List Your SIEM Event Service Public Keys

Endpoint URL: {identityDomain} /config/applications/{appId} /eventdelivery/readKeys


Returns information about the public keys associated with the specified application. Public keys are required in order to download the event messages delivered by the SIEM Event Delivery service. Each user that accesses the S3 bucket must supply a valid public key; note, however, that no application can be assigned more than 10 public keys.

Respects the API Client Allow List: No

Base URL

The base URL for this endpoint is your Identity Cloud Configuration API URL (including the appropriate region) followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr then your base URL will look like this:

If you are in the Australian (AU) region your URL will look like this:

URL Path Parameters








Identity Cloud geographic region that hosts the application. Allowed values are:

  • us
  • eu
  • au
  • sg
  • cc




Unique identifier of the Identity Cloud application. For example:



This endpoint requires Basic authentication and an API client with read permissions. When configuring authentication, use your client ID as the username and your client secret as the password.

Sample Request (curl)

The following command returns information about the public keys associated with the Identity Cloud application htb8fuhxnf8e38jrzub3c7pfrr:

curl -X GET \ \
  -H 'Authorization: Basic M2dmYmdycmE3dzI4MmhndHJ5cGZxeDlwemhxaGpnZDU6Y2dkY3A3bWhjeWszYmZocnl2d2NmY2c3NTdqdzRhb3E='


200 OK

If your call to this endpoint succeeds, you'll get back information about the SIEM Event Delivery public keys associated with the application:

        "key": "ssh-rsa DDDAB3NzaC1yc2EAACCDEQABAAABAPOUh6tyPEFEzV0LX3XGF55RMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0c2r3SYVkz4G/fslNfRPAABAAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfNfRP7xGt5Rq9t2ta6F6fmX0agvpFyNfRPFbXeUBr7osSCJNgvavWbA4cDniWrOvYX2xwWdhXmX3ue68ZbabVoha3W1",
        "status": "creation complete",
        "created": "2021-04-16T18:54:06Z"

Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code



Not authorized. Your client credentials may be invalid. You have specified an invalid client name and/or an invalid client secret.


The Akamai account ID was not found. Check your application settings for 'akamai_account_id'. Your Akamai account ID must be listed in the application settings for the application specified in your API call. You can use the /{appId}/settings/options API endpoint or the Console to verify your application settings.