List the existing certificate profiles
List the existing certificate profiles with the capability to filter on a list of module(s)
|
modules
array of string
required |
-
200 Certificate profile list
application/jsonArray [
_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredtimeoutstring requiredpkiConnectorstring requiredauthorizeShortNameboolean requiredauthorizeEmptyContactboolean requiredverifyRetryCountinteger requiredverifyRetryDelaystring requiredrequireTermsOfServiceboolean requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metaobject | null (models.acme.DirectoryMeta)termsOfServicestring | nullwebsitestring | nullcaaIdentitiesarray of string | nullexternalAccountRequiredboolean | nullconstraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullauthorizationMethodsarray of string | nullhttp01Portinteger | nulltlsAlpn01Portinteger | nulldefaultContactsarray of string | nullrenewalPeriodstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONmaxDnsNameinteger | nullproxystring | nulltriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredcastring requiredpkiConnectorstring requiredauthorizationModestring requiredEnumauthorizedx509challengednWhitelistboolean requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
selfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nulldisplayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
constraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONenrollAuthorizedCasarray of string | nullrenewalAuthorizedCasarray of string | nullrenewalPeriodstring | nulltriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
passwordPolicystring | nullcertificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredmodestring requiredEnumcarathirdPartyConnectorstring requiredpkiConnectorstring requiredscepRAstring requiredcapsarray of string requiredencryptionAlgorithmstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
renewalPeriodstring | nullconstraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertypostPKIOperationboolean | nulldeviceIdFieldstring | nulldeviceIdSeparatorstring | nullmaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredmodestring requiredEnumcarathirdPartyConnectorstring requiredpkiConnectorstring requiredscepRAstring requiredcapsarray of string requiredencryptionAlgorithmstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
renewalPeriodstring | nullconstraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertypostPKIOperationboolean | nulldeviceIdFieldstring | nullmaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
passwordPolicystring | nullcertificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredmodestring requiredEnumcarascepRAstring requiredcapsarray of string requiredencryptionAlgorithmstring requiredpkiConnectorstring requireddnWhitelistboolean requiredauthorizationModestring requiredThe authorization mode for this profile:
- challenge: a SCEP challenge must be used when submitting a request.
- authorized: the challenge does not come from the challenge but are credentials 'login:password' hex encoded of an account with enroll permissions.
- ndes: challenge requests are automatically generated by an account with enroll permissions.
EnumchallengeauthorizedndesauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
postPKIOperationboolean | nullconstraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullrenewalPeriodstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
passwordPolicystring | nullcertificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredpkiConnectorstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
constraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | nullexchangeCertificatestring | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredpkiConnectorstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
selfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nulldisplayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
csrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
renewalPeriodstring | nullgradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredpkiConnectorstring requiredthirdPartyConnectorstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
selfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nulldisplayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
constraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullcsrDataMappingobject | nullproperty name*stringadditional propertymaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONtriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null_idstring requiredmodulestring requirednamestring requiredenabledboolean requiredpkiConnectorstring requiredauthorizationLevelsobject (models.certificate.profile.CertificateProfileAuthorizationLevels) requiredrevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRevokeobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
searchobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
updateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveUpdateobject (models.security.access.AuthorizationLevel) requiredaccessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
enrollApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveEnrollobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
recoverApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRecoverobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
migrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveMigrateobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
renewApiobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
approveRenewobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
auditRequestobject | null (models.security.access.AuthorizationLevel)accessLevelstring requiredThe access level required to perform the action
EnumeveryoneauthenticatedauthorizedenforcedIdentityProvidersarray of objects | null (Enforced identity providers)The different identity providers that can be enforced to perform the action
Array [
typestring requiredThe type of identity provider to be enforced
EnumLocalOpenIdX509Popnamestring requiredThe name of the identity provider to be enforced
]
requestsPolicyobject (models.request.RequestsPolicy) requiredenrollstring | nullrevokestring | nullrecoverstring | nullupdatestring | nullmigratestring | nullrenewstring | nullselfPermissionsobject (models.certificate.profile.CertificateProfileSelfPermissions) requiredselfUpdateboolean requiredselfRevokeboolean requiredselfRenewboolean requiredselfPopRenewboolean requiredselfPopRevokeboolean requiredselfPopUpdateboolean requiredselfRecoverboolean | nullcryptoPolicyobject (Certificate profile crypto policy) requiredcentralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
displayNamearray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
constraintsobject | null (models.certificate.CertificateRequestConstraints)allowedDomainsstring | nullallowedEmailDomainsstring | nullallowedDnsDomainsstring | nullauthorizationMethodsarray of string | nullacmeUrlstringrequireEABbooleanmaxCertificatePerHolderPolicyobject | null (models.certificate.profile.MaxCertificatePerHolderPolicy)maxinteger requiredbehaviorstring requiredEnumrevokerejectrevocationReasonstring | nullEnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONauthorizedCasarray of string | nullrenewalPeriodstring | nulltriggersobject | null (models.certificate.profile.CertificateProfileTriggers)onEnrollarray of string | nullonSubmitEnrollarray of string | nullonCancelEnrollarray of string | nullonApproveEnrollarray of string | nullonDenyEnrollarray of string | nullonPendingEnrollarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRevokearray of string | nullonSubmitRevokearray of string | nullonCancelRevokearray of string | nullonApproveRevokearray of string | nullonDenyRevokearray of string | nullonPendingRevokearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onUpdatearray of string | nullonSubmitUpdatearray of string | nullonCancelUpdatearray of string | nullonApproveUpdatearray of string | nullonDenyUpdatearray of string | nullonPendingUpdatearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRecoverarray of string | nullonSubmitRecoverarray of string | nullonCancelRecoverarray of string | nullonApproveRecoverarray of string | nullonDenyRecoverarray of string | nullonPendingRecoverarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onMigratearray of string | nullonSubmitMigratearray of string | nullonCancelMigratearray of string | nullonApproveMigratearray of string | nullonDenyMigratearray of string | nullonPendingMigratearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onExpirearray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
onRenewarray of string | nullonSubmitRenewarray of string | nullonCancelRenewarray of string | nullonApproveRenewarray of string | nullonDenyRenewarray of string | nullonPendingRenewarray of objects | null (models.certificate.profile.CertificateProfileAsynchronousTrigger)Array [
namestring requiredactivationDateinteger | null]
certificateTemplateobject | null (models.certificate.template.CertificateTemplate)subjectarray of objects | null (models.certificate.template.DNElement)Array [
typestring requiredmandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
sansarray of objects | null (models.certificate.template.SANElement)Array [
typestring requiredEnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullmininteger | nullmaxinteger | null]
extensionsarray of objects | null (models.certificate.extension.ExtensionElement)Array [
typestring requiredEnumms_sidms_templatemandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | null]
ownerPolicyobject | null (models.certificate.template.OwnerPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamPolicyobject | null (models.certificate.template.TeamPolicy)editableByRequesterboolean requirededitableByApproverboolean requiredmandatoryboolean requiredregexstring | nullwhitelistarray of string | nullvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
descriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataPoliciesarray of objects | null (models.certificate.template.MetadataPolicy)Array [
metadatastring requiredEnumgs_order_idrenewed_certificate_idmetapki_idpki_connectordigicert_identrust_idscep_transidfcms_idprevious_certificate_idgsatlas_idcerteurope_iddigicert_order_idautomation_policycontact_emaileditableByRequesterboolean requirededitableByApproverboolean required]
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
valuestring | nullThe default value of the label element
computationRuleobject | null (TemplateString)The computation rule of the label element
valuestring requiredA computation rule that will dynamically generate a string value from the request's context
mandatoryboolean | nullWhether the label element is mandatory to submit a request
editableByRequesterboolean | nullWhether the label element is editable by the requester
editableByApproverboolean | nullWhether the label element is editable by the approver
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe whitelist used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailPolicyobject | null (models.certificate.template.ContactEmailPolicy)mandatoryboolean requiredvaluestring | nullcomputationRuleobject | null (TemplateString)valuestring requiredA computation rule that will dynamically generate a string value from the request's context
editableByRequesterboolean | nulleditableByApproverboolean | nullregexstring | nullwhitelistarray of string | nulldescriptionarray of objects | null (LocalizedString)Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
gradingPoliciesarray of string | null]
-
204 No certificate profile defined or insufficient permissions
-
400 Bad Request
application/jsonerrorstring requiredThe error code of the problem
ValueCERT-PROFILE-005messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Moduletitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Moduledetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
401 Unauthorized request
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid credentials or principal does not existtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid credentials or principal does not existdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is not trustedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is not trusteddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-004messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-005messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is revokedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is revokeddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-006messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-007messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Identity Providertitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Identity Providerdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-008messagestring requiredA short, human-readable summary of the problem type
ValueInvalid redirect pathtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid redirect pathdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-009messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
403 Forbidden action
application/jsonerrorstring requiredThe error code of the problem
ValueLIC-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-004messagestring requiredA short, human-readable summary of the problem type
ValueExpired Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
500 Internal Server error
application/jsonerrorstring requiredThe error code of the problem
ValueCERT-PROFILE-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807