GET Reports

The GET /Reports method is used to return all built-in reports with filtering and output options. This method returns HTTP 200 OK on a success with selected details of the reports. To view details of schedules and parameters for a report, use the GET /Reports/{id} method (see GET Reports ID).

Tip:  The following permissions (see Security Overview) are required to use this feature:

Reports: Read

Table 417: GET Reports Input Parameters

Name In Description
queryString Query

A string containing a query to limit the results (e.g. field1 -eq value1 AND field2 -gt value2). The default is to return all records. Fields available for querying through the APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. for the most part match those that appear in the Keyfactor Command Management Portal search dropdowns for the same feature. For querying guidelines, refer to the Keyfactor Command Reference GuideCertificate Search Page. The query fields supported for this endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server. are:

  • Categories (CertificateCounts, CertificateLifecycle, Certificate Locations, PKIOperations, SecurityVulnerability,SSHKeys)
  • Custom
  • Favorite (true, false)
  • InNavigator (true, false)
  • Scheduled (Number of schedules)
Tip:  This method offers limited searchable fields. The most useful search is probably by category. For example, to return all the reports tagged with the PKIClosed A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. Operations category:
Categories -contains "PKIOperations"
pageReturned Query An integer that specifies how many multiples of the returnLimit to skip and offset by before returning results, to enable paging. The default is 1.
returnLimit Query An integer that specifies how many results to return per page. The default is 50.
sortField Query A string containing the property by which the results should be sorted. Fields available for sorting through the API for the most part match those that appear as sortable columns in the Keyfactor Command Management Portal. The default sort field is DisplayName.
sortAscending Query An integer that sets the sort order on the returned results. A value of 0 sorts results in ascending order while a value of 1 sorts results in descending order. The default is ascending.

Table 418: GET Reports Response Data

Name Description
Id An integer containing the Keyfactor Command reference ID for the report.
Scheduled An integer indicating the number of schedules configured for the report.
DisplayName A string containing the display name for the report. This appears in the Keyfactor Command Management Portal on the Report Manager page, at the top of the page for the generated report, and on the menu.
Tip:  Exported reports use built-in names; modifying this value will not change the name that appears at the top of the exported version of a report (e.g. a PDF).
Description A string containing the description for the report. This appears in the Keyfactor Command Management Portal on the Report Manager page and at the top of the page for the generated report.
ReportPath A string containing the name of the report as referenced when retrieving it via Logi Analytics.
VersionNumber A string containing the version number for the report.
Categories

A string containing the report category or categories in which the report is found on the report manager page in the Keyfactor Command Management Portal. The possible values are:

  • CertificateCounts

  • CertificateLifecycle

  • CertificateLocations

  • PKIOperations

  • SecurityVulnerability

  • SSHKeys
ShortName A string containing the short reference name for the report.
InNavigator A Boolean that indicates whether the report has been configured to display on the Keyfactor Command Management Portal menu (true) or not (false).
Favorite A Boolean that indicates whether the report has been marked as a favorite (true) or not (false).
RemoveDuplicates A Boolean that indicates whether the report uses certificate de-duping logic in producing output (true) or not (false).
Tip:  When de-duplication is enabled for a report, the report results will include only the most recently issued certificate if there is more than one certificate that matches the de-duplication criteria. De-duplication can only be enabled for reports that use certificate collections—the UsesCollection parameterClosed A parameter or argument is a value that is passed into a function in an application.. The UsesCollection parameter is not user-configurable.

Certificate de-duping is configured on a certificate collectionClosed The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports). using the DuplicationField parameter (see POST Certificate Collections). This corresponds to the Keyfactor Command Management Portal "Ignore renewed certificate results by" option on a certificate collection. Certificate collections may be configured to be de-duplicated based on the certificate common nameClosed A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., distinguished name, or principal name (or not at all). Only certificates that share all the EKUs (e.g. Client Authentication and Server Authentication) as well as the same CNClosed A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., DNClosed A distinguished name (DN) is the name that uniquely identifies an object in a directory. In the context of Keyfactor Command, this directory is generally Active Directory. A DN is made up of attribute=value pairs, separated by commas. Any of the attributes defined in the directory schema can be used to make up a DN. or UPN will be eliminated as duplicates. If a certificate has more than one EKU and at least one EKU does not match an otherwise similar certificate with matching CN, DN or UPN, it will not be eliminated.
UsesCollection A Boolean that indicates whether the report uses a certificate collection as input for reporting (true) or not (false).