Skip to main content

Access Control (REST) API - Token Signing Certificates

This section includes REST APIs for working with Access Control Token Signing Certificate tasks.

Generate a New Token Signing Certificate - POST /TokenSigningCertificateGeneration

Generate a new token signing certificate.

Notice

The ‘Manage System Settings’ permission is required to execute this API.

Usage:

  1. POST /TokenSigningCertificateGeneration and generate a new token signing certificate

  2. POST /TokenSigningCertificate and upload a new token signing certificate

URL

/cxrestapi/auth/TokenSigningCertificateGeneration

Method:

POST

Media Type (header):

Authorization: Bearer <access token value>

Content-Type: application/json;v=1.0

Parameters

None

Success Response:

Code: 201 Success

Error Response:

Code: 401 Unauthorized

Code: 403 Forbidden

Sample Response:

no content

Notes:

Returns the location of the created token signing certificate in the response header. If the request fails, it returns an error response.

Upload a New Token Signing Certificate - POST /TokenSigningCertificate

Upload a new token signing certificate.

Notice

The ‘Manage System Settings’ permission is required to execute this API.

Usage:

  1. https://checkmarx.atlassian.net/wiki/spaces/CCD/pages/707297588 and generate a new token signing certificate

  2. POST /TokenSigningCertificate and upload a new token signing certificate

URL

/cxrestapi/auth/TokenSigningCertificate

Method:

POST

Media Type (header):

Authorization: Bearer <access token value>

Content-Type: application/json;v=1.0

Parameters

Content-type [multipart/form-data]: Specifies the token signing certificate details

CertificateFile=[file] - Certificate file

CertificatePassword=[string] - Certificate password

Success Response:

Code: 201 Success (returns location of the token signing certificate in the response header)

Error Response:

Code: 400 Bad Request

Code: 401 Unauthorized

Code: 403 Forbidden

Sample Response:

no content

Notes:

Returns the location of the uploaded token signing certificate in the response header. If the request fails, it returns an error response.

In this section: