Deny a request
Deny an existing request
The request to deny
|
_id
string (Internal ID)
requiredThe ID of the request to deny |
|
module
string (Module)
requiredThe module of the request
Enum
webra
est
scep
acme
crmp
|
|
workflow
string (Workflow)
requiredThe workflow of the request
Enum
enroll
migrate
revoke
recover
renew
update
|
|
approverComment
string
Free-text field editable by the approver to provider more context on the denial |
-
200 Request successfully denied
application/json_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe WebRA profile name
modulestring requiredThe module that will be used to process this request. For a WebRA request, this is always webra
Valuewebraworkflowstring requiredWhat this request will do. For an enrollment request, this is always enroll
Valueenrolltemplateobject (WebRA Enroll Request Template) requiredThe user-data that will be used to generate the certificate
keyTypestring | null (Keytype)The type of key that will be used to generate the certificate, if in centralized mode
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519csrstring | nullIf decentralized enrollment is enabled, this field will contain the CSR that will be used to generate the certificate
subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
statusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
passwordobject | null (models.secret.SecretString)The password to decrypt the PKCS12 file. Must be set if password mode is manual
valuestring | nullValue of the secret that will be passed to Horizon
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
pkcs12object | null (models.secret.SecretString)The generated PKCS#12 for this request. This is only available after the request has been approved in centralized mode
valuestring | nullValue of the secret that will be passed to Horizon
certificateobject | null (Certificate)The certificate that was generated for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdryRunboolean | nullIf true, the request is validated, but will not result in an enrollment
dnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
modulestring (RequestModule) requiredThe module of the certificate revoked.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For a revocation request, this is always revoke
Valuerevoketemplateobject (WebRA Revoke Request Template) requiredThe user-data that will be used to revoke the certificate
revocationReasonstring | nullThe reason for revoking the certificate
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONstatusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedprofilestring requiredThe Requested profile name
requesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate to revoke
certificatePemstring | nullThe PEM encoded certificate to revoke
contactstring | nullThe request's contact email
certificateobject | null (Certificate)The certificate that was revoked for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
modulestring (RequestModule) requiredThe module of the certificate updated.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For an update request, this is always update
Valueupdatetemplateobject (WebRA Update Request Template) requiredThe user-data that will be used to generate the certificate
labelsarray of objects | null (Label)Information about the certificate's labels and how to edit them
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
metadataarray of objects | null (Certificate Metadata)Information about the certificate's metadata and how to edit them
Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
statusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedprofilestring requiredThe Requested profile name
requesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate to update
certificatePemstring | nullThe PEM encoded certificate to update
certificateobject | null (Certificate)The certificate that was updated for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdryRunboolean | nullIf true, the request is validated, but will not result in an update
dnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe Requested profile name
modulestring (RequestModule) requiredThe module of the certificate recovered.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For a recovery request, this is always recover
Valuerecoverstatusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
passwordobject | null (models.secret.SecretString)The password to decrypt the PKCS12 file. Must be set if password mode is manual
valuestring | nullValue of the secret that will be passed to Horizon
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate to update
certificatePemstring | nullThe PEM encoded certificate to update
pkcs12object | null (models.secret.SecretString)The generated PKCS#12 for this request. This is only available after the request has been approved in centralized mode
valuestring | nullValue of the secret that will be passed to Horizon
certificateobject | null (Certificate)The certificate that was generated for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdryRunboolean | nullIf true, the request is validated, but will not result in a recovery
dnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe target profile name
modulestring (RequestModule) requiredThe module of the certificate migrated.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For a migration request, this is always migrate
Valuemigratetemplateobject (models.webra.WebRAMigrateRequestTemplate) requiredThe user-data that will be used to generate the certificate
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
ownerobject | null (Certificate Owner)valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataarray of objects | null (Certificate Metadata)Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
contactEmailobject | null (Contact email)valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
statusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate to migrate
certificatePemstring | nullThe PEM encoded certificate to migrate
certificateobject | null (Certificate)The certificate that was updated for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdryRunboolean | nullIf true, the request is validated, but will not result in a migration
dnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
modulestring (RequestModule) requiredThe module of the certificate renew.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For a renewal request, this is always renew
Valuerenewstatusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedprofilestring requiredThe Requested profile name
requesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
passwordobject | null (models.secret.SecretString)The password to decrypt the PKCS12 file. Must be set if password mode is manual
valuestring | nullValue of the secret that will be passed to Horizon
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate to renew
certificatePemstring | nullThe PEM encoded certificate to renew
templateobject (WebRA Renew Request Template)The user-data that will be used to generate the certificate
csrstring | nullThe CSR used to renew the certificate, if in decentralized mode
keyTypestring | null (Keytype)The key type of the certificate, if in centralized mode
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519pkcs12object | null (models.secret.SecretString)The generated PKCS#12 for this request. This is only available after the request has been approved in centralized mode
valuestring | nullValue of the secret that will be passed to Horizon
certificateobject | null (Certificate)The certificate that was generated for this request. This is only available after the request has been approved
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe Requested profile name
modulestring (RequestModule) requiredThe module of the certificate imported.
Enumwebraestscepacmeacme-externalworkflowstring requiredWhat this request will do. For an import request, this is always import
Valueimportstatusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
templateobject (WebRA Import Request Template)The user-data that will be added on certificate import
privateKeystring | nullThe PEM-encoded private key associated with the certificate. Mandatory if target profile has escrow enabled, forbidden otherwise
ownerobject | null (Certificate Owner)The owner for this certificate
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)The team for this certificate
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
contactEmailobject | null (Contact email)The contact email for this certificate
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
labelsarray of objects | null (Label)The labels for this certificate
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
metadataarray of objects | null (Certificate Metadata)The technical metadata for this certificate
Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The third party data associated with the certificate
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
discoveryInfoobject | null (models.discovery.DiscoveryInfo)Information about the discovery of this certificate
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
discoveryDataobject (models.discovery.HostDiscoveryData)The host discovery data associated with the certificate (discovery metadata)
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
certificateIdstring | null (Internal ID)The id of the certificate to import
certificatePemstring | nullThe PEM encoded certificate to import
dnstringCertificate's Distinguished Name
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe EST profile name
modulestring requiredThe module that will be used to process this request. For a EST request, this is always est
Valueestworkflowstring requiredWhat this request will do. For an enrollment request, this is always enroll
Valueenrolltemplateobject (EST Enroll Request Template) requiredThe user-data that will be used to generate the certificate
subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
dnWhitelistboolean | nullDN whitelist is enabled on this request
statusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
passwordobject | null (models.secret.SecretString)The password of the challenge. Must be set if password mode is manual
valuestring | nullValue of the secret that will be passed to Horizon
dnstringThe DN of the challenge
dryRunboolean | nullIf true, the request is validated, but will not result in a challenge creation
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
_idstring (Internal ID) requiredObject internal ID
profilestring requiredThe SCEP profile name
modulestring requiredThe module that will be used to process this request. For a SCEP request, this is always scep
Valuescepworkflowstring requiredWhat this request will do. For an enrollment request, this is always enroll
Valueenrolltemplateobject (SCEP Enroll Request Template) requiredThe user-data that will be used to generate the certificate
subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
dnWhitelistboolean | nullDN whitelist is enabled on this request
statusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedrequesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
removeAtinteger requiredThe date the requested will be deleted. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
passwordobject | null (models.secret.SecretString)The password of the challenge. Must be set if password mode is manual
valuestring | nullValue of the secret that will be passed to Horizon
dnstringThe DN of the challenge
dryRunboolean | nullIf true, the request is validated, but will not result in a challenge creation
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
approverstring | nullThe approver's principal identifier
contactstring | nullThe request's contact email
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this request
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
globalHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the Horizon database
profileHolderIdCountinteger | nullThe number of certificates that are currently valid and have the same DN and SANs in the same enrollment profile
-
400 Invalid request
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Requesttitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Requestdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueREQ-004messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Request statustitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Request statusdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueREQ-005messagestring requiredA short, human-readable summary of the problem type
ValueExpired Requesttitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Requestdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-007messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Identity Providertitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Identity Providerstatusinteger requiredThe http status code of the error. In compliance with RFC7807
detailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-008messagestring requiredA short, human-readable summary of the problem type
ValueInvalid redirect pathtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid redirect pathdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
401 Unauthorized request
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid credentials or principal does not existtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid credentials or principal does not existdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-009messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
403 Forbidden action
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-PERM-001messagestring requiredA short, human-readable summary of the problem type
ValueInsufficient privilegestitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInsufficient privilegesdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is not trustedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is not trusteddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-004messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-005messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is revokedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is revokeddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-006messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-004messagestring requiredA short, human-readable summary of the problem type
ValueExpired Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
404 Not found
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-003messagestring requiredA short, human-readable summary of the problem type
ValueRequest not foundtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueRequest not founddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueCERT-SEARCH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate not foundtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate not founddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
500 Internal server error
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807