POST Workflow Certificates Deny

Documentation Suite v10.4

The POST /Workflow A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked./Certificates/Deny method will attempt to deny the provided pending certificate enrollment Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). request(s) that require manager approval at the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. level. The certificate request IDs should be supplied in the request body as a JSON array of integers. This method returns HTTP 200 OK on a success with details about successful, failed and denied denial requests.

Note: Certificate requests that require approval at the Keyfactor Command workflow level (see Workflow Definitions in the Keyfactor Command Reference Guide) are not managed with this endpoint

An endpoint is a URL that enables the API to gain access to resources on a server.. Instead, refer to the Workflow Definitions and Workflow Instances endpoints (see Workflow Definitions and Workflow Instances).

Note: Certificate requests that require approval at the CA level are supported only for Microsort CAs and select CA gateways. This feature is not supported for EJBCA CAs. Use workflow for configuring Keyfactor Command-level approvals for EJBCA CAs (see Workflow Definitions in the Keyfactor Command Reference Guide).

Tip: The following permissions (see Security Overview) are required to use this feature:

WorkflowManagement: Participate

Table 631: POST Workflow Certificates Deny Input Parameters

Name	In	Description
CertificateRequestIds	Body	Required. An array of Keyfactor Command certificate request IDs for certificate requests that should be denied in the form: [23,45,12] Use the GET /Workflow/Certificates/Pending method (see GET Workflow Certificates Pending) to retrieve a list of all the pending certificate requests to determine the certificate request's IDs.
Comment	Body	A string providing a comment regarding the denial. This comment can be delivered to the requester or other interested party using a denied request alert.

Table 632: POST Workflow Certificates Deny Response Data

Name

Description

Successes

An array of the successful denial response details. Show response details.

Name	Description
CAHost	Host name of the certificate authority to which the certificate enrollment request was submitted.
CALogicalName	Logical name of the certificate authority to which the certificate enrollment request was submitted.
CARequestId	The row index of the certificate request in the certificate authority.
KeyfactorRequestId	An integer indicating the Keyfactor Command reference ID for the requested certificate as stored in the Keyfactor Command database. This is not the same as the request ID issued by the CA. This maps to the Id response parameter for the GET /Workflow/Certificate/Pending method.
Comment	A comment about the denial. For example, for a deny that succeeds, the comment will be “Successful”. Denies that fail or are denies will have alternate comments (see below).

Failures

An array of the failed approval response details containing the information noted above for successes. Failures of this type are generally exceptions.

Denials

An array of the denial requests that were denied containing the information noted above for successes. Denials are usually the result of insufficient user permissions required to perform the deny.

Tip: For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon (

) at the top of the Keyfactor Command Management Portal page next to the Log Out button.

POST Workflow Certificates Deny

Products

Resources

Company