CZERTAINLY Authority Provider Legacy API (2.13.1)
Download OpenAPI specification:Download
REST API for implementations of custom Legacy Authority Provider
Connector Information API. Each connector may have multiple functions represented by FunctionGroupCode. For each FunctionGroupCode there is a list of implemented end points. These endpoints must be according the specified interface, this is validated by the core. You can also implement helper end points that are used for callbacks and other relevant operations specific to implementation.
List supported functions of the connector
Returns map of functional code and implemented end points
Responses
Response samples
- 200
- 400
- 404
Content type
application/json
[- {
- "functionGroupCode": "credentialProvider",
- "kinds": [
- "SoftKeyStore",
- "Basic",
- "ApiKey"
], - "endPoints": [
- {
- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "context": "/v1",
- "method": "POST",
- "required": true
}
]
}
]Revoke Certificate
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
Request Body schema: application/jsonrequired
| certificateSN required | string Certificate serial number |
| issuerDN required | string Issuer domain name |
| reason required | string (CertificateRevocationReason) Enum: "unspecified" "keyCompromise" "cACompromise" "affiliationChanged" "superseded" "cessationOfOperation" "certificateHold" "privilegeWithdrawn" "aACompromise" Revocation reason |
Responses
Request samples
- Payload
Content type
application/json
{- "certificateSN": "string",
- "issuerDN": "string",
- "reason": "unspecified"
}Response samples
- 400
- 404
Content type
application/json
{- "message": "Error message"
}Issue Certificate
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
Request Body schema: application/jsonrequired
| password required | string End Entity password |
| pkcs10 required | string Certificate sign request (PKCS#10) encoded as Base64 string |
| username required | string End Entity username |
Responses
Request samples
- Payload
Content type
application/json
{- "password": "string",
- "pkcs10": "string",
- "username": "string"
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "certificateData": "string"
}Connector Health check API. Connector returns own status and in some cases can return status of services on which it depends like database, HSM and so on.
Response samples
- 200
- 400
- 404
Content type
application/json
[- {
- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]
}
]Create Authority instance
Request Body schema: application/jsonrequired
| name required | string Authority instance name |
| kind required | string Kind of Authority instance |
required | Array of objects (RequestAttributeDto) List of Authority instance Attributes |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "string",
- "kind": "string",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]
}Update Authority instance
path Parameters
| uuid required | string Authority Instance UUID |
Request Body schema: application/jsonrequired
| name required | string Authority instance name |
| kind required | string Kind of Authority instance |
required | Array of objects (RequestAttributeDto) List of Authority instance Attributes |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "string",
- "kind": "string",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]
}Validate RA Profile attributes
path Parameters
| uuid required | string Authority Instance UUID |
Request Body schema: application/jsonrequired
Array
| uuid required | string UUID of the Attribute |
| name required | string Name of the Attribute |
| contentType required | string (AttributeContentType) Enum: "string" "text" "integer" "boolean" "float" "date" "time" "datetime" "secret" "file" "credential" "codeblock" "object" Type of the attribute content. |
required | Array of BooleanAttributeContent (object) or CodeBlockAttributeContent (object) or CredentialAttributeContent (object) or DateAttributeContent (object) or DateTimeAttributeContent (object) or FileAttributeContent (object) or FloatAttributeContent (object) or IntegerAttributeContent (object) or ObjectAttributeContent (object) or SecretAttributeContent (object) or StringAttributeContent (object) or TextAttributeContent (object) or TimeAttributeContent (object) (BaseAttributeContentDto) Content of the Attribute |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]Response samples
- 400
- 404
Content type
application/json
{- "message": "Error message"
}Get the latest CRL for the Authority Instance
Returns the latest CRL for the Authority Instance. If delta is true, the delta CRL is returned, otherwise the full CRL is returned. When the CRL is not available for Authority Instance, null data is returned.
path Parameters
| uuid required | string Authority Instance UUID |
Request Body schema: application/jsonrequired
| delta | boolean Default: false If true, the delta CRL is returned, otherwise the full CRL is returned |
required | Array of objects (RequestAttributeDto) List of RA Profiles attributes |
Responses
Request samples
- Payload
Content type
application/json
{- "delta": false,
- "raProfileAttributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "crlData": "string"
}Get the Authority Instance's certificate chain
Returns the Authority Instance's certificate chain. The chain is returned as a list of Base64 encoded certificates, starting with the Authority Instance's certificate and ending with the root certificate, if available.
path Parameters
| uuid required | string Authority Instance UUID |
Request Body schema: application/jsonrequired
required | Array of objects (RequestAttributeDto) List of RA Profiles attributes | ||||||||
Array
| |||||||||
Responses
Request samples
- Payload
Content type
application/json
{- "raProfileAttributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
{- "certificates": [
- {
- "certificateData": "string",
- "uuid": "string",
- "meta": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "type": "data",
- "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "global": false,
- "overwrite": false
}
}
], - "certificateType": "X.509"
}
]
}Response samples
- 200
- 400
- 404
Content type
application/json
[- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]List End Entities
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
Responses
Response samples
- 200
- 400
- 404
Content type
application/json
[- {
- "subjectDN": "string",
- "email": "string",
- "extensionData": [
- {
- "name": "string",
- "value": "string"
}
], - "subjectAltName": "string",
- "status": "NEW",
- "username": "string"
}
]Create End Entity
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
Request Body schema: application/jsonrequired
required | object (RaProfileDto) RA profile related to End Entity |
string End Entity email | |
Array of objects (EndEntityExtendedInfoDto) End Entity extension data | |
| password required | string End Entity password |
| subjectAltName | string End Entity Subject alternative name |
| subjectDN required | string End Entity subject domain name |
| username required | string End Entity name |
Responses
Request samples
- Payload
Content type
application/json
{- "raProfile": {
- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "description": "string",
- "authorityInstanceUuid": "string",
- "authorityInstanceName": "string",
- "legacyAuthority": true,
- "enabled": true,
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "label": "Attribute Name",
- "type": "data",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
], - "customAttributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "label": "Attribute Name",
- "type": "data",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
], - "enabledProtocols": [
- "string"
]
}, - "email": "string",
- "extensionData": [
- {
- "name": "string",
- "value": "string"
}
], - "password": "string",
- "subjectAltName": "string",
- "subjectDN": "string",
- "username": "string"
}Response samples
- 400
- 404
Content type
application/json
{- "message": "Error message"
}Get End Entity
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
| endEntityName required | string End Entity Name |
Responses
Response samples
- 200
- 400
- 404
Content type
application/json
{- "subjectDN": "string",
- "email": "string",
- "extensionData": [
- {
- "name": "string",
- "value": "string"
}
], - "subjectAltName": "string",
- "status": "NEW",
- "username": "string"
}Update End Entity
path Parameters
| uuid required | string Authority Instance UUID |
| endEntityProfileName required | string End Entity Profile Name |
| endEntityName required | string End Entity Name |
Request Body schema: application/jsonrequired
required | object (RaProfileDto) RA profile related to End Entity |
string End Entity email | |
Array of objects (EndEntityExtendedInfoDto) End Entity extension data | |
| password required | string End Entity password |
| subjectAltName | string End Entity Subject alternative name |
| subjectDN required | string End Entity subject domain name |
| status required | string Enum: "NEW" "FAILED" "INITIALIZED" "IN_PROCESS" "GENERATED" "REVOKED" "HISTORICAL" "KEY_RECOVERY" "WAITING_FOR_ADD_APPROVAL" End Entity Subject domain name |
Responses
Request samples
- Payload
Content type
application/json
{- "raProfile": {
- "uuid": "7b55ge1c-844f-11dc-a8a3-0242ac120002",
- "name": "Name",
- "description": "string",
- "authorityInstanceUuid": "string",
- "authorityInstanceName": "string",
- "legacyAuthority": true,
- "enabled": true,
- "attributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "label": "Attribute Name",
- "type": "data",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
], - "customAttributes": [
- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "label": "Attribute Name",
- "type": "data",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
], - "enabledProtocols": [
- "string"
]
}, - "email": "string",
- "extensionData": [
- {
- "name": "string",
- "value": "string"
}
], - "password": "string",
- "subjectAltName": "string",
- "subjectDN": "string",
- "status": "NEW"
}Response samples
- 400
- 404
Content type
application/json
{- "message": "Error message"
}Connector Attributes API. Provides information about supported Attributes of the connector. Attributes are specific to implementation and gives information about the data that can be exchanged and properly parsed by the connector. Part of this API is validation of the Attributes.
Validate Attributes
path Parameters
| kind required | string Kind |
Request Body schema: application/jsonrequired
Array
| uuid required | string UUID of the Attribute |
| name required | string Name of the Attribute |
| contentType required | string (AttributeContentType) Enum: "string" "text" "integer" "boolean" "float" "date" "time" "datetime" "secret" "file" "credential" "codeblock" "object" Type of the attribute content. |
required | Array of BooleanAttributeContent (object) or CodeBlockAttributeContent (object) or CredentialAttributeContent (object) or DateAttributeContent (object) or DateTimeAttributeContent (object) or FileAttributeContent (object) or FloatAttributeContent (object) or IntegerAttributeContent (object) or ObjectAttributeContent (object) or SecretAttributeContent (object) or StringAttributeContent (object) or TextAttributeContent (object) or TimeAttributeContent (object) (BaseAttributeContentDto) Content of the Attribute |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "contentType": "string",
- "content": [
- {
- "reference": "string",
- "data": true
}
]
}
]Response samples
- 400
- 404
- 422
Content type
application/json
{- "message": "Error message"
}Response samples
- 200
- 400
- 404
Content type
application/json
[- {
- "uuid": "166b5cf52-63f2-11ec-90d6-0242ac120003",
- "name": "Attribute",
- "description": "string",
- "type": "data",
- "content": [
- {
- "reference": "string",
- "data": true
}
], - "contentType": "string",
- "properties": {
- "label": "Attribute Name",
- "visible": true,
- "group": "requiredAttributes",
- "required": false,
- "readOnly": false,
- "list": false,
- "multiSelect": false
}, - "constraints": [
- {
- "description": "string",
- "errorMessage": "string",
- "type": "regExp",
- "data": "string"
}
], - "attributeCallback": {
- "callbackContext": "string",
- "callbackMethod": "string",
- "mappings": [
- {
- "from": "string",
- "attributeType": "data",
- "attributeContentType": "string",
- "to": "string",
- "targets": [
- "pathVariable"
], - "value": { }
}
]
}
}
]