Resources

The resources use a data model that is supported by a set of client-side libraries that are made available on the files and libraries page.

There is a WADL document available that describes the resources API.

You may also enjoy the Swagger UI provided for this API.

name path methods description
CaResource
  • /ca
  • /ca/{ca}
  • /createcrl/{ca}
  • /getcrl/{ca}
  • GET
  • GET
  • GET
  • GET
List and manage an Admin's Certificate Authorities.
CertResource
  • /eeprofiles
  • /certprofiles/{eeprofile}
  • /findcerts/{user}
  • /getcert/{serial}/{issuer}
  • /markrecover/{serial}/{issuer}
  • /recover/{serial}/{issuer}
  • /softtokenrequest/{keyspec}/{keyalg}
  • /revokecert/{issuer}/{serial}/{reason}
  • GET
  • GET
  • GET
  • GET
  • POST
  • POST
  • POST
  • GET
Issue and revoke user certificates. Create user keystores. List certificate profiles.
PublicResource
  • /pickup
  • /enrol/{certtype}
  • POST
  • POST
Certificate enrollment and collection for certificate users.
TestResource
  • /ca/{ca}
  • /createca/{ca}/{dn}/{validity}/{keysize}/{algorithm}
  • DELETE
  • GET
Create and delete CAs quickly for test purposes. Generally CAs should be created through the backend CA admin portal, not this API.
UserResource
  • /revokeuser
  • /users
  • /users/{user}
  • /revokeuser/{user}/{reason}
  • POST
  • GET POST
  • GET
  • GET
Create, list, search, revoke and delete certificate users.

Data Types

JSON

type description
CertificateHolder
ExtendedInformationWS

Java class for extendedInformationWS complex type.

The following schema fragment specifies the expected content contained within this class.

 <complexType name="extendedInformationWS">
   <complexContent>
     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
       <sequence>
         <element name="name" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="value" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
       </sequence>
     </restriction>
   </complexContent>
 </complexType>
 
NameAndId

Java class for nameAndId complex type.

The following schema fragment specifies the expected content contained within this class.

 <complexType name="nameAndId">
   <complexContent>
     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
       <sequence>
         <element name="id" type="{http://www.w3.org/2001/XMLSchema}int"/>
         <element name="name" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
       </sequence>
     </restriction>
   </complexContent>
 </complexType>
 
RevokeStatus

Java class for revokeStatus complex type.

The following schema fragment specifies the expected content contained within this class.

 <complexType name="revokeStatus">
   <complexContent>
     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
       <sequence>
         <element name="certificateSN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="issuerDN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="reason" type="{http://www.w3.org/2001/XMLSchema}int"/>
         <element name="revocationDate" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
       </sequence>
     </restriction>
   </complexContent>
 </complexType>
 
SuccessResponse Wrapper for generic object, typically a message to indicate a successful transaction or a byte array that will be base64 encoded.
User End-entity certificate holder user ID.
UserDataVOWS

Java class for userDataVOWS complex type.

The following schema fragment specifies the expected content contained within this class.

 <complexType name="userDataVOWS">
   <complexContent>
     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
       <sequence>
         <element name="caName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="cardNumber" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="certificateProfileName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="certificateSerialNumber" type="{http://www.w3.org/2001/XMLSchema}integer" minOccurs="0"/>
         <element name="clearPwd" type="{http://www.w3.org/2001/XMLSchema}boolean"/>
         <element name="email" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="endEntityProfileName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="endTime" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="extendedInformation" type="{http://ws.protocol.core.ejbca.org/}extendedInformationWS" maxOccurs="unbounded" minOccurs="0"/>
         <element name="hardTokenIssuerName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="keyRecoverable" type="{http://www.w3.org/2001/XMLSchema}boolean"/>
         <element name="password" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="sendNotification" type="{http://www.w3.org/2001/XMLSchema}boolean"/>
         <element name="startTime" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="status" type="{http://www.w3.org/2001/XMLSchema}int"/>
         <element name="subjectAltName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="subjectDN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="tokenType" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
         <element name="username" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
       </sequence>
     </restriction>
   </complexContent>
 </complexType>
 
UserRequest
UserRevoke A request to revoke and/or delete a single user (used in batch revocation).
UsernamePassword