Search requests
Send a request search query (in HRQL format) and return the request search results
The request search query
|
query
string | null
The HRQL query to use for the search, represents the way to filter requests. Filters nothing if not specified |
|||
|
fields
array of string | null
The fields to be returned by the search. If this parameter is not specified, everything is returned by default. If this parameter is equal to an empty array, only the _id field is returned |
|||
|
sortedBy
array of objects | null (SortElement)
The way to sort the search results |
|||
|
Array [
] |
|||
|
pageIndex
integer | null
The index of the page to retrieve |
|||
|
pageSize
integer | null
The maximum number of items to retrieve for one page |
|||
|
withCount
boolean | null
Whether to return the total count of requests matching the HRQL query |
|||
|
scope
string | null
The scope of the search. manage only searches among requests that the currently logged in user has the rights to manage. search searches among all visible requests to the logged in user. self searches among requests that the currently logged in user or its team has issued
Enum
manage
search
self
|
|||
-
200 The request search results
application/jsonresultsarray of objects (models.search.request.RequestSearchResult) requiredThe list of requests matching the HRQL query
Array [
_idstring (Internal ID) requiredThe ID of the request
modulestring (Module) requiredThe module of the request
Enumwebraestscepacmecrmpworkflowstring (Workflow) requiredThe workflow of the request
Enumenrollmigraterevokerecoverrenewupdatestatusstring (Request Status) requiredThe request status
Enumdeniedapprovedpendingcanceledcompletedprofilestring (Enrollment profile) requiredAny profile configured for a protocol in Horizon
requesterstring requiredThe requester's principal identifier
registrationDateinteger requiredThe date the request was created. This is set by the system
lastModificationDateinteger requiredThe date the request was last modified. This is set by the system
expirationDateinteger requiredThe date the request will expire. This is set by the system
holderIdstring (Holder ID) requiredThe computed holderID for this request. This is set by the system based on DN and SANs
permissionsobject (models.search.request.RequestPermissions) requiredThe permissions of the principal on this request.
approveboolean | nullWhether the principal can approve or deny the request (manage rights)
cancelboolean | nullWhether the principal can cancel the request (owner or team of the request)
approverstring | nullThe approver's principal identifier
teamstring | nullThe team that will be assigned to this certificate. Teams are used to link certificates to people and to assign permissions to them
contactstring | nullThe request's contact email
requesterCommentstring | nullFree-text field editable by the requester to provider more context on the request
approverCommentstring | nullFree-text field editable by the approver to provider more context on the request
certificateIdstring | null (Internal ID)The id of the certificate in the request
certificateobject | null (Certificate)The certificate associated with the request
metadataarray of objects (Certificate Metadata) requiredThe certificate's technical metadata used internally
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
notAfterinteger requiredThe certificate's expiration date in milliseconds since the epoch
thumbprintstring requiredThe certificate's thumbprint
certificatestring requiredThe certificate's PEM-encoded content
dnstring requiredThe certificate's Distinguished Name
revokedboolean requiredWhether the certificate is revoked
escrowedboolean requiredWhether the certificate is escrowed
issuerstring requiredThe certificate's issuer Distinguished Name
notBeforeinteger requiredThe certificate's start date in milliseconds since the epoch
selfSignedboolean requiredWhether the certificate is self-signed
keyTypestring (Keytype) requiredThe certificate's key type
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519publicKeyThumbprintstring requiredThe certificate's public key thumbprint
modulestring requiredThe certificate's module
holderIdstring requiredThe certificate's holder ID. This is a computed field that is used to count how many similar certificates are in use simultaneously by the same holder
subjectAlternateNamesarray of objects (models.certificate.SubjectAlternateName) requiredThe certificate's Subject Alternate Names
Array [
sanTypestring requiredThe type of the SAN
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluestring requiredThe value of the SAN
]
serialstring requiredThe certificate's serial number
signingAlgorithmstring requiredThe certificate's signing algorithm
_idstring requiredInternal ID
revocationDateinteger | nullThe certificate's revocation date in milliseconds since the epoch. This field is only present if the certificate is revoked
gradesarray of objects | null (models.certificate.grading.policy.GradingPolicyResult)The certificate's grades for the enabled grading policies
Array [
namestring requiredThe name of the grading policy
gradestring requiredThe grade awarded by the grading policy
]
crlSynchronizedboolean | nullWhether the certificate's revocation status is synchronized with a CRL
discoveredTrustedboolean | nullIf the certificate was discovered and is found to be issued by an existing trusted CA, this field will be set to true. If the certificate was discovered and is not found to be issued by an existing trusted CA, this field will be set to false. If the certificate was not discovered, this field will be null
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The certificate's information about synchronization with Horizon supported third parties
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
ownerstring | nullThe certificate's owner. This is a reference to a local identity identifier
contactEmailstring | nullThe certificate's contact email. It will be used to send notifications about the certificate's expiration and revocation
profilestring | nullThe certificate's profile
teamstring | nullThe certificate's team. This is a reference to a team identifier. It will be used to determine the certificate's permissions and send notifications
labelsarray of objects | null (models.certificate.label.LabelData)The certificate's labels
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
discoveryInfoarray of objects | null (models.discovery.DiscoveryInfo)A list of metadata containing information on how and when the certificate was discovered
Array [
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
]
triggerResultsarray of objects | null (models.trigger.TriggerResult)The result of the execution of triggers on this certificate
Array [
namestring requiredThe name of the trigger that was executed
eventstring requiredThe event that triggered the trigger
Enumon_deny_updateon_cancel_migrateon_pending_renewon_submit_migrateon_cancel_updateon_approve_migrateon_pending_recoveron_pending_enrollon_deny_revokeon_cancel_renewon_submit_recoveron_submit_enrollon_cancel_recoveron_approve_revokeon_pending_updateon_deny_recoveron_approve_renewon_deny_migrateon_revokeon_approve_recoveron_expireon_enrollon_deny_renewon_approve_updateon_recoveron_deny_enrollon_submit_renewon_updateon_approve_enrollon_cancel_enrollon_pending_migrateon_pending_revokeon_submit_updateon_submit_revokeon_migrateon_cancel_revokeon_renewtriggerTypestring requiredThe type of the trigger
Enumawsemailf5clientldappubintunepkcsakvwebhooklastExecutionDateinteger requiredThe last time this trigger was executed for this certificate and this event
statusstring requiredThe status of the trigger after its execution
Enumsuccessfailureretryableboolean requiredIs this trigger manually retryable (can be run)
retriesinteger | nullThe number of remaining tries before the trigger is abandoned
nextExecutionDateinteger | nullThe next scheduled execution time for this trigger
nextDelaystring | nullTime that will be waited between the next and the next+1 execution of this trigger
detailstring | nullContains details on this trigger's execution
]
extensionsarray of objects (models.certificate.extension.CertificateExtension)The certificate's extensions
Array [
keystring requiredThe extension's type
Enumms_sidms_templatevaluestring requiredThe extension's value
]
discoveryDataarray of objects | null (models.discovery.HostDiscoveryData)A list of metadata containing information on where the certificate was discovered
Array [
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
]
revocationReasonstring | nullThe certificate's revocation reason
EnumUNSPECIFIEDKEYCOMPROMISECACOMPROMISEAFFILIATIONCHANGESUPERSEDEDCESSATIONOFOPERATIONdnstringAssociated certificate's Distinguished Name
labelsarray of objects | null (models.certificate.label.LabelData)The labels set in this request
Array [
keystring requiredThe label's name
valuestring requiredThe label's value
]
metadataarray of objects | null (Certificate Metadata)The metadata set in this request
Array [
keystring requiredThe metadata name
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring requiredThe metadata value
]
]
pageIndexinteger requiredThe index of the results page
pageSizeinteger requiredThe maximum number of items on this page
hasMoreboolean requiredIndicates whether the response represents the last page of results (if set to false) or not (if set to true)
countintegerThe total count of requests matching the HRQL query
-
400 Invalid request
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-006messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Request Search Querytitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Request Search Querydetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-007messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Identity Providertitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Identity Providerdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-008messagestring requiredA short, human-readable summary of the problem type
ValueInvalid redirect pathtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid redirect pathdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueHQL-001messagestring requiredA short, human-readable summary of the problem type
ValueInvalid HQL querytitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid HQL querydetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
401 Unauthorized request
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid credentials or principal does not existtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid credentials or principal does not existdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-009messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
403 Forbidden action
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is not trustedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is not trusteddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-004messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-005messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is revokedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is revokeddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-006messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-004messagestring requiredA short, human-readable summary of the problem type
ValueExpired Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
500 Internal server error
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807