteComponentOptions.Builder().id(createdCaId).build();

  ServiceCall<DeleteComponentResponse> call = bc.deleteComponent(options);
  Response<DeleteComponentResponse> response = call.execute();
  if (response.getStatusCode() != 200) {
      throw new RuntimeException("Error code "+response.getStatusCode()+" : "+response.getStatusMessage());
  }

  DeleteComponentResponse deleteResponse = response.getResult();
  System.out.println(deleteResponse);
} catch (ServiceResponseException e) {
   // essential to catch and get the debugging information
  RuntimeException wrappedError = new RuntimeException(e.getDebuggingInfo().toString());
  wrappedError.initCause(e);
  throw wrappedError;
}                      
  • # Create an authenticator
authenticator = IAMAuthenticator(
  apikey='{API-Key}'
)

# Create client from the "BlockchainV3" class
client = BlockchainV3(
  authenticator=authenticator
)
client.set_service_url('https://{API-Endpoint}')

# Delete component
try:
  response = client.delete_component(id='{Component-ID}')
  print(f'response: {response.result}')
  # handle good response here 
except ApiException as e:
  print(f'error response: {e.message}')
  # handle error here

Response

Response Body

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

DeleteComponentResponse

Status Code

  • 200

    Request was successful.

  • 401

    Request is unauthorized (invalid credentials).

  • 403

    Request is forbidden (credentials lack permission).

  • 404

    Component in request was not found.

Example responses
  • {
  "message": "deleted",
  "type": "fabric-peer",
  "id": "component-1",
  "display_name": "My Peer"
}
  • {
  "message": "deleted",
  "type": "fabric-peer",
  "id": "component-1",
  "display_name": "My Peer"
}
  • Unauthorized
  • Unauthorized

Create a CA

Create a Hyperledger Fabric Certificate Authority (CA) in your Kubernetes cluster.

API Availability:

  • available on IBM Cloud and IBP Software distributions (not available on "Import Only" IBP distributions).

Create a Hyperledger Fabric Certificate Authority (CA) in your Kubernetes cluster.

Create a Hyperledger Fabric Certificate Authority (CA) in your Kubernetes cluster.

Create a Hyperledger Fabric Certificate Authority (CA) in your Kubernetes cluster.

Create a Hyperledger Fabric Certificate Authority (CA) in your Kubernetes cluster.

POST /ak/api/v3/kubernetes/components/fabric-ca
(blockchain *BlockchainV3) CreateCa(createCaOptions *CreateCaOptions) (result *CaResponse, response *core.DetailedResponse, err error)
(blockchain *BlockchainV3) CreateCaWithContext(ctx context.Context, createCaOptions *CreateCaOptions) (result *CaResponse, response *core.DetailedResponse, err error)
createCa(params)
create_ca(self,
        display_name: str,
        config_override: 'CreateCaBodyConfigOverride',
        *,
        id: str = None,
        resources: 'CreateCaBodyResources' = None,
        storage: 'CreateCaBodyStorage' = None,
        zone: str = None,
        replicas: float = None,
        tags: List[str] = None,
        hsm: 'Hsm' = None,
        region: str = None,
        version: str = None,
        **kwargs
    ) -> DetailedResponse
ServiceCall<CaResponse> createCa(CreateCaOptions createCaOptions)

Auditing

Calling this method generates the following auditing event.

  • blockchain.components.create

Request

Instantiate the CreateCaOptions struct and set the fields to provide parameter values for the CreateCa method.

Use the CreateCaOptions.Builder to create a CreateCaOptions object that contains the parameter values for the createCa method.

Request Body

Required*
CreateCaBody

Create a CA in your Kubernetes cluster.

parameter

WithContext method only

CreateCaOptions

The CreateCa options.

parameters

  • displayName
    Required*
    string

    A descriptive name for this CA. The IBP console tile displays this name.

    Possible values: length ≤ 64

    Examples:
    value
    _source
    _lines
    _html
  • configOverride

    Set config_override to create the root/initial enroll id and enroll secret as well as enabling custom CA configurations (such as using postgres). See the Fabric CA configuration file for more information about each parameter.

    The field tlsca is optional. The IBP console will copy the value of config_override.ca into config_override.tlsca if config_override.tlsca is omitted (which is recommended).

    The nested field names below are not case-sensitive..

  • id
    string

    The unique identifier of this component. Must start with a letter, be lowercase and only contain letters and numbers. If id is not provide a component id will be generated using the field display_name as the base.

    Possible values: 3 ≤ length ≤ 64

    Examples:
    value
    _source
    _lines
    _html
  • resources

    CPU and memory properties. This feature is not available if using a free Kubernetes cluster.