> ## Documentation Index > Fetch the complete documentation index at: https://support.fortanix.com/llms.txt > Use this file to discover all available pages before exploring further. # Create an admin app credential that can be used to perform account replication. > Note that this does _not_ immediately create a usable credential; further processing is necessary before it can be actually used for account replication. Currently, a single replication account can store up to two replication credentials. ## OpenAPI ````json POST /sys/v1/accounts/{acct_id}/replication/credentials { "openapi": "3.0.0", "info": { "title": "Fortanix DSM REST API", "description": "This is a set of REST APIs for accessing the Fortanix Data Security Manager. This includes APIs for managing accounts, and for performing cryptographic and key management operations. \n\n **Note:** \n- All binary input should be base64-encoded. These fields are marked with `format: byte`. \n- For forward compatibility, any API client is expected to ignore any fields in the response not explicitly mentioned in the documentation. We reserve the right to add new fields at any time to provide new functionality without affecting existing API clients.", "termsOfService": "https://www.fortanix.com/legal/terms/", "contact": { "name": "Fortanix Support", "url": "https://support.fortanix.com/", "email": "support@fortanix.com" }, "license": { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.html" }, "version": "0.1.0-20260526" }, "servers": [ { "url": "https://amer.smartkey.io" } ], "paths": { "/sys/v1/accounts/{acct_id}/replication/credentials": { "post": { "operationId": "CreateReplicationCredential", "tags": [ "Accounts" ], "security": [ { "bearerToken": [] }, { "apiKeyAuth": [] } ], "summary": "Create an admin app credential that can be used to perform\naccount replication.", "description": "Note that this does _not_ immediately create a usable credential;\nfurther processing is necessary before it can be actually used for\naccount replication.\n\nCurrently, a single replication account can store up to two\nreplication credentials.", "parameters": [ { "name": "acct_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateReplicationCredentialRequest" } } } }, "responses": { "2XX": { "description": "Success result", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ReplicationCredential" } } } } } } } }, "components": { "schemas": { "CreateReplicationCredentialRequest": { "description": "A request to create a new admin app credential for account replication\npurposes. Note that the result is not immediately usable; further steps\nare needed in order to configure this and set it as the account's active\ncredential.", "oneOf": [ { "$ref": "#/components/schemas/CreateReplicationCredentialRequestVariantCertificate" } ], "discriminator": { "propertyName": "$type", "mapping": { "Certificate": "CreateReplicationCredentialRequestVariantCertificate" } } }, "ReplicationCredential": { "description": "Details about the admin app credential used to replicate objects from the source account.", "oneOf": [ { "$ref": "#/components/schemas/ReplicationCredentialVariantCertificate" } ], "discriminator": { "propertyName": "$type", "mapping": { "Certificate": "ReplicationCredentialVariantCertificate" } } }, "CreateReplicationCredentialRequestVariantCertificate": { "allOf": [ { "type": "object", "properties": { "$type": { "type": "string", "enum": [ "Certificate" ] } }, "required": [ "$type" ] }, { "type": "object", "properties": {} } ] }, "ReplicationCredentialVariantCertificate": { "allOf": [ { "type": "object", "properties": { "$type": { "type": "string", "enum": [ "Certificate" ] } }, "required": [ "$type" ] }, { "$ref": "#/components/schemas/CertificateReplicationCredential" } ] }, "CertificateReplicationCredential": { "allOf": [ { "type": "object", "description": "Details about a certificate-based admin app credential used for account replication.", "properties": { "app_id": { "type": "string", "format": "uuid", "nullable": true, "description": "The ID of the source-side admin app that uses this credential." }, "credential_id": { "$ref": "#/components/schemas/ReplicationCredentialId" }, "certificate_chain": { "type": "array", "items": { "type": "string", "format": "byte" }, "nullable": true, "description": "The certificate chain associated with the credential. This is a list of DER-encoded\ncertificates, starting from the leaf certificate, and can consist of a single certificate if\nno intermediate certificates are necessary when authenticating with the source cluster." } }, "required": [ "credential_id" ] } ] }, "ReplicationCredentialId": { "description": "The ID of a replication credential.", "allOf": [ { "type": "string" } ] } } } } ````