POST Alerts Key Rotation

The POST /Alerts/KeyRotation method is used to create a new SSHClosed The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. key rotation alert. This method returns HTTP 200 OK on a success with details about the SSH key rotation alert.

Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:

/monitoring/alerts/modify/

Table 189: POST Alerts Key Rotation Input Parameters

Name

In

 Description
DisplayName Body Required. A string indicating the display name for the SSH key rotation alert. This name appears in the SSH key rotation alerts grid in the Management Portal.
Subject Body

Required. A string indicating the subject for the email message that will be delivered when the alert is triggered.

Tip:  Substitutable special text may be used in the subject line. Substitutable special text uses a variable in the alert definition that is replaced by data from the key record at processing time. For example, you can enter {comment} in the alert definition and each alert generated at processing time will contain the specific key comment of the given SSH key instead of the variable {comment}.
Message Body

Required. A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

For example:

Copy 
"Hello,\n\nYou requested an SSH key pair almost a year ago with the following information: \n\n<table> \n<tr><th>Field</th><th>Value </th></tr> \n<tr><td>Username</td><td>{username}</td></tr> \n<tr><td>Fingerprint</td><td>{fingerprint}</td></tr> \n<tr><td>Comment</td><td>{comment}</td></tr> \n<tr><td>Key Length</td><td>{keylength}</td></tr> \n<tr><td>Key Type</td><td>{keytype}</td></tr> \n<tr><td>Number of Server Logons for Key</td><td>{serverlogons}</td></tr> \n</table> \n\nCorporate policy requires key rotation every year. Please visit the <a href=\"https://[your_server_name]/KeyfactorPortal/SshMyKey\"> My SSH Key Portal</a> for user keys or the <a href=\"https://[your_server_name]/KeyfactorPortal/SshServiceAccountKeys\"> Service Account Key Portal</a> for service account keys and request a new key pair. \n\nThanks!"

See Table 10: Substitutable Special Text for Key Rotation Alerts using the Legacy Alerting System for a complete list of available substitutable special text strings.
RotationWarningDays Body An integer indicating the number of days prior to the end of an SSH key's lifetime the alert should be triggered.
RegisteredEventHandler Body An object containing the event handler configuration for the alert, if applicable. ClosedShow event handler details.

For more information about event handlers, see Using Event Handlers.
EventHandlerParameters Body

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. ClosedShow event handler parameter details.

For example, for a PowerShell handler:

Copy 
"EventHandlerParameters": [
   {
      "Id": 28,
      "Key": "user",
      "DefaultValue": "username",
      "ParameterType": "Token"
   },
   {
      "Id": 29,
      "Key": "comment",
      "DefaultValue": "comment",
      "ParameterType": "Token"
   },
   {
      "Id": 30,
      "Key": "Text",
      "DefaultValue": "Key Rotation Alert: 3 Days",
      "ParameterType": "Value"
   },
   {
      "Id": 32,
      "Key": "ScriptName",
      "DefaultValue": "MyScript.ps1",
      "ParameterType": "Script"
   }
]
Use Workflows Body A Boolean indicating whether the alert uses workflows to deliver the alerts (true) or the legacy alerting system (false). The default is true.

Table 190: POST Alerts Key Rotation Response Data

Name Description
Id An integer indicating the Keyfactor Command reference ID of the SSH key rotation alert.
DisplayName A string indicating the display name for the SSH key rotation alert. This name appears in the SSH key rotation alerts grid in the Management Portal.
Subject

A string indicating the subject for the email message that will be delivered when the alert is triggered.

Tip:  Substitutable special text may be used in the subject line. Substitutable special text uses a variable in the alert definition that is replaced by data from the key record at processing time. For example, you can enter {comment} in the alert definition and each alert generated at processing time will contain the specific key comment of the given SSH key instead of the variable {comment}.
Message

A string indicating the email message that will be delivered when the alert is triggered. The email message is made up of regular text and substitutable special text. If desired, you can format the message body using HTML.

See Table 10: Substitutable Special Text for Key Rotation Alerts using the Legacy Alerting System for a complete list of available substitutable special text strings.
RotationWarningDays An integer indicating the number of days prior to the end of an SSH key's lifetime the alert should be triggered.
RegisteredEventHandler An object containing the event handler configuration for the alert, if applicable. ClosedShow event handler details.

For more information about event handlers, see Using Event Handlers.
EventHandlerParameters

An array of objects containing the parameters configured for use by the event handler. The type of data will vary depending on the configured handler. ClosedShow event handler parameter details.
Use Workflows A Boolean indicating whether the alert uses workflows to deliver the alerts (true) or the legacy alerting system (false).
Workflow Id A string indicating the Keyfactor Command reference GUID of the workflow used to deliver alerts for this key rotation alert.
Workflow Name A string indicating the name of the workflow used to deliver alerts for this key rotation alert.
Workflow Published Version An integer indicating the published version of the workflow used to deliver alerts for this key rotation alert.
Workflow Enabled A Boolean indicating whether the workflow used to deliver alerts for this key rotation alert is enabled (true) or not (false).
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflowClosed A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.