Introduction

The IBM Cloud™ Certificate Manager service provides REST API endpoints to manage SSL/TLS certificates and notification channels.

For more information about the service, see the Certificate Manager docs.

Endpoint URLs

Certificate Manager supports regional endpoint URLs that you can use to interact with the service over public or private service endpoints.

If you're working with a Certificate Manager instance that is accessible over public service endpoints, include the base URL in your API requests. Be sure to replace {region} with the location that is specific to your service instance.

To target Certificate Manager by using private service endpoints, add private to the beginning of each URL. For example, https://private.{region}.certificate-manager.cloud.ibm.com/api.

Endpoint URLs by location

  • Dallas: https://us-south.certificate-manager.cloud.ibm.com/api
  • Frankfurt: https://eu-de.certificate-manager.cloud.ibm.com/api
  • London: https://eu-gb.certificate-manager.cloud.ibm.com/api
  • Osaka: https://jp-osa.certificate-manager.cloud.ibm.com/api
  • Sydney: https://au-syd.certificate-manager.cloud.ibm.com/api
  • Tokyo: https://jp-tok.certificate-manager.cloud.ibm.com/api
  • Toronto: https://ca-tor.certificate-manager.cloud.ibm.com/api
  • Washington DC: https://us-east.certificate-manager.cloud.ibm.com/api

Base URL

https://{region}.certificate-manager.cloud.ibm.com/api

Testing out the APIs? You can also use the following URL to interact with a Swagger UI from your browser.

https://{region}.certificate-manager.cloud.ibm.com/docs

Authentication

Certificate Manager uses token-based IBM Cloud® Identity and Access Management (IAM) authentication.

To work with the Certificate Manager APIs, you need to provide a valid IAM token in each request to the service. You can generate an IAM token by first creating an IBM Cloud API key and then exchanging your API key for an IBM Cloud IAM token.

Don't have an API key? Try running ibmcloud iam oauth-tokens in the IBM Cloud Shell to quickly generate a personal access token.

To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see Managing access for Certificate Manager.

Example that uses IAM authentication

curl -X {request_method} "https://{base_url}/v3/{method_endpoint}" --header "Authorization: Bearer {IAM_token}"

Replace {IAM_token} with your IBM Cloud IAM access token.

Auditing

You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker. The specific event type is listed for each individual method.

For more information about how to track Certificate Manager activity, see Auditing events for Certificate Manager.

Error handling

Certificate Manager uses standard HTTP response codes to indicate indicate if a method completed successfully. A 200 HTTP response always indicates success. HTTP response codes with the format 4xx indicate a failure. A 500 HTTP response code usually indicates an internal system error that cannot be resolved by the user.

Status code summary
Status code Description
200 OK The request was processed successfully.
400 Bad Request The request could not be processed, often due to a missing required parameter.
401 Unauthorized The request could not be processed due to insufficient permissions.
404 Not Found TThe requested resource does not exist.
410 Gone The requested resource was deleted and no longer exists.
412 Disabled The Certificate Manager service instance is disabled and scheduled for deletion. To restore the instance, contact your administrator.
429 Too Many Requests The request could not be processed due to too many concurrent requests against the API.
500 Server Error Your request could not be processed due to an internal server error. Certificate Manager is currently unavailable.

Rate limiting

  • Creating notifications channels is limited to 5 actions per minute.
  • Updating notifications channels is limited to 5 actions per minute.
  • Testing notifications channels is limited to 1 action per second.
  • Importing or reimporting certificates is limited to 5 actions per minute.
  • Update operations on certificates are limited to 5 actions per minute.
  • Ordering certificates is limited to 5 orders per minute per Certificate Manager instance, 100 orders per hour per IBM user account, and 5 certificates for the same domains per week.
  • Renewing certificates is limited to 5 renews per minute per Certificate Manager instance, 100 renews per hour per IBM user account, and 5 certificates for the same domains per week.

Integration notes

Instance ID and certificate ID encoding

  • When you test the API by using the Swagger UI, there is no need to URL encode the instance ID or certificate ID. Swagger takes care of the URL encoding.
  • When you integrate the API in code, the instance ID and certificate ID must be URL encoded.

Importing certificates from the command line

  • If you use cURL to import certificates from the command line, you must replace all line breaks in the certificate data with \r\n.

Methods

List certificates

Retrieves a list of all certificates and their associated metadata.

GET /v3/{instance_id}/certificates

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificates.list

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificates.read

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

Query Parameters

  • The field to sort the certificates by.

    Allowable values: [expires_on,name,domains,issuer,algorithm,key_algorithm,imported,status]

  • The page number.

    Possible values: value ≥ 0

  • The number of certificates per page.

    Possible values: 2 ≤ value ≤ 200

  • The first CRN-based certificate ID to start with.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

  • The first value of the field that will be shown in a page, when the list is sorted by field.

  • curl -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v3/<URL encoded CRN-based instanceId>/certificates/

Response

Status Code

  • Successfully retrieved a list of all certificates.

  • The service instance ID wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Certificates repository metadata

Retrieves metadata of the certificates repository. The total number of certificates, the number of expired certificates, and the number of certificates expiring in the next 30 days.

GET /v2/{instance_id}/certificates/metadata

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificates.list

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificates-metadata.read

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • curl -X GET -H "accept: application/json" -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v2/<URL encoded CRN-based instanceId>/certificates/metadata

Response

Status Code

  • Metadata of the list of certificates.

  • The service instance ID wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Retrieve a list of certificates that is filtered by search parameter. Certificate name, domain or issuer fields will be searched. To search for an exact value, enclose your search term with double-quotes.

GET /v3/{instance_id}/certificates/search

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificates.list

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificates.search

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

Query Parameters

  • The field to sort the certificates by.

    Allowable values: [expires_on,name,domains,issuer,algorithm,key_algorithm,imported,status]

  • The search string.

    Possible values: length ≤ 250

  • The number of certificates per page.

    Possible values: 2 ≤ value ≤ 200

  • The page number.

    Possible values: value ≥ 0

  • A bookmark that was retrieved by a previous search.

  • The first CRN-based certificate ID to start with.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

  • curl -X GET -H "accept: application/json" -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v3/<URL encoded CRN-based instanceId>/certificates/search?order=expires_on&search_text=something&page_size=100&page_number=0

Status Code

  • Successfully retrieved a list of search results of the certificate.

  • The service instance ID wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Search results metadata

Retrieves metadata of the search results. The total number of certificates, the number of expired certificates, and the number of certificates expiring in the next 30 days that match the search term.

GET /v2/{instance_id}/certificates/search/metadata

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificates.list

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificates-metadata.search

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

Query Parameters

  • The search string.

    Possible values: length ≤ 250

  • curl -X GET -H "accept: application/json" -H "Authorization: Bearer" https://<api-endpoint>/api/v2/<URL encoded CRN-based instanceId>/certificates/search/metadata?search_text=something

Response

Status Code

  • Successfully retreieved metadata of the list of certificates.

  • The service instance ID wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Import a certificate

Import a certificate in Privacy-enhanced Electronic Mail (PEM) format with its private key. You can also import an intermediate certificate.

POST /v3/{instance_id}/certificates/import

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.import

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.import

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

The certificate data.

  • curl -X POST -H "Content-Type: application/json" -H "authorization: Bearer <IAM-token>" -d '{ "name":"<name>", "description":"<description>", "data":{ "content": "<certificate>", "priv_key": "<privateKey>", "intermediate": "<intermediate>" } }' https://<api-endpoint>/api/v3/<URL encoded CRN-based instanceId>/certificates/import

Response

Status Code

  • Successfully imported the certificate.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Order a certificate

Request to order a certificate.

POST /v1/{instance_id}/certificates/order

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.order

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.order

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

Certificate order data.

  • curl -X POST -H "Content-Type: application/json" -H "authorization: Bearer <IAM-token>" -d "{ \"name\":\"<name>\", \"description\":\"<description>\", \"domains\":[ \"<CN domain>\", \"<SAN domain>\" or \"Wildcard domain\" ], \"domain_validation_method\":\"dns-01\", \"issuer\": \"Let's Encrypt\", \"dns_provider_instance_crn\": \"<CRN-based instance ID of the IBM Cloud Internet Services instance that manages the domains>\", \"algorithm\": \"sha256WithRSAEncryption\", \"key_algorithm\": \"rsaEncryption 2048 bit\" }" https://<api-endpoint>/api/v1/<URL encoded CRN-based instanceId>/certificates/order

Response

Status Code

  • OK.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Renew a certificate

Request to renew a certificate.

POST /v1/certificate/{certificate_id}/renew

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.order

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.renew

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

Certificate renew data.

  • curl -X POST -H "Content-Type: application/json" -H "authorization: Bearer <IAM-token>" -d '{ "rotate_keys":"true|false"}' https://<api-endpoint>/api/v1/certificate/<URL encoded CRN-based certificateId>/renew

Response

Status Code

  • OK.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Update order policy

Request to update order policy

PUT /v1/certificate/{certificate_id}/order/policy

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.order

Auditing

Calling this method generates the following auditing events.

  • cloudcerts.certificate-order-autorenew.set-on

  • cloudcerts.certificate-order-autorenew.set-off

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

Certificate order policy data.

  • curl -X POST -H "Content-Type: application/json" -H "authorization: Bearer <IAM-token>" -d '{ "auto_renew_enabled":"true|false"}' https://<api-endpoint>/api/v1/certificate/<URL encoded CRN-based certificateId>/order/policy

Response

Status Code

  • OK.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Get certificate metadata

Request to get a service instance certificate metadata.

GET /v1/certificate/{certificate_id}/metadata

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate-metadata.read

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate-metadata.read

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

  • curl -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v1/certificate/<URL encoded CRN-based certificateId>/metadata

Response

Status Code

  • Retrieve the metadata of a certificate.

  • Certificate is not found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Get a certificate

Retrieve the certificate, its private key, and its intermediate certificate if present. If this is a reimported certificate, you can get the previous version using the query param version=previous.

GET /v2/certificate/{certificate_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.read

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.download

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

Query Parameters

  • Select previous to download the previously imported certificate, its private key and its intermediate certificate if present.

    Allowable values: [previous]

  • curl -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v2/certificate/<URL encoded CRN-based certificateId>

Response

Status Code

  • Successfully retrieved the certificate data.

  • The certificate wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Delete a certificate

Delete the requested certificate.

DELETE /v2/certificate/{certificate_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.delete

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.delete

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

  • curl -X DELETE -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v2/certificate/<URL encoded CRN-based certificateId>

Response

Status Code

  • Successfully deleted the requested certificate.

  • The certificate wasn't found.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Update a certificate's metadata

Update a certificate's name and description.

POST /v3/certificate/{certificate_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.update

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate-metadata.update

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

Update the data for a certificate.

  • curl -X POST -H "authorization: Bearer <IAM-token>" -H "content-type: application/json" -d '{"name":"<name>","description":"<description>"}' https://<api-endpoint>/api/v3/certificate/<URL encoded CRN-based certificateId>

Response

Status Code

  • Successfully updated the certificate.

  • The certificate wasn't found.

  • Too many requests.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Reimport a certificate

Reimport a certificate. The reimported certificate's domain(s) must match the current certificate's domain(s).

PUT /v1/certificate/{certificate_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.certificate.import

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.certificate.reimport

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based certificate ID.

    Possible values: Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}:certificate:[0-9a-f]{32}$

Reimport data for a certificate.

  • curl -X PUT -H "Content-Type: application/json" -H "authorization: Bearer <IAM-token>" -d '{ "content": "<content>", "priv_key": "<priv_key>", "intermediate": "<intermediate>" }' https://<api-endpoint>/api/v1/certificate/<URL encoded CRN-based certificateId>

Response

Status Code

  • Successfully reimported the certificate.

  • The certificate wasn't found.

  • Too many requests.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Get all notification channels

Retrieve all notification channels of the instance.

GET /v1/instances/{instance_id}/notifications/channels

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.list

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channels.list

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • curl -H "Authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/channels

Response

The list of notification channels.

Status Code

  • Successfully retrieved a list of all notification channels.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Create notification channel

Create a new notification channel.

PUT /v1/instances/{instance_id}/notifications/channels

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.create

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channel.create

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • curl -X PUT -H "authorization: Bearer <IAM-token>" -H "content-type: application/json" -d '{"type":"<type>","endpoint":"<endpoint>","is_active":<is_active>}' https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/channels

Response

Status Code

  • Successfully created a new notifications channel.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Update notification channel state

Update a notification channel's state.

PUT /v1/instances/{instance_id}/notifications/{channel_id}/state

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.update

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channel

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • Channel ID

  • curl -X PUT -H "authorization: Bearer <IAM-token>" -H "content-type: application/json" -d '{"enabled":true/false}' https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/<channelId>/state

Response

Status Code

  • Successfully updated the notifications channel state.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Update notification channel

Update a notification channel endpoint.

POST /v1/instances/{instance_id}/notifications/{channel_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.update

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channel.update

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • Channel ID

  • curl -X POST -H "authorization: Bearer <IAM-token>" -H "content-type: application/json" -d '{"endpoint":"<endpoint>"}' https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/<channelId>

Response

Status Code

  • Successfully updated the notification channel endpoint.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Delete notification channel

Delete a notification channel.

DELETE /v1/instances/{instance_id}/notifications/{channel_id}

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.delete

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channel.delete

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • Channel ID

  • curl -X DELETE -H "authorization: Bearer <IAM-token>" https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/<channelId>

Response

Status Code

  • Successfully deleted the notification channel.

  • The channel wasn't found

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Test notification channel

Test a notifications channel.

GET /v1/instances/{instance_id}/notifications/{channel_id}/test

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications-channel.test

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channel.test

Request

Custom Headers

  • The authorization token.

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

  • Channel ID

  • curl -X GET -H "accept: application/json" -H "Authorization: Bearer" -H "Content-Type: application/json" https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/<channelId>/test

Response

Status Code

  • Successfully sent a request to test a notification channel.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.

Get notifications public key

Retrieve the public key for Callback URL notifications.

GET /v1/instances/{instance_id}/notifications/publickey

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • cloudcerts.notifications.publickey

Auditing

Calling this method generates the following auditing event.

  • cloudcerts.notification-channels-publickey.read

Request

Path Parameters

  • The CRN-based service instance ID.

    Possible values: length ≥ 4, Value must match regular expression ^crn:.+:.+:.+:.+:.+:a\/[0-9a-f]{32}:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\:\:$

Query Parameters

  • The format of the required key.

    Allowable values: [jwk,pem]

    Default: jwk

  • curl -X GET -H "accept: application/json" https://<api-endpoint>/api/v1/instances/<URL encoded CRN-based instanceId>/notifications/publickey?keyFormat=jwk

Response

Status Code

  • Successfully retreived the notifications public key.

  • Resource wasn't found.

  • Instance is disabled.

  • Unexpected error.

No Sample Response

This method does not specify any sample responses.