Purpose Required
URI: https://docs.ankatech.co/errors/purpose-required
HTTP Status: 422 Unprocessable Entity
When you see this
The key being created or imported supports more than one purpose, so the platform cannot infer a single purpose automatically. You must declare the key's purpose explicitly.
Common Causes
- Creating a key with an algorithm that is valid for both encryption and signing without specifying
purpose. - Importing a legacy key whose
KeyUsageis permissive enough to map to multiple purposes. - Omitting
purpose/purposeMappingswhere the platform cannot derive a single unambiguous purpose.
Response Example
{
"type": "https://docs.ankatech.co/errors/purpose-required",
"title": "Purpose Required",
"status": 422,
"detail": "Key purpose could not be inferred and must be declared explicitly. Provide a 'purpose' value.",
"instance": "/api/v3/keys",
"correlationId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": 1730000000
}
Content-Type: application/problem+json — the response follows RFC 7807 Problem Details.
How to Resolve
- Set the
purposefield explicitly (for exampleENCRYPT_DECRYPTorSIGN_VERIFY). - For multi-alias keystore imports, supply per-alias
purposeMappings. - Alternatively, import the key with a restrictive
KeyUsageso the purpose can be derived automatically, then re-submit.
For full schema definitions, examples, and interactive testing, see the Developer Hub Reference.