--- title: Update Customer Signing Public Key description: Use the PUT {{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{credentialSigningKeyID} operation to update a credential signing public key. Set enabled to true to use the key for signing credentials and to be available for verifying credentials. Set it to false to make it available only for verifying credentials. component: pingone-api page_id: pingone-api:credentials:credential-signing-keys/update-customer-signing-public-key canonical_url: https://developer.pingidentity.com/pingone-api/credentials/credential-signing-keys/update-customer-signing-public-key.html section_ids: headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Update Customer Signing Public Key ## ```none PUT {{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}} ``` Use the `PUT {{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{credentialSigningKeyID}` operation to update a credential signing public key. Set `enabled` to `true` to use the key for signing credentials and to be available for verifying credentials. Set it to `false` to make it available only for verifying credentials. The `jwk` object is typically required for a PUT replacement update. However, because the `jwk` object is immutable, it can be omitted on update. > **Collapse: Request Model** > > Refer to [Credential signing key data model](../credential-signing-keys.html#customer-credential-signing-request-data-model) for full property descriptions. > > | Property | Type | Required? | > | --------- | ------ | ----------------- | > | `enabled` | String | Required | > | `jwk` | Object | Required/Optional | > | `jwk.alg` | String | Required | > | `jwk.crv` | String | Required/Optional | > | `jwk.e` | String | Required/Optional | > | `jwk.kid` | String | Required | > | `jwk.kty` | String | Required | > | `jwk.n` | String | Required/Optional | > | `jwk.x` | String | Required/Optional | > | `jwk.y` | String | Required/Optional | > | `name` | String | Optional | ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/json ### Body raw ( application/json ) ```json { "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff --request PUT '{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Put); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""name"": ""customer-defined-key-id""," + "\n" + @" ""enabled"": false," + "\n" + @" ""jwk"": {" + "\n" + @" ""kid"": ""customer-specified-key-id""," + "\n" + @" ""kty"": ""RSA""," + "\n" + @" ""alg"": ""RS256""," + "\n" + @" ""n"": ""jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw""," + "\n" + @" ""e"": ""AQAB""" + "\n" + @" }" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}" method := "PUT" payload := strings.NewReader(`{ "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http PUT /v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}} HTTP/1.1 Host: {{apiPath}} Content-Type: application/json Authorization: Bearer {{accessToken}} { "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"customer-defined-key-id\",\n \"enabled\": false,\n \"jwk\": {\n \"kid\": \"customer-specified-key-id\",\n \"kty\": \"RSA\",\n \"alg\": \"RS256\",\n \"n\": \"jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw\",\n \"e\": \"AQAB\"\n }\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}") .method("PUT", body) .addHeader("Content-Type", "application/json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}", "method": "PUT", "timeout": 0, "headers": { "Content-Type": "application/json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'PUT', 'url': '{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}', 'headers': { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}" payload = json.dumps({ "name": "customer-defined-key-id", "enabled": False, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }) headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("PUT", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}'); $request->setMethod(HTTP_Request2::METHOD_PUT); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "name": "customer-defined-key-id",\n "enabled": false,\n "jwk": {\n "kid": "customer-specified-key-id",\n "kty": "RSA",\n "alg": "RS256",\n "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw",\n "e": "AQAB"\n }\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Put.new(url) request["Content-Type"] = "application/json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "name": "customer-defined-key-id", "enabled": false, "jwk": { "kid": "customer-specified-key-id", "kty": "RSA", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"name\": \"customer-defined-key-id\",\n \"enabled\": false,\n \"jwk\": {\n \"kid\": \"customer-specified-key-id\",\n \"kty\": \"RSA\",\n \"alg\": \"RS256\",\n \"n\": \"jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw\",\n \"e\": \"AQAB\"\n }\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/credentialSigningKeys/{{credentialSigningKeyID}}")!,timeoutInterval: Double.infinity) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "PUT" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 200 OK ```json { "_links": { "self": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/credentialSigningKeys/34ab57dc-8c7b-4377-95b2-a24672e8b70c" }, "environment": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" } }, "id": "34ab57dc-8c7b-4377-95b2-a24672e8b70c", "createdAt": "2025-06-27T13:56:20.046Z", "updatedAt": "2025-06-27T14:18:33.083506420Z", "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "name": "customer-defined-key-id", "enabled": false, "jwk": { "kty": "RSA", "kid": "customer-specified-key-id", "alg": "RS256", "n": "jFfJCBv199-wMuUcW3MKaRH-DItx0xGji7JD2Agrm4JtiAJKD_g2xD4SwnQIkQdidTRnoAQ1UvUc7PlYNL7CaHCyzUw08E6QhbDxzbG2_lhDl7Y6Cljp23pkZ-40rBezqYuqOwgQv21FiiuA5LNSckH8ojdC_nvFUy4x2jKIFDAh_xEgdcTXZELrVbIdrqR2oFZXR_zIXPaoKl-67tQY1ttUopXqewzM31mKfj6JDfkbeGdaRhiBH_jlFTDbIE7metwsBnxucpQbDk1XlPmgsu8yZfbjJN19rhie7BTDS7BA5oYWizy8LBI6kUPkUTgqRRRhtyuVrWV1CXvpARrZvw", "e": "AQAB" } } ```