PUT Alerts Pending

The PUT /Alerts/Pending method is used to update a pending certificate request alert. This method returns HTTP 200 OK on a success with details about the pending certificate request alert.

Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:

/monitoring/alerts/modify/

Important:  Any previously populated fields that are not submitted with their full existing data using this method will be cleared of their existing data. When using this method, you should first do a GET to retrieve all the values for the record you want to update, enter corrected data into the field(s) you want to update, and then submit all the fields using PUT, including the fields that contain values but which you are not changing.

Table 216: PUT Alerts Pending Input Parameters

Name

In

 Description
id Path An integer indicating the Keyfactor Command reference ID of the pending request alert.
DisplayName Body Required. A string indicating the display name for the pending request alert. This name appears in the pending request alerts grid in the Management Portal.
Subject Body

Required. A string indicating the subject for the email message that will be delivered when the alert is triggered.

Tip:  Substitutable special text may be used in the subject line. Substitutable special text uses a variable in the alert definition that is replaced by data from the certificate request or certificate metadata at processing time. For example, you can enter {rcn} in the alert definition and each alert generated at processing time will contain the specific requested common name of the given certificate request instead of the variable {rcn}.
Message Body

Required. A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

For example:

Copy 
"Hello,\n\nA certificate using the {template} template was requested by {requester:displayname} from {careqid} on {subdate}. The certificate details include: \n\n<table> \n<tr><th>Certificate Details </th><th>Metadata </th></tr> \n<tr><td>CN: {rcn}</td><td>App Owner First Name: {metadata:AppOwnerFirstName}</td></tr> \n<tr><td>DN: {rdn}</td><td>App Owner Last Name: {metadata:AppOwnerLastName}</td></tr> \n<tr><td>SANs: {san}</td><td>App Owner Email Address: {metadata:AppOwnerEmailAddress}</td></tr> \n<tr><td>&nbsp;</td><td>Business Critical: {metadata:BusinessCritical}</td></tr> \n</table> \n\nPlease review this request and issue the certificate as appropriate by going here: \n\n{apprlink} \n\nThanks! \n\nYour Certificate Management Tool\n"

See Table 11: Substitutable Special Text for Pending Request Alerts for a complete list of available substitutable special text strings.

Note:  The $(requester:givenname) substitutable special text token is only supported in environments using Active Directory as an identity provider.
Recipients Body

An array of strings containing the recipients for the alert. Each alert can have multiple recipients. You can use specific email addresses and/or use substitutable special text to replace an email address variable with actual email addresses at processing time. Available email substitutable special text strings include:

  • {requester:mail}
    The certificate requester, based on a lookup in Active Directory of the email address associated with the requester on the certificate.

    Note:  The $(requester:mail) substitutable special text token is only supported in environments using Active Directory as an identity provider.

  • Your custom email-based metadata field, which would be specified similarly to {metadata:AppOwnerEmailAddress}.
TemplateId Body

An integer indicating the certificate template for which the pending request alerts will be generated. A separate alert should be configured for each template. An alert may be configured with no template, if desired. Alerts configured in this way generate alerts for all pending certificate requests.

Use the GET /Templates method (see GET Templates) to retrieve a list of all the templates to determine the template ID.
RegisteredEventHandler Body An object containing the event handler configuration for the alert, if applicable. ClosedShow event handler details.

For more information about event handlers, see Using Event Handlers.
EventHandlerParameters Body

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. ClosedShow event handler parameter details.

For example, for a PowerShell handler:

Copy 
"EventHandlerParameters": [
   {
      "Id": 28,
      "Key": "cn",
      "DefaultValue": "rcn",
      "ParameterType": "Token"
   },
   {
      "Id": 29,
      "Key": "AppOwnerFirstName",
      "DefaultValue": "metadata:AppOwnerFirstName",
      "ParameterType": "Token"
   },
   {
      "Id": 30,
      "Key": "Text",
      "DefaultValue": "Pending Alert: Enterprise Web Server",
      "ParameterType": "Value"
   },
   {
      "Id": 31,
      "Key": "ApprovalLink",
      "DefaultValue": "apprlink",
      "ParameterType": "Token"
   },
   {
      "Id": 32,
      "Key": "ScriptName",
      "DefaultValue": "MyScript.ps1",
      "ParameterType": "Script"
   }
]

Table 217: PUT Alerts Pending Response Data

Name Description
Id

An integer indicating the Keyfactor Command reference ID of the pending request alert.
DisplayName A string indicating the display name for the pending request alert. This name appears in the pending request alerts grid in the Management Portal.
Subject

A string indicating the subject for the email message that will be delivered when the alert is triggered.

Tip:  Substitutable special text may be used in the subject line. Substitutable special text uses a variable in the alert definition that is replaced by data from the certificate request or certificate metadata at processing time. For example, you can enter {rcn} in the alert definition and each alert generated at processing time will contain the specific requested common name of the given certificate request instead of the variable {rcn}.
Message

A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

See Table 11: Substitutable Special Text for Pending Request Alerts for a complete list of available substitutable special text strings.
Recipients

An array of strings containing the recipients for the alert. Each alert can have multiple recipients. You can use specific email addresses and/or use substitutable special text to replace an email address variable with actual email addresses at processing time. Available email substitutable special text strings include:

  • {requester:mail}
    The certificate requester, based on a lookup in Active Directory of the email address associated with the requester on the certificate.

  • Your custom email-based metadata field, which would be specified similarly to {metadata:AppOwnerEmailAddress}.
Template An object containing information about the certificate template for which the pending request alerts will be generated. A separate alert should be configured for each template. An alert may be configured with no template, if desired. Alerts configured in this way generate alerts for all pending certificate requests. ClosedShow template details.
RegisteredEventHandler An object containing the event handler configuration for the alert, if applicable. ClosedShow event handler details.

For more information about event handlers, see Using Event Handlers.
EventHandlerParameters

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. ClosedShow event handler parameter details.
CARequestId A string containing the CA's reference ID for the certificate request.
CommonName A string indicating the common name of the certificate.
LogicalName A string indicating the logical name of the certificate authority.
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.