POST Certificates Revoke All
POST Certificates Revoke All
The POST /Certificates/RevokeAll method is used to revoke all the certificates in the specified query or collection The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports). ID. This endpoint
An endpoint is a URL that enables the API to gain access to resources on a server. returns 204 with no content upon success.
Certificate permission can be granted at either the global or collection level. See note under CollectionId, below.




Table 217: POST Certificates Revoke All Input Parameters
Name | In | Description |
---|---|---|
Query | Body | Required*. A string containing a query to limit the certificates to revoke (e.g. field1 -eq value1 AND field2 -gt value2). Fields available for querying through the API![]() |
Reason | Body |
An integer containing the specific reason that the certificates are being revoked. The default is Unspecified. |
Comment | Body | Required. A string containing a freeform reason or comment on why the certificates are being revoked. |
EffectiveDate | Body | The date and time when the certificate will be revoked. The date and time should be given using the ISO 8601 UTC time format YYYY-MM-DDTHH:mm:ss.000Z (e.g. 2021-05-19T16:23:01Z). The default is the current date and time. |
IncludeRevoked | Body | A Boolean that indicates whether revoked certificates should be included in the revocation (true) or not (false). The default is false. |
IncludeExpired | Body | A Boolean that indicates whether expired certificates should be included in the revocation (true) or not (false). The default is false. |
CollectionId | Query | Required*. An integer specifying an optional certificate collection identifier to validate that the user executing the request has sufficient permissions to do so. If a certificate collection ID is not supplied, the user must have global permissions to complete the action. Supplying a certificate collection ID allows for a check of the user's certificate collection-level permissions to determine whether the user has sufficient permissions at a collection level to complete the action. See Certificate Permissions in the Keyfactor Command Reference Guide for more information. This field can also be used to specify the certificate collection containing certificates that should be revoked. A value for either Query or CollectionId is required. If both Query and CollectionId are specified, certificates from both sources will be revoked. |