opentdf · marythought · Apr 7, 2026 · gemini-code-assist · Apr 7, 2026 · gemini-code-assist
@@ -0,0 +1,122 @@
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+<details id="create-kas-server">
+<summary>CreateKeyAccessServer</summary>
+
+Registers a new Key Access Server (KAS) with the platform.
+
+**Signature**
+
+<Tabs>
+<TabItem value="go" label="Go">
+
+```go
+func (c KeyAccessServerRegistryServiceClient) CreateKeyAccessServer(
+    ctx context.Context,
+    req *kasregistry.CreateKeyAccessServerRequest,
+) (*kasregistry.CreateKeyAccessServerResponse, error)
+```
+
+</TabItem>
+<TabItem value="java" label="Java">
+
+```java
+CreateKeyAccessServerResponse createKeyAccessServerBlocking(
+    CreateKeyAccessServerRequest request, Map<String, String> metadata
+)
+```
+
+</TabItem>
+<TabItem value="js" label="JavaScript">
+
+```typescript
+keyAccessServerRegistry.createKeyAccessServer(
+    request: CreateKeyAccessServerRequest
+): Promise<CreateKeyAccessServerResponse>
+```
+
+</TabItem>
+</Tabs>
+
+**Parameters**
+
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `uri` | `string` | Yes | URL of the KAS instance (e.g., `https://kas.example.com`). |
+| `name` | `string` | No | Unique name for the KAS (alphanumeric, hyphens, underscores; max 253 chars; normalized to lowercase). |
+| `source_type` | `SourceType` | No | `INTERNAL` (managed by your org) or `EXTERNAL` (managed by an external party). |
+| `metadata` | `MetadataMutable` | No | Labels to attach (key-value string pairs). |
+
+**Example**
+
+<Tabs>
+<TabItem value="go" label="Go">
+
+```go
+import (
+    "github.com/opentdf/platform/protocol/go/policy"
+    "github.com/opentdf/platform/protocol/go/policy/kasregistry"
+)
+
+resp, err := client.KeyAccessServerRegistry.CreateKeyAccessServer(context.Background(),
+    &kasregistry.CreateKeyAccessServerRequest{
+        Uri:        "https://kas.example.com",
+        Name:       "my-kas",
+        SourceType: policy.SourceType_SOURCE_TYPE_INTERNAL,
+    },
+)
+if err != nil {
+    log.Fatal(err)
+}
+log.Printf("Created KAS: %s (ID: %s)\n", resp.GetKeyAccessServer().GetName(), resp.GetKeyAccessServer().GetId())
+```
+
+</TabItem>
+<TabItem value="java" label="Java">
+
+```java
+import io.opentdf.platform.policy.SourceType;
+import io.opentdf.platform.policy.kasregistry.CreateKeyAccessServerRequest;
+
+var req = CreateKeyAccessServerRequest.newBuilder()
+    .setUri("https://kas.example.com")
+    .setName("my-kas")
+    .setSourceType(SourceType.SOURCE_TYPE_INTERNAL)
+    .build();
+var resp = sdk.getServices().kasRegistry()
+    .createKeyAccessServerBlocking(req, Collections.emptyMap()).execute();
+System.out.println("Created KAS: " + resp.getKeyAccessServer().getName()
+    + " (ID: " + resp.getKeyAccessServer().getId() + ")");
+```
+
+</TabItem>
+<TabItem value="js" label="JavaScript">
+
+```typescript
+import { SourceType } from '@opentdf/sdk/platform/policy/objects_pb.js';
+
+const resp = await platform.v1.keyAccessServerRegistry.createKeyAccessServer({
+  uri: 'https://kas.example.com',
+  name: 'my-kas',
+  sourceType: SourceType.INTERNAL,
+});
+console.log(`Created KAS: ${resp.keyAccessServer?.name} (ID: ${resp.keyAccessServer?.id})`);
+```
+
+</TabItem>
+</Tabs>
+
+**Returns**
+
+The created `KeyAccessServer` object, including its generated `id`, `uri`, `name`, `source_type`, and `metadata` with server-set timestamps.
+
+**Errors**
+
+| Error | Cause |
+|-------|-------|
+| Already exists | A KAS with the same `uri` or `name` is already registered. |
+| Invalid argument | The `uri` is not a valid URL, or the `name` violates naming constraints. |
+| Permission denied | The caller lacks permission to create KAS entries. |
+
+</details>
@@ -0,0 +1,106 @@
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+<details id="list-kas-servers">
+<summary>ListKeyAccessServers</summary>
+
+Returns all registered Key Access Servers, with optional pagination.
+
+**Signature**
+
+<Tabs>
+<TabItem value="go" label="Go">
+
+```go
+func (c KeyAccessServerRegistryServiceClient) ListKeyAccessServers(
+    ctx context.Context,
+    req *kasregistry.ListKeyAccessServersRequest,
+) (*kasregistry.ListKeyAccessServersResponse, error)
+```
+
+</TabItem>
+<TabItem value="java" label="Java">
+
+```java
+ListKeyAccessServersResponse listKeyAccessServersBlocking(
+    ListKeyAccessServersRequest request, Map<String, String> metadata
+)
+```
+
+</TabItem>
+<TabItem value="js" label="JavaScript">
+
+```typescript
+keyAccessServerRegistry.listKeyAccessServers(
+    request: ListKeyAccessServersRequest
+): Promise<ListKeyAccessServersResponse>
+```
+
+</TabItem>
+</Tabs>
+
+**Parameters**
+
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `pagination.limit` | `int32` | No | Maximum number of results to return. |
+| `pagination.offset` | `int32` | No | Number of results to skip. |
+
+**Example**
+
+<Tabs>
+<TabItem value="go" label="Go">
+
+```go
+import "github.com/opentdf/platform/protocol/go/policy/kasregistry"
+
+resp, err := client.KeyAccessServerRegistry.ListKeyAccessServers(context.Background(),
+    &kasregistry.ListKeyAccessServersRequest{},
+)
+if err != nil {
+    log.Fatal(err)
+}
+for _, kas := range resp.GetKeyAccessServers() {
+    log.Printf("KAS: %s — %s (source: %s)\n", kas.GetName(), kas.GetUri(), kas.GetSourceType())
+}
+```
+
+</TabItem>
+<TabItem value="java" label="Java">
+
+```java
+import io.opentdf.platform.policy.kasregistry.ListKeyAccessServersRequest;
+
+var req = ListKeyAccessServersRequest.newBuilder().build();
+var resp = sdk.getServices().kasRegistry()
+    .listKeyAccessServersBlocking(req, Collections.emptyMap()).execute();
+for (var kas : resp.getKeyAccessServersList()) {
+    System.out.println("KAS: " + kas.getName() + " — " + kas.getUri()
+        + " (source: " + kas.getSourceType() + ")");
+}
+```
+
+</TabItem>
+<TabItem value="js" label="JavaScript">
+
+```typescript
+const resp = await platform.v1.keyAccessServerRegistry.listKeyAccessServers({});
+for (const kas of resp.keyAccessServers) {
+  console.log(`KAS: ${kas.name} — ${kas.uri} (source: ${kas.sourceType})`);
+}
+```
+
+</TabItem>
+</Tabs>
+
+**Returns**
+
+A list of `KeyAccessServer` objects and a `pagination` response containing `current_offset`, `next_offset`, and `total` count.
+
+**Errors**
+
+| Error | Cause |
+|-------|-------|
+| Permission denied | The caller lacks permission to list KAS entries. |
+
+</details>