ApiTenantbyok
Run a BYOK customer-KMS wrap/unwrap preflight.
Performs a wrap/unwrap round-trip against the staged customer KMS key to prove Fruxon can use it before any real data depends on it. Records the validation outcome on the config (`lastValidatedAt` / `lastValidationError`) but never moves the tenant DEK — run this until it succeeds, then call `:activate`.
Authorization
Bearer AuthorizationBearer <token>
JWT Authorization header using the Bearer scheme. Enter 'Bearer' [space] and then your token.
In: header
Path Parameters
tenant*string
The tenant identifier
Response Body
curl -X POST "https://api.fruxon.com/v1/tenants/string/byok:preflight"{
"success": false,
"reason": "string",
"message": "string",
"status": {
"configured": false,
"config": {
"id": "00000000-0000-0000-0000-000000000000",
"provider": "GCP",
"kmsKeyResourceName": "string",
"authMode": "GCP_ADC_IAM_BINDING",
"authSecretRef": "string",
"status": "PENDING_VALIDATION",
"configVersion": 0,
"lastValidatedAt": 0,
"lastValidationError": "string",
"createdAt": 0,
"modifiedAt": 0
}
}
}Empty
{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}{
"type": "string",
"title": "string",
"status": 0,
"detail": "string",
"instance": "string",
"property1": null,
"property2": null
}