POST Workflow Certificates Deny

The POST /Workflow A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store./Certificates/Deny method will attempt to deny the provided pending certificate enrollment Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). request(s) that require manager approval at the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. level. This method returns HTTP 200 OK on a success with details about successful, failed and denied denial requests.

Note: Certificate requests that require approval at the Keyfactor Command workflow level (see Workflow Definitions in the Keyfactor Command Reference Guide) are not managed with this endpoint

An endpoint is a URL that enables the API to gain access to resources on a server.. Instead, refer to the Workflow Definitions and Workflow Instances endpoints (see Workflow Definitions and Workflow Instances).

Note: Certificate requests that require approval at the CA level are supported only for Microsort CAs and select CA gateways. This feature is not supported for EJBCA CAs. Use workflow for configuring Keyfactor Command-level approvals for EJBCA CAs (see Workflow Definitions in the Keyfactor Command Reference Guide).

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

/certificates/requests/manage/

Table 866: POST Workflow Certificates Deny Input Parameters

Name	In	Description
CertificateRequestIds	Body	Required. An array of integers indicating the Keyfactor Command certificate request IDs for certificate requests that should be denied in the form: [23,45,12] Use the GET /Workflow/Certificates/Pending method (see GET Workflow Certificates Pending) to retrieve a list of all the pending certificate requests to determine the certificate request's IDs.
Comment	Body	A string providing a comment regarding the denial. This comment can be delivered to the requester or other interested party using a denied request alert.

Table 867: POST Workflow Certificates Deny Response Data

Name

Description

Successes

An array of strings indicating the successful denial response details. Show response details.

Name	Description
CAHost	Host name of the certificate authority to which the certificate enrollment request was submitted.
CALogicalName	Logical name of the certificate authority to which the certificate enrollment request was submitted.
CARequestId	The row index of the certificate request in the certificate authority.
KeyfactorRequestId	An integer indicating the Keyfactor Command reference ID for the requested certificate as stored in the Keyfactor Command database. This is not the same as the request ID issued by the CA. This maps to the Id response parameter for the GET /Workflow/Certificate/Pending method.
Comment	A comment about the denial. For example, for a deny that succeeds, the comment will be “Successful”. Denies that fail or are denies will have alternate comments (see below).

Failures

An array of strings indicating the failed approval response details containing the information noted above for successes. Failures of this type are generally exceptions.

Denials

An array of strings indicating the denial requests that were denied containing the information noted above for successes. Denials are usually the result of insufficient user permissions required to perform the deny.

Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API

An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (

) at the top of the Management Portal page next to the Log Out button.

Was this page helpful? Provide Feedback

Version v25.1.1

On this page: