Create read write session

curl --request POST \
  --url https://api.turnkey.com/public/v1/submit/create_read_write_session \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Stamp: <string> (see Authorizations)" \
  --data '{
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "timestampMs": "<string> (e.g. 1746736509954)",
    "organizationId": "<string> (Your Organization ID)",
    "parameters": {
        "targetPublicKey": "<string>",
        "userId": "<string>",
        "apiKeyName": "<string>",
        "expirationSeconds": "<string>",
        "invalidateExisting": "<boolean>"
    }
}'

{
  "activity": {
    "id": "<activity-id>",
    "status": "ACTIVITY_STATUS_COMPLETED",
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "organizationId": "<organization-id>",
    "timestampMs": "<timestamp> (e.g. 1746736509954)",
    "result": {
      "activity": {
        "id": "<string>",
        "organizationId": "<string>",
        "status": "<string>",
        "type": "<string>",
        "intent": {
          "createReadWriteSessionIntentV2": {
            "targetPublicKey": "<string>",
            "userId": "<string>",
            "apiKeyName": "<string>",
            "expirationSeconds": "<string>",
            "invalidateExisting": "<boolean>"
          }
        },
        "result": {
          "createReadWriteSessionResultV2": {
            "organizationId": "<string>",
            "organizationName": "<string>",
            "userId": "<string>",
            "username": "<string>",
            "apiKeyId": "<string>",
            "credentialBundle": "<string>"
          }
        },
        "votes": "<array>",
        "fingerprint": "<string>",
        "canApprove": "<boolean>",
        "canReject": "<boolean>",
        "createdAt": "<string>",
        "updatedAt": "<string>"
      }
    }
  }
}

curl --request POST \
  --url https://api.turnkey.com/public/v1/submit/create_read_write_session \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Stamp: <string> (see Authorizations)" \
  --data '{
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "timestampMs": "<string> (e.g. 1746736509954)",
    "organizationId": "<string> (Your Organization ID)",
    "parameters": {
        "targetPublicKey": "<string>",
        "userId": "<string>",
        "apiKeyName": "<string>",
        "expirationSeconds": "<string>",
        "invalidateExisting": "<boolean>"
    }
}'

{
  "activity": {
    "id": "<activity-id>",
    "status": "ACTIVITY_STATUS_COMPLETED",
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "organizationId": "<organization-id>",
    "timestampMs": "<timestamp> (e.g. 1746736509954)",
    "result": {
      "activity": {
        "id": "<string>",
        "organizationId": "<string>",
        "status": "<string>",
        "type": "<string>",
        "intent": {
          "createReadWriteSessionIntentV2": {
            "targetPublicKey": "<string>",
            "userId": "<string>",
            "apiKeyName": "<string>",
            "expirationSeconds": "<string>",
            "invalidateExisting": "<boolean>"
          }
        },
        "result": {
          "createReadWriteSessionResultV2": {
            "organizationId": "<string>",
            "organizationName": "<string>",
            "userId": "<string>",
            "username": "<string>",
            "apiKeyId": "<string>",
            "credentialBundle": "<string>"
          }
        },
        "votes": "<array>",
        "fingerprint": "<string>",
        "canApprove": "<boolean>",
        "canReject": "<boolean>",
        "createdAt": "<string>",
        "updatedAt": "<string>"
      }
    }
  }
}

POST

public

submit

create_read_write_session

Authorizations

X-Stamp

string

required

Cryptographically signed (stamped) request to be passed in as a header. For more info, see here.

Body

type

enum<string>

required

Enum options: ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2

timestampMs

string

required

Timestamp (in milliseconds) of the request, used to verify liveness of user requests.

organizationId

string

required

Unique identifier for a given Organization.

parameters

object

required

The parameters object containing the specific intent data for this activity.

Show details

parameters.targetPublicKey

string

required

Client-side public key generated by the user, to which the read write session bundle (credentials) will be encrypted.

parameters.userId

string

Unique identifier for a given User.

parameters.apiKeyName

string

Optional human-readable name for an API Key. If none provided, default to Read Write Session - <Timestamp>

parameters.expirationSeconds

string

Expiration window (in seconds) indicating how long the API key is valid for. If not provided, a default of 15 minutes will be used.

parameters.invalidateExisting

boolean

Invalidate all other previously generated ReadWriteSession API keys

Response

A successful response returns the following fields:

activity

object

required

The activity object containing type, intent, and result

Show activity details

activity.id

string

required

Unique identifier for a given Activity object.

activity.organizationId

string

required

Unique identifier for a given Organization.

activity.status

string

required

The activity status

activity.type

string

required

The activity type

activity.intent

object

required

The intent of the activity

Show intent details

activity.intent.createReadWriteSessionIntentV2

object

required

The createReadWriteSessionIntentV2 object

Show createReadWriteSessionIntentV2 details

activity.intent.createReadWriteSessionIntentV2.targetPublicKey

string

required

Client-side public key generated by the user, to which the read write session bundle (credentials) will be encrypted.

activity.intent.createReadWriteSessionIntentV2.userId

string

Unique identifier for a given User.

activity.intent.createReadWriteSessionIntentV2.apiKeyName

string

Optional human-readable name for an API Key. If none provided, default to Read Write Session - <Timestamp>

activity.intent.createReadWriteSessionIntentV2.expirationSeconds

string

Expiration window (in seconds) indicating how long the API key is valid for. If not provided, a default of 15 minutes will be used.

activity.intent.createReadWriteSessionIntentV2.invalidateExisting

boolean

Invalidate all other previously generated ReadWriteSession API keys

activity.result

object

required

The result of the activity

Show result details

activity.result.createReadWriteSessionResultV2

object

required

The createReadWriteSessionResultV2 object

Show createReadWriteSessionResultV2 details

activity.result.createReadWriteSessionResultV2.organizationId

string

required

Unique identifier for a given Organization. If the request is being made by a user and their Sub-Organization ID is unknown, this can be the Parent Organization ID. However, using the Sub-Organization ID is preferred due to performance reasons.

activity.result.createReadWriteSessionResultV2.organizationName

string

required

Human-readable name for an Organization.

activity.result.createReadWriteSessionResultV2.userId

string

required

Unique identifier for a given User.

activity.result.createReadWriteSessionResultV2.username

string

required

Human-readable name for a User.

activity.result.createReadWriteSessionResultV2.apiKeyId

string

required

Unique identifier for the created API key.

activity.result.createReadWriteSessionResultV2.credentialBundle

string

required

HPKE encrypted credential bundle

activity.votes

array

required

A list of objects representing a particular User’s approval or rejection of a Consensus request, including all relevant metadata.

activity.fingerprint

string

required

An artifact verifying a User’s action.

activity.canApprove

boolean

required

Whether the activity can be approved.

activity.canReject

boolean

required

Whether the activity can be rejected.

activity.createdAt

string

required

The creation timestamp.

activity.updatedAt

string

required

The last update timestamp.

curl --request POST \
  --url https://api.turnkey.com/public/v1/submit/create_read_write_session \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Stamp: <string> (see Authorizations)" \
  --data '{
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "timestampMs": "<string> (e.g. 1746736509954)",
    "organizationId": "<string> (Your Organization ID)",
    "parameters": {
        "targetPublicKey": "<string>",
        "userId": "<string>",
        "apiKeyName": "<string>",
        "expirationSeconds": "<string>",
        "invalidateExisting": "<boolean>"
    }
}'

{
  "activity": {
    "id": "<activity-id>",
    "status": "ACTIVITY_STATUS_COMPLETED",
    "type": "ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2",
    "organizationId": "<organization-id>",
    "timestampMs": "<timestamp> (e.g. 1746736509954)",
    "result": {
      "activity": {
        "id": "<string>",
        "organizationId": "<string>",
        "status": "<string>",
        "type": "<string>",
        "intent": {
          "createReadWriteSessionIntentV2": {
            "targetPublicKey": "<string>",
            "userId": "<string>",
            "apiKeyName": "<string>",
            "expirationSeconds": "<string>",
            "invalidateExisting": "<boolean>"
          }
        },
        "result": {
          "createReadWriteSessionResultV2": {
            "organizationId": "<string>",
            "organizationName": "<string>",
            "userId": "<string>",
            "username": "<string>",
            "apiKeyId": "<string>",
            "credentialBundle": "<string>"
          }
        },
        "votes": "<array>",
        "fingerprint": "<string>",
        "canApprove": "<boolean>",
        "canReject": "<boolean>",
        "createdAt": "<string>",
        "updatedAt": "<string>"
      }
    }
  }
}

Create read only session Create smart contract interface

Activities

Queries

Create read write session

Authorizations

Body

Response