The Dedicated Key Management Service (KMS) API is based on the HTTP protocol and uses the Transport Layer Security (TLS) protocol to ensure the security of communications. To call a Dedicated KMS API operation, you must send an HTTP POST request to the Dedicated KMS endpoint. You must add the request parameters that correspond to the API operation being called. After you call the API, the system returns a response. The request and response are encoded in the Protocol Buffers format.

Protocol Buffers is a language-neutral and platform-neutral data format that is used to serialize structured data. Protocol Buffers is designed to be smaller and faster than XML. For more information, visit Protocol Buffers.

The following process describes how to call a Dedicated KMS API operation:

  1. The client encodes the request message based on the request message definition to obtain the request data.
  2. The client sends the request data and signature to the Dedicated KMS endpoint.
  3. Dedicated KMS verifies the signature and responds to the request.
  4. The client decodes the response data based on the response message definition to obtain the response message.