Retrieve a request template
Retrieve the template to fulfill a specific request. The template indicates the required element to include when submitting a new request
The request on which to return the template
|
workflow
string
requiredThe workflow for which to return the template.
Value
enroll
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
module
string
requiredThe module for which to return the template.
Value
webra
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string | null (Certificate profile)
The profile for which to return the template. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (WebRA Enroll Request Template)
The template with the constraint set on the profile |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
revoke
|
||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
||
|
template
object
required
The reason for revoking the certificate |
||
|
||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
||
|
workflow
string
requiredThe workflow for which to return the template.
Value
update
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (WebRA Update Request Template)
required
The template with the constraint set on the profile |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string | null (Certificate profile)
The profile for which to return the template. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
recover
|
||||||||||||||
|
template
object (WebRA Recover Request Template)
required
The cryptography policy applied during the recovery of a certificate |
||||||||||||||
|
||||||||||||||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
migrate
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (models.webra.WebRAMigrateRequestTemplate)
required
The template with the constraint set on the profile |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string | null (Certificate profile)
The profile for which to return the template. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
renew
|
|||||||||||||||||||||||||||||
|
template
object (WebRA Renew Request Template)
required
The cryptography policy applied during the recovery of a certificate |
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
|||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
import
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (WebRA Import Request Template)
required
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
enroll
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
module
string
requiredThe module for which to return the template.
Value
est
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (EST Enroll Request Template)
required
The template with the constraint set on the profile |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
workflow
string
requiredThe workflow for which to return the template.
Value
enroll
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
module
string
requiredThe module for which to return the template.
Enum
scep
jamf
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
template
object (SCEP Enroll Request Template)
required
The template with the constraint set on the profile |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
profile
string (Certificate profile)
requiredThe profile for which to return the template. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificateId
string | null (Horizon certificate ID)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
certificatePem
string | null (Certificate pem)
Used to pre-fill the template field with the certificate values. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-
200 The request including the template
application/jsonworkflowstring requiredThe workflow for which to return the template.
Valueenrollmodulestring requiredThe module for which to return the template.
Valuewebraprofilestring | null (Certificate profile) requiredThe profile for which to return the template.
templateobject (WebRA Enroll Request Template) requiredThe template with the constraint set on the profile
csrstring | nullUsed to pre-fill the template field with the CSR values.
keyTypestring | null (Keytype)The type of key that will be used to generate the certificate, if in centralized mode
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
capabilitiesobject | null (Certificate profile crypto policy)Describes how certificates will be enrolled on this profile
centralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
passwordPolicyobject | null (Password Policy)The password policy that will be used to generate the certificate's PKCS#12 password
_idstring (Internal ID) requiredThe internal ID of the password policy
namestring requiredThe name of the password policy
minCharinteger requiredThe minimum number of characters of the password
maxCharinteger | nullThe maximum number of characters of the password
minUpCharinteger | nullThe minimum number of uppercase characters of the password
minLoCharinteger | nullThe minimum number of lowercase characters of the password
minDiCharinteger | nullThe minimum number of digits of the password
spCharstring | nullThe special characters of the password accepted by the password policy
minSpCharinteger | nullThe minimum number of special characters of the password
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valuerevokeprofilestring (Certificate profile) requiredThe profile for which to return the template.
templateobject requiredThe reason for revoking the certificate
revocationReasonstringValueUNSPECIFIEDcertificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valueupdateprofilestring | null (Certificate profile) requiredThe profile for which to return the template.
templateobject (WebRA Update Request Template) requiredThe template with the constraint set on the profile
labelsarray of objects | null (Label)Information about the certificate's labels and how to edit them
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
metadataarray of objects | null (Certificate Metadata)Information about the certificate's metadata and how to edit them
Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valuerecovertemplateobject (WebRA Recover Request Template) requiredThe cryptography policy applied during the recovery of a certificate
passwordModestring | nullThe password mode of the certificate
EnumrandommanualpasswordPolicyobject | null (Password Policy)The selected password policy for this profile. If none is defined and the password mode is manual, there is no constraint on the password. In random mode, the Horizon-Default policy is used
_idstring (Internal ID) requiredThe internal ID of the password policy
namestring requiredThe name of the password policy
minCharinteger requiredThe minimum number of characters of the password
maxCharinteger | nullThe maximum number of characters of the password
minUpCharinteger | nullThe minimum number of uppercase characters of the password
minLoCharinteger | nullThe minimum number of lowercase characters of the password
minDiCharinteger | nullThe minimum number of digits of the password
spCharstring | nullThe special characters of the password accepted by the password policy
minSpCharinteger | nullThe minimum number of special characters of the password
profilestring (Certificate profile) requiredThe profile for which to return the template.
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valuemigrateprofilestring | null (Certificate profile) requiredThe profile for which to return the template.
templateobject (models.webra.WebRAMigrateRequestTemplate) requiredThe template with the constraint set on the profile
labelsarray of objects | null (Label)Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
ownerobject | null (Certificate Owner)valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
metadataarray of objects | null (Certificate Metadata)Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
contactEmailobject | null (Contact email)valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valuerenewtemplateobject (WebRA Renew Request Template) requiredThe cryptography policy applied during the recovery of a certificate
capabilitiesobject | null (Certificate profile crypto policy)Describes how certificates will be enrolled on this profile
centralizedboolean requiredWhether this profile supports centralized enrollment
decentralizedboolean requiredWhether this profile supports decentralized enrollment
escrowboolean requiredWhether this profile will escrow the certificate private keys
defaultKeyTypestring | null (Keytype)Default key type used for centralized enrollment
Enumrsa-<size>ec-secp256r1ec-secp384r1ec-secp521r1ed-Ed448ed-Ed25519authorizedKeyTypesarray of string | null (Keytype)List of authorized key types for enrollment
preferredEnrollmentModestring | nullIf both centralized and decentralized enrollment are supported, this is the preferred mode
Enumcentralizeddecentralizedp12passwordPolicystring | nullPassword policy for the P12 file
p12passwordModestring | nullWhether the user will be required to input their PKCS#12 password upon enrollment
Enumrandommanualp12storeEncryptionTypestring | nullEncryption type for the P12 file
showP12PasswordOnEnrollboolean | nullWhether the PKCS#12 password will be displayed to the user upon enrollment
showP12OnEnrollboolean | nullWhether the PKCS#12 file will be displayed to the user upon enrollment
showP12PasswordOnRecoverboolean | nullWhether the PKCS#12 password will be displayed to the user upon recovery
showP12OnRecoverboolean | nullWhether the PKCS#12 file will be displayed to the user upon recovery
passwordPolicyobject | null (Password Policy)The password policy that will be used to generate the certificate's PKCS#12 password
_idstring (Internal ID) requiredThe internal ID of the password policy
namestring requiredThe name of the password policy
minCharinteger requiredThe minimum number of characters of the password
maxCharinteger | nullThe maximum number of characters of the password
minUpCharinteger | nullThe minimum number of uppercase characters of the password
minLoCharinteger | nullThe minimum number of lowercase characters of the password
minDiCharinteger | nullThe minimum number of digits of the password
spCharstring | nullThe special characters of the password accepted by the password policy
minSpCharinteger | nullThe minimum number of special characters of the password
profilestring (Certificate profile) requiredThe profile for which to return the template.
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valueimporttemplateobject (WebRA Import Request Template) requiredprivateKeystring | nullThe PEM-encoded private key associated with the certificate. Mandatory if target profile has escrow enabled, forbidden otherwise
ownerobject | null (Certificate Owner)The owner for this certificate
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)The team for this certificate
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
contactEmailobject | null (Contact email)The contact email for this certificate
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
labelsarray of objects | null (Label)The labels for this certificate
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
metadataarray of objects | null (Certificate Metadata)The technical metadata for this certificate
Array [
metadatastring requiredTechnical metadata related to the certificate
Enumpki_connectorprevious_certificate_idrenewed_certificate_idautomation_policygs_order_idmetapki_iddigicert_identrust_idscep_transidfcms_idgsatlas_idcerteurope_iddigicert_order_idvaluestring | nullThe value of the metadata element
editableboolean | nullWhether the metadata element is editable by the requester
]
thirdPartyDataarray of objects | null (models.thirdparty.ThirdPartyItem)The third party data associated with the certificate
Array [
connectorstring requiredThe third party connector name on which this certificate is synchronized
idstring requiredThe Id of this certificate on the third party
fingerprintstring | nullThe fingerprint of this certificate on the third party
pushDateinteger | nullThe date when the certificate was pushed to this third party
removeDateinteger | nullThe date when the certificate was removed from this third party (in case of revocation)
]
discoveryInfoobject | null (models.discovery.DiscoveryInfo)Information about the discovery of this certificate
campaignstring requiredThe discovery campaign's name
lastDiscoveryDateinteger requiredWhen this certificate was discovered for the last time
identifierstring | nullIdentifier of the user that discovered this certificate
discoveryDataobject (models.discovery.HostDiscoveryData)The host discovery data associated with the certificate (discovery metadata)
ipstring | nullThe certificate's host ip
sourcesarray of string | nullInformation on the type of discovery that discovered this certificate
hostnamesarray of string | nullThe certificate's host hostnames (netscan only)
operatingSystemsarray of string | nullThe certificate's host operating system (localscan only)
pathsarray of string | nullThe path to the certificate on the host machine (localscan only)
usagesarray of string | nullThe path of the configuration files that were used to find the certificates
tlsPortsarray of objects | null (models.discovery.TlsPort)The ports on which the certificate is exposed for https connexion
Array [
portinteger requiredThe number of the port
versionstring requiredProtocol version used
]
profilestring (Certificate profile) requiredThe profile for which to return the template.
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valueenrollmodulestring requiredThe module for which to return the template.
Valueesttemplateobject (EST Enroll Request Template) requiredThe template with the constraint set on the profile
subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
dnWhitelistboolean | nullDN whitelist is enabled on this request
profilestring (Certificate profile) requiredThe profile for which to return the template.
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
workflowstring requiredThe workflow for which to return the template.
Valueenrollmodulestring requiredThe module for which to return the template.
Enumscepjamftemplateobject (SCEP Enroll Request Template) requiredThe template with the constraint set on the profile
subjectarray of objects | null (IndexedDNElement)List of DN elements that will be used to build the certificate's Distinguished Name
Array [
elementstring requiredThe element type and index. Indexes start at 1 !
EnumcneoustlocdcuidserialNumbersurnamegivenNameunstructuredAddressunstructuredNameorganizationIdentifieruniqueIdentifierstreetdescriptiontypestring | nullThe formatted element type
EnumCNEOUSTLOCDCUIDSERIALNUMBERSURNAMEGIVENNAMEunstructuredAddressunstructuredNameorganizationIdentifierUniqueIdentifierSTREETDESCRIPTIONvaluestring | nullThe element value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
mandatoryboolean | nullWhether the field is mandatory or not
editableboolean | nullWhether the field is editable or not for the currently authenticated user
regexstring | nullA regular expression that will be used to validate the element's value
]
sansarray of objects | null (SAN Element)List of SAN elements that will be used to build the certificate's Subject Alternative Name
Array [
typestring | null requiredSAN type
EnumRFC822NAMEDNSNAMEURIIPADDRESSOTHERNAME_UPNOTHERNAME_GUIDvaluearray of string | nullSAN value
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether this SAN element is editable by the user
regexstring | nullThe regex that will be used to validate the SAN value
mininteger | nullThe minimum number of SAN elements that must be provided
maxinteger | nullThe maximum number of SAN elements that can be provided
]
extensionsarray of objects | null (Certificate Extension)Information about the certificate's extensions and how to edit them
Array [
typestring requiredThe type of the extension element
Enumms_sidms_templatevaluestring | nullThe value of the extension element
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the extension element is editable by the requester
regexstring | nullThe regular expression to validate the extension element
mandatoryboolean | nullWhether the extension element is mandatory to submit this request
]
labelsarray of objects | null (Label)List of labels used internally to tag and group certificates
Array [
labelstring requiredThe name of the label
displayNamearray of objects | null (LocalizedString)The display name of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
descriptionarray of objects | null (LocalizedString)The description of the label element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
valuestring | nullThe value of the label element
computationRulestring | null (Computation Rule)The computation rule of the label element
mandatoryboolean | nullWhether the label element is mandatory to submit this request
editableboolean | nullWhether the label element is editable
regexstring | nullThe regex used to validate the label element
enumarray of string | nullThe enum used to validate the label element
suggestionsarray of string | nullThe suggestions used to recommend the label element values
]
contactEmailobject | null (Contact email)Information about the certificate's contact email and how to edit it
valuestring | nullThe contact email
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the contact email is editable by the requester
mandatoryboolean | nullWhether the contact email is mandatory to submit this request
regexstring | nullThe regular expression to validate the contact email
whitelistarray of string | nullThe list of allowed contact emails
descriptionarray of objects | null (LocalizedString)The description of the contact email
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
ownerobject | null (Certificate Owner)Information about the certificate's owner and how to edit it
valuestring | nullThe value of the owner element. This should be a principal identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
editableboolean | nullWhether the owner element is editable by the requester
mandatoryboolean | nullWhether the owner element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the owner element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
teamobject | null (Certificate Team)Information about the certificate's team and how to edit it
valuestring | nullThe value of the team element. This should be a team identifier
computationRulestring | null (Computation Rule)Computation rule input will be evaluated and will override all other inputs
authorizedarray of string | nullThe list of authorized teams
editableboolean | nullWhether the team element is editable by the requester
mandatoryboolean | nullWhether the team element is mandatory to submit this request
descriptionarray of objects | null (LocalizedString)The description of the team element
Array [
langstring requiredThe ISO 3166-1 (2-letters) code of the language used for the value
valuestring requiredThe localized value
]
dnWhitelistboolean | nullDN whitelist is enabled on this request
profilestring (Certificate profile) requiredThe profile for which to return the template.
certificateIdstring | null (Horizon certificate ID)Used to pre-fill the template field with the certificate values.
certificatePemstring | null (Certificate pem)Used to pre-fill the template field with the certificate values.
-
400 Invalid request
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Requesttitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Requestdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueREQ-010messagestring requiredA short, human-readable summary of the problem type
ValueProfile does not exist or is disabledtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueProfile does not exist or is disableddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-007messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Identity Providertitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Identity Providerdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-008messagestring requiredA short, human-readable summary of the problem type
ValueInvalid redirect pathtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid redirect pathdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-010messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Jwt Tokentitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Jwt Tokendetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
401 Unauthorized request
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid credentials or principal does not existtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid credentials or principal does not existdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-009messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
403 Forbidden action
application/jsonerrorstring requiredThe error code of the problem
ValueSEC-PERM-001messagestring requiredA short, human-readable summary of the problem type
ValueInsufficient privilegestitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInsufficient privilegesdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is not trustedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is not trusteddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-004messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-005messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is revokedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is revokeddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-006messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueREQ-007messagestring requiredA short, human-readable summary of the problem type
ValueUnauthorized Workflowtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnauthorized Workflowdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-004messagestring requiredA short, human-readable summary of the problem type
ValueExpired Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
404 No profile specified
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
500 Internal server error
application/jsonerrorstring requiredThe error code of the problem
ValueREQ-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected Errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected Errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807