API
An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. changes for this release of Keyfactor Command.
Table 1112: API Change Log v25.3
| Endpoint | Methods | Action | Notes |
|---|---|---|---|
|
/Alerts/Expiration |
POST, PUT, GET |
Updated | Expiration alerts are scheduled per alert. |
| /Alerts/Expiration/{id} | GET | Updated | Expiration alerts are scheduled per alert. |
|
/Alerts/Expiration/Schedule |
GET, PUT |
Deprecated | Expiration alerts are scheduled per alert. |
| /Alerts/Expiration/Test | POST | Deprecated | Expiration alerts are scheduled per alert. |
| /Alerts/Expiration/TestAll | POST | Deprecated | Expiration alerts are scheduled per alert. |
| /Alerts/KeyRotation/Test | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility. |
| /Alerts/KeyRotation/TestAll | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility. |
| /Alerts/Pending/Test | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility. |
| /Alerts/Pending/Test{id} | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility. |
| /Analytics/Certificates/Count | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/Certificates/Count/Collections | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/Certificates/Count/SigningAlgorithms | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/Certificates/Count/Templates | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/Certificates/Count/WeakKeys | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/SSL/Networks/Endpoints | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Analytics/SSL/Networks/Endpoints/Status | GET | Added |
Endpoint used to generate the data for the dashboard. Note: The Analytics collection is in beta; endpoints and parameters are subject to change in future releases of Keyfactor Command.
|
| /Audit/Download | GET | Updated | PageReturned and ReturnLimit removed. |
| /Certificates/{id}/Owner | PUT | Updated | When considering the ContainerId parameter for authorization via certificate store container level permissions, also consider system-level certificate collection permissions in the order: System-wide collection permissions > system-wide container permissions > granular container permissions. |
| /Certificates/Download | POST | Updated | The FileExtension property has been added. The x-certificatefile response header returns the certificate file name based on the FileExtension. |
| /Certificates/Metadata | PUT | Fixed | Email type metadata fields now correctly handle input with multiple entries separated by commas. |
| /Certificates/Metadata | PUT | Updated | When considering the ContainerId parameter for authorization via certificate store container level permissions, also consider system-level certificate collection permissions in the order: System-wide collection permissions > system-wide container permissions > granular container permissions. |
| /Certificates/Owner | PUT | Added | New endpoint to update the certificate owner for multiple certificates. |
| /Certificates/Recover | POST | Updated | When considering the ContainerId parameter for authorization via certificate store container level permissions, also consider system-level certificate collection permissions in the order: System-wide collection permissions > system-wide container permissions > granular container permissions. |
| /Certificates/Recover | POST | Updated | The FileExtension property has been added. The x-certificatefile response header returns the certificate file name based on the FileExtension. |
| /Certificates/Revoke | POST | Updated | When considering the ContainerId parameter for authorization via certificate store container level permissions, also consider system-level certificate collection permissions in the order: System-wide collection permissions > system-wide container permissions > granular container permissions. |
| /Enrollment/CSR | POST | Updated | The FileExtension property has been added. The x-certificatefile response header returns the certificate file name based on the FileExtension. |
| /Enrollment/PFX | POST | Updated | The FileExtension property has been added. The x-certificatefile response header returns the certificate file name based on the FileExtension. |
| /Enrollment/Renew | POST | Updated | ContainerId parameter has been added to support providing authorization via certificate store container level permissions. |
| /EnrollmentPattern | PUT, POST | Updated | Due to a change to the Management Portal, these endpoints have been updated to ensure that the ML-DSA policy overrides are synced per enrollment pattern. If the user attempts to edit/add an enrollment pattern with one, but not all, ML-DSA policies, a policy is created for all ML-DSA algorithms, defaulted to not supported, if the algorithm policy was not explicitly defined. |
| /Identity/Providers | GET, POST | Updated | Parameters RequestHeaders and RequestURLParameters have been added to support custom requests to the OAuth server. DataType 4 (List) has been added to support these parameters. |
| /Identity/Providers/{id} | GET, PUT | Updated | Parameters RequestHeaders and RequestURLParameters have been added to support custom requests to the OAuth server. DataType 4 (List) has been added to support these parameters. |
| /Identity/Providers/Types | GET | Updated | DataType 4 (List) has been added to the TypeParameters response values. |
| /Monitoring/Revocation/Test | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility. |
| /Monitoring/Revocation/TestAll | POST | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility |
| /Templates/Settings | PUT, GET | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility |
| /Templates/SubjectParts | GET | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility |
| /Security/My | GET | Deprecated | This endpoint has been deprecated. It is retained for backwards compatibility, but new development should use the GET /Security/My/Permissions method. |
| /Security/My/Permissions | GET | Added | New endpoint to retrieve permissions for the current user. |
| /Workflow/Instances/{instanceId} | GET | Updated | The InitialData and CurrentStateData objects now contain the RestartedWorkflowInstanceId value. For restarted workflows, this is a string indicating the Keyfactor Command reference GUID of the failed or suspended workflow instance that was restarted. |
Was this page helpful? Provide Feedback