Documentation Suite v25.2.1

Submit Search

PUT Alerts Issued

The PUT /Alerts/Issued method is used to update an issued certificate request alert. This method returns HTTP 200 OK on a success with details about the issued certificate request alert.

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

/monitoring/alerts/modify/

Important: Any previously populated fields that are not submitted with their full existing data using this method will be cleared of their existing data. When using this method, you should first do a GET to retrieve all the values for the record you want to update, enter corrected data into the field(s) you want to update, and then submit all the fields using PUT, including the fields that contain values but which you are not changing.

Table 224: PUT Alerts Issued Input Parameters

Name

Description

id Path An integer indicating the Keyfactor Command reference ID of the issued request alert.

DisplayName Body Required. A string indicating the display name for the issued request alert. This name appears in the issued request alerts grid in the Management Portal.

Subject

Body

Required. A string indicating the subject for the email message that will be delivered when the alert is triggered.

Tip: Substitutable special text may be used in the subject line. Substitutable special text uses a variable in the alert definition that is replaced by data from the certificate or certificate metadata at processing time. For example, you can enter {rcn} in the alert definition and each alert generated at processing time will contain the specific requested common name of the given certificate request instead of the variable {rcn}.

Message

Body

Required. A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

For example:

Copy

"Hello {requester:givenname}, \n\nThe certificate you requested in the name {cn} was successfully issued on {certnotbefore}. You can download it from here: \n\n{dnldlink} \n\nCertificate information includes: \n\n<table> \n<tr><th>Certificate Details</th><th>Metadata</th></tr> \n<tr><td>Serial Number: {serial}</td><td>App Owner First Name: {metadata:AppOwnerFirstName}</td></tr> \n<tr><td>Thumbprint: {thumbprint}</td><td>App Owner Last Name: {metadata:AppOwnerLastName}</td></tr> \n<tr><td>SANs: {san}</td><td>App Owner Email Address: {metadata:AppOwnerEmailAddress}</td></tr> \n<tr><td>DN: {dn}</td><td>Business Critical: {metadata:BusinessCritical}</td></tr> \n</table> \n\nThanks! \n\nYour Certificate Management System"

See Table 12: Substitutable Special Text for Issued Certificate Alerts in the Keyfactor Command Reference Guide for a complete list of available substitutable special text strings.

Note: The $(requester:givenname) substitutable special text token is only supported in environments using Active Directory as an identity provider.

Recipients

Body

An array of strings containing the recipients for the alert. Each alert can have multiple recipients. You can use specific email addresses and/or use substitutable special text to replace an email address variable with actual email addresses at processing time.

When entering email addresses on the Recipients parameter, if more than one recipient is added to a string, all recipients in that string receive the same email and can see the other recipients on the email. To do this, enter email addresses separated by commas or semi-colons withing the string. To include multiple strings, separate each string by a comma within the array.

"Recipients": [
 "{certemail}", 
 "pkiadmins@keyexample.com,bbrown@keyexample.com"
]

Available email substitutable special text strings include: {certemail} and any custom email-based metadata field, which would be specified similarly to: {metadata:AppOwnerEmailAddress}.

Note: Variables from the certificate must each be in a unique string and can not be added to a string with email addresses.

TemplateId

Body

An integer indicating the certificate template for which the issued request alerts will be generated. A separate alert should be configured for each template. An alert may be configured with no template, if desired. Alerts configured in this way generate alerts for all issued certificate requests.

Use the GET /Templates method (see GET Templates) to retrieve a list of all the templates to determine the template ID.

RegisteredEventHandler

Body

An object containing the event handler configuration for the alert, if applicable. Show event handler details.

Name

Description

An integer indicating the Keyfactor Command reference ID for the event handler.

ID	Event Handler Type
4	IssuedLogger
5	IssuedPowershell

UseHandler

A Boolean indicating whether event handler use is enabled for the alert (true) or not (false).

For more information about event handlers, see Using Event Handlers.

EventHandlerParameters

Body

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. Show event handler parameter details.

Name	Description
Id	An integer indicating the Keyfactor Command reference ID of the configured parameter.
Key	A string indicating the reference name of the configured parameter.
DefaultValue	A string indicating the value for the parameter. This value is related to the type of parameter (see ParameterType).
ParameterType	A string containing the parameter type. Supported types are: LogTarget This type is used for the event logging handler and is used to reference the fully qualified domain name of the target machine to which event should be logged. Script This type is used for the PowerShell handler and is used to reference the PowerShell script that should be run when the alert is triggeredIt is referenced using the script name as stored in the Keyfactor Command database (see Extensions Scripts). Token This type is used for the PowerShell handler and is used to reference a substitutable special text value that should be passed to the PowerShell script. See Table 12: Substitutable Special Text for Issued Certificate Alerts for a complete list of available substitutable special text strings. Value This type is used for the PowerShell handler and is used to reference a static text string that should be passed to the PowerShell script.

For example, for a PowerShell handler:

Copy

"EventHandlerParameters": [
   {
      "Id": 28,
      "Key": "cn",
      "DefaultValue": "cn",
      "ParameterType": "Token"
   },
   {
      "Id": 29,
      "Key": "AppOwnerFirstName",
      "DefaultValue": "metadata:AppOwnerFirstName",
      "ParameterType": "Token"
   },
   {
      "Id": 30,
      "Key": "Text",
      "DefaultValue": "Issued Alert: Enterprise Web Server",
      "ParameterType": "Value"
   },
   {
      "Id": 31,
      "Key": "DownloadLink",
      "DefaultValue": "dnldlink",
      "ParameterType": "Token"
   },
   {
      "Id": 32,
      "Key": "ScriptName",
      "DefaultValue": "MyScript.ps1",
      "ParameterType": "Script"
   }
]

Table 225: PUT Alerts Issued Response Data

Name

Description

An integer indicating the Keyfactor Command reference ID of the issued request alert.

DisplayName

A string indicating the display name for the issued request alert. This name appears in the issued request alerts grid in the Management Portal.

Subject

A string indicating the subject for the email message that will be delivered when the alert is triggered.

Message

A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

See Table 12: Substitutable Special Text for Issued Certificate Alerts in the Keyfactor Command Reference Guide for a complete list of available substitutable special text strings.

Recipients

"Recipients": [
 "{certemail}", 
 "pkiadmins@keyexample.com,bbrown@keyexample.com"
]

Available email substitutable special text strings include: {certemail} and any custom email-based metadata field, which would be specified similarly to: {metadata:AppOwnerEmailAddress}.

Note: Variables from the certificate must each be in a unique string and can not be added to a string with email addresses.

Template

An object containing information about the certificate template for which the issued request alerts will be generated. A separate alert should be configured for each template. An alert may be configured with no template, if desired. Alerts configured in this way generate alerts for all issued certificate requests. Show template details.

Name	Description
Id	An integer indicating the Keyfactor Command reference ID for the template, or null for All Templates.
DisplayName	A string containing the name of the template. For a template created using a Microsoft management tool, this will be the Microsoft template display name.
ForestRoot	A string indicating the forest root of the template. Note: This field is retained for legacy purposes and will be replaced by ConfigurationTenant field.
ConfigurationTenant	A string indicating the configuration tenant of the template.

RegisteredEventHandler

An object containing the event handler configuration for the alert, if applicable. Show event handler details.

Name

Description

An integer indicating the Keyfactor Command reference ID for the event handler.

ID	Event Handler Type
4	IssuedLogger
5	IssuedPowershell

DisplayName

A string containing the name of the event handler.

UseHandler

A Boolean indicating whether event handler use is enabled for the alert (true) or not (false).

For more information about event handlers, see Using Event Handlers.

EventHandlerParameters

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. Show event handler parameter details.

Name	Description
Id	An integer indicating the Keyfactor Command reference ID of the configured parameter.
Key	A string indicating the reference name of the configured parameter.
DefaultValue	A string indicating the value for the parameter. This value is related to the type of parameter (see ParameterType).
ParameterType	A string containing the parameter type. Supported types are: LogTarget This type is used for the event logging handler and is used to reference the fully qualified domain name of the target machine to which event should be logged. Script This type is used for the PowerShell handler and is used to reference the PowerShell script that should be run when the alert is triggeredIt is referenced using the script name as stored in the Keyfactor Command database (see Extensions Scripts). Token This type is used for the PowerShell handler and is used to reference a substitutable special text value that should be passed to the PowerShell script. See Table 12: Substitutable Special Text for Issued Certificate Alerts for a complete list of available substitutable special text strings. Value This type is used for the PowerShell handler and is used to reference a static text string that should be passed to the PowerShell script.

Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API

An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow

A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (

) at the top of the Management Portal page next to the Log Out button.

Was this page helpful? Provide Feedback

Version v25.2.1

On this page: