API Change Log v12.0

APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. changes for this release of Keyfactor Command.

Table 878: API Change Log v12.0

Endpoint Methods Action Notes
/AgentBlueprint GET Fixed Requests can now successfully be submitted, no longer generating a 500 response.
/AgentBlueprint/{id} GET Fixed Requests can now successfully be submitted, no longer generating a 500 response.
/AgentBlueprint/ApplyBlueprint POST Fixed Requests can now successfully be submitted, no longer generating a 500 response.
/AgentBlueprint/GenerateBlueprint GET, POST Fixed Requests can now successfully be submitted, no longer generating a 500 response.
/Agents GET Updated

Added a parameter JobTypes to the response body which contains an array of strings indicating the job types correlated with the orchestrator.
/Agents/{id} GET Updated

Added a parameter JobTypes to the response body which contains an array of strings indicating the job types correlated with the orchestrator.
/Agents/{id} GET Fixed Endpoint now correctly returns empty strings rather than null for the thumbprint and legacythumbprint if these contain no value.
/Agents/{id} GET Fixed Request no longer returns 500 response and object reference error if an agent blueprint exists.
/Alerts/Expiration POST, PUT, GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/Alerts/Expiration/{id} GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/Alerts/KeyRotation POST, PUT, GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/Alerts/KeyRotation/{id} GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/Certificate/{id} GET Fixed Keyfactor API Reference and Utility no longer shows resolve error messages at the top of the page on opening or using the endpoint. This did not interfere with the functionality of the endpoint.
/CertificateAuthority/CAConnectors GET, POST Added Added endpoints for managing the CA connectors.
/CertificateAuthority/CAConnectors/{id} GET, POST, DELETE Added Added endpoints for managing the CA connectors.
/CertificateAuthority/TaskQueue GET, PUT Added Added endpoints for managing Rabbit MQ task queues.
/CertificateAuthority/TaskQueue PUT Updated Scope is no longer required. Resolve null reference when password is not supplied.
/CertificateAuthority/TaskQueue GET, PUT Updated Add Audience parameter.
/CertificateAuthority/TaskQueue/Test POST Added Added endpoints for managing Rabbit MQ task queues.
/CertificateAuthority/TaskQueue/Test POST Fixed Standardize rename of JobQueue to TaskQueue in request and response parameters and messages.
/CertificateCollections GET, POST, PUT Updated Includes attributes for EstimatedCertCount and LastEstimated in the returned certificate collection. The favorite and collection order values come from the CollectionOrder table instead of the CertificateQueries table.
/CertificateCollections/{id} DELETE Fixed Request no longer returns 500 response and object reference error with invalid ID.
/CertificateCollections/{id} DELETE Updated Updated this endpoint to remove the collection's ID from the CollectionOrder table (previously CertificateQueries table).
/CertificateCollections/{id} GET Updated Includes attributes for EstimatedCertCount and LastEstimated in the returned certificate collection.
/CertificateCollections/{id}/Favorite GET Updated The favorite value comes from the CollectionOrder table instead of the CertificateQueries table. On upgraded database: the CollectionOrder table is prepopulated with all collections that have Favorite (ShowInNavigator on the UI) set to true, and the ordering is determined alphabetically by the collection's Name column as to preserve the user's order of collections before the upgrade.
/CertificateCollections/{name} GET Updated Includes attributes for EstimatedCertCount and LastEstimated in the returned certificate collection.
/CertificateCollections/CollectionList GET Updated Includes attributes for EstimatedCertCount and LastEstimated in the returned certificate collection.
/CertificateCollections/CollectionOrdering GET, PUT Added Returns an array of collection IDs which denotes the collection's order in the Navigator.
Note:  The PUT endpoint is not displayed in the Keyfactor API Reference and Utility but does exist to match the same functionality available in the UI.
/CertificateCollections/Copy POST Updated Includes attributes for EstimatedCertCount and LastEstimated in the returned certificate collection. The favorite and collection order values come from the CollectionOrder table instead of the CertificateQueries table.
/CertificateCollections/NavItems GET Updated Updated to return list of collections in the order per the CollectionOrder table. Only the top 25 collections a user has read permissions on will show up in the Navigator.
/Certificates GET Update Results do not include revoked or expired certificates by default.
/Certificates/Download POST Updated Added the attribute Include Subject Header in the request body.
/Certificates/Import POST Fixed Request no longer returns response 500 on importing and adding to certificate store.
/Certificates/Metadata PUT Fixed Keyfactor API Reference and Utility (Swagger) example for providing the certificate ID in requests now correctly indicates the parameter name as Id.
/Certificates/Recover POST Updated Added the attribute Include Subject Header in the request body.
/CertificateStoreContainers POST Fixed A container with a blank name is no longer created if a request is submitted without a Container Name. Instead, a 400 is returned.
/CertificateStoreContainers GET Fixed Endpoint no longer returns internal parameters PerformRoleCheck and RoleIdList in Keyfactor API Reference and Utility results.
/CertificateStoreContainers/{id} GET Fixed Request no longer results in 500 response and error indicating Schedule string cannot be null if submitted without an inventory schedule.
/CertificateStores/Approve POST Updated An InventorySchedule attribute has been added to Manage Discovery Stores.

You can now choose to run the inventory Daily, on an Interval, Immediately, Weekly, Exactly Once, or set inventorying to Off

/CertificateStores/DiscoveryJob PUT Fixed Discovery jobs can now successfully be scheduled with this endpoint and no longer result in an object reference error.
/CertificateStores/Server GET, POST, PUT Removed  
/CertificateStoreTypes POST Fixed No longer possible to create a certificate store type with empty values for Name, Display Name and Type.

/Enrollment/CSR

POST Updated Added the attribute Include Subject Header in the request body.
/Enrollment/CSR POST Update Added the query attribute forceEnroll that sets whether CSRs generated within Keyfactor Command are allowed.
/Enrollment/PFX POST Updated Added the attribute Include Subject Header in the request body.
/Enrollment/PFX POST Fixed Submitting a request with a non-existant metadata value no longer produces an object reference error.
/MetadataFields GET, POST, PUT Updated A CaseSensitive attribute has been added for RegEx validation on string metadata fields in both requests (PUT and POST) and response bodies.
/MetadataFields/{id} GET Updated A CaseSensitive attribute has been added for RegEx validation on string metadata fields in the response body.
/MetadataFields/{name} GET Updated A CaseSensitive attribute has been added for RegEx validation on string metadata fields in the response body.
/Monitoring/Revocation POST, PUT, GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/Monitoring/Revocation/{id} GET Updated

The following parameters have been added to support using workflows for the alert:

  • UseWorkflows

  • WorkflowId

  • WorkflowName

  • WorkflowPublishedVersion

  • WorkflowEnabled
/OrchestratorJobs/Unschedule POST Fixed Request submitted with incorrect orchestrator ID now returns a 400 response with a message indicating that no jobs were founds with the provided query.
/PamProviders/Types/{id} DELETE Added Added as a V1 endpoint only. Requires PAM Modify Permissions. PAM can not be deleted if it is currently in use (i.e, a certificate store currently uses a PAM Provider of that type). This is only supported via API, and not Management Portal.
/Workflow/Instances/{instanceId}/Restart POST Fixed Request no longer returns a 500 response on restarting a suspended workflow instance.