Upon receiving the approval, the application may receive results associated with the requested operation with the cryptographic item (block 340). For example, if the requested operation was to export a cryptographic key, then the application may receive a copy of the cryptographic key. In another example, if the request to perform an operation included a data object and the requested operation is to encrypt the data object using a cryptographic key of the key management system, then the application may receive the data object that has been encrypted using the cryptographic key. If the requested operation was to modify a plugin, quorum policy and/or entity, then the application may receive a notification confirming that the modification has been made.

FIG. 4A illustrates an example indication 400 that a requested operation requires quorum approval. The indication 400 may be received by an application requesting to perform an operation with a cryptographic item of a key management system. Upon the key management system determining that the requested operation requires quorum approval, the key management system may transmit the indication 400 to the application requesting the operation. In embodiments, the indication may include a message alerting the application that quorum approval is required. In an embodiment, the indication may include quorum policy information. Referring to FIG. 4A, the indication 400 includes quorum policy information specifying that the requested operation requires approval from at least two entities of group A, which may be the assigned group of the cryptographic item.