The POST /Security/Claims method is used to create a new security claim in Keyfactor Command. This method returns HTTP 200 OK on a success with the details of the new security claim.
Tip: The following permissions (see Security Roles and Claims) are required to use this feature:
/security/modify/
The user must hold a role containing this permission in the Global Permission Set (see Permission Sets).
Table 630: POST Security Claims Input Parameters
| Name | In | Description |
|---|---|---|
| Description | Body | Required. A string indicating a description for the security claim. |
| Claim Type | Body |
Required. A string indicating the type of claim. |
| Claim Value | Body | Required. A string containing the identifying information for the entity specified in the claim. For Active Directory users and groups, this will be in the form DOMAIN\user or group name (e.g. KEYEXAMPLE\PKI Administrators). For Active Directory computers, this will be in the form of a machine account (e.g. KEYEXAMPLE\MyServer$). |
| Provider Authentication Scheme | Body | A string indicating the provider authentication scheme (e.g. Active Directory, or Client Certificate Authentication CA, or unknown). |
Table 631: POST Security Claims Response Data
| Name | Description |
|---|---|
| Id | An integer containing the Keyfactor Command reference ID for the security claim. |
| Description | A string indicating a description for the security claim. |
| Claim Type |
A string indicating the type of claim. |
| Claim Value | A string containing the identifying information for the entity specified in the claim. For Active Directory users and groups, this will be in the form DOMAIN\user or group name (e.g. KEYEXAMPLE\PKI Administrators). For Active Directory computers, this will be in the form of a machine account (e.g. KEYEXAMPLE\MyServer$). |
| Provider |
An object containing information about the provider assigned to the security claim. |
| Provider Authentication Scheme | A string indicating the provider authentication scheme (e.g. Active Directory, or Client Certificate Authentication CA, or unknown). |
Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API
An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (
) at the top of the Management Portal page next to the Log Out button.
An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.