extender

Download Spec

get /authorizer/api/v1/{ca_type}/cas

Gets authorizer's extender CA certificates.

access_group_id

string

uuid

Access group id filter, if specified only certificates for the specifies access group are returned

Response

ExamplesSchema

Successful response, returns the root certificate object

[
  {
    "size": 123,
    "comment": "SSH PrivX CA default",
    "public_key": "AAAAB3NzaC1yc2EAAAADAQABAAACAQCsA6quFQ1Um8Mk/khMCulYwHDV7EUyQGyp4PW9x4Oq0l8UBy/yEs0SKvu6rzHOkwRiF0dJdBtue+Cl2OVd5e4sYp8I519WURuWsZXQsPEerTqkzsR5eInmSeqLYwqMfO5d4cOQ89AF17WXgqwv4x7uh5iRnBUy+rbB2X1LmBc08QZrwrbMrSSrtMwCT6uzCexTGOtE0cxfSND2+zsRSR3aNGwv6OFg7wQF7ccAUiiFVIVg/QmrUnQH6yMNkLmWa0IkH4WpgtwTGjZ9FDv84dtWd9cBeeADqQ6vkHBbd8Jdri5lELZyHvjnlA+e5vIsmC98hJ6ZS1axEewq5wIA01JYfpySxi15L+SgSt7898QewQy5HCDwE6qWgBGHUdqyJEUCbtB0Lvjcps5E1GPNspLJkRJ4dBiCyVaSdZoFuKlbSBWC/nRmdTZJiJEGUCf/fp6lr2VnpHEai7NxgNLwO+uBH+DF3elh+w12SegBfu9JukFZGbXNtGb9bZkylYuP72fh4r9QnOgYsV2pdJY7rxyxWbPU1NozWkYW70gJcKCsH0+5g0vDAqQvGiIm3pKqhcsPeaTpXN8lWhfPmiQlZ6HNr98im5af+1lw7JvGeCqNd2CSE9t4PGxN//w44bMjauvozepVRUczkVamjfLRmvzGGQrQHPcLilHEB+T0vgP31w==",
    "type": "ssh-rsa",
    "public_key_string": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsA6quFQ1Um8Mk/khMCulYwHDV7EUyQGyp4PW9x4Oq0l8UBy/yEs0SKvu6rzHOkwRiF0dJdBtue+Cl2OVd5e4sYp8I519WURuWsZXQsPEerTqkzsR5eInmSeqLYwqMfO5d4cOQ89AF17WXgqwv4x7uh5iRnBUy+rbB2X1LmBc08QZrwrbMrSSrtMwCT6uzCexTGOtE0cxfSND2+zsRSR3aNGwv6OFg7wQF7ccAUiiFVIVg/QmrUnQH6yMNkLmWa0IkH4WpgtwTGjZ9FDv84dtWd9cBeeADqQ6vkHBbd8Jdri5lELZyHvjnlA+e5vIsmC98hJ6ZS1axEewq5wIA01JYfpySxi15L+SgSt7898QewQy5HCDwE6qWgBGHUdqyJEUCbtB0Lvjcps5E1GPNspLJkRJ4dBiCyVaSdZoFuKlbSBWC/nRmdTZJiJEGUCf/fp6lr2VnpHEai7NxgNLwO+uBH+DF3elh+w12SegBfu9JukFZGbXNtGb9bZkylYuP72fh4r9QnOgYsV2pdJY7rxyxWbPU1NozWkYW70gJcKCsH0+5g0vDAqQvGiIm3pKqhcsPeaTpXN8lWhfPmiQlZ6HNr98im5af+1lw7JvGeCqNd2CSE9t4PGxN//w44bMjauvozepVRUczkVamjfLRmvzGGQrQHPcLilHEB+T0vgP31w== SSH IAM CA default",
    "x509_certificate": "MIIFfTCCA2WgAwIBAgIJAN0G1Mu8LyRYMA0GCSqGSIb3DQEBBQUAMGExEDAOBgNVBAMMB2RlZmF1bHQxCzAJBgNVBAMMAmNhMRYwFAYKCZImiZPyLGQBGRYGb3JkYWluMRMwEQYKCZImiZPyLGQBGRYDc3NoMRMwEQYKCZImiZPyLGQBGRYDY29tMB4XDTE2MTAxMzAzMzYwMFoXDTIxMTAxMjAzMzYwMFowYTEQMA4GA1UEAwwHZGVmYXVsdDELMAkGA1UEAwwCY2ExFjAUBgoJkiaJk/IsZAEZFgZvcmRhaW4xEzARBgoJkiaJk/IsZAEZFgNzc2gxEzARBgoJkiaJk/IsZAEZFgNjb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsA6quFQ1Um8Mk/khMCulYwHDV7EUyQGyp4PW9x4Oq0l8UBy/yEs0SKvu6rzHOkwRiF0dJdBtue+Cl2OVd5e4sYp8I519WURuWsZXQsPEerTqkzsR5eInmSeqLYwqMfO5d4cOQ89AF17WXgqwv4x7uh5iRnBUy+rbB2X1LmBc08QZrwrbMrSSrtMwCT6uzCexTGOtE0cxfSND2+zsRSR3aNGwv6OFg7wQF7ccAUiiFVIVg/QmrUnQH6yMNkLmWa0IkH4WpgtwTGjZ9FDv84dtWd9cBeeADqQ6vkHBbd8Jdri5lELZyHvjnlA+e5vIsmC98hJ6ZS1axEewq5wIA01JYfpySxi15L+SgSt7898QewQy5HCDwE6qWgBGHUdqyJEUCbtB0Lvjcps5E1GPNspLJkRJ4dBiCyVaSdZoFuKlbSBWC/nRmdTZJiJEGUCf/fp6lr2VnpHEai7NxgNLwO+uBH+DF3elh+w12SegBfu9JukFZGbXNtGb9bZkylYuP72fh4r9QnOgYsV2pdJY7rxyxWbPU1NozWkYW70gJcKCsH0+5g0vDAqQvGiIm3pKqhcsPeaTpXN8lWhfPmiQlZ6HNr98im5af+1lw7JvGeCqNd2CSE9t4PGxN//w44bMjauvozepVRUczkVamjfLRmvzGGQrQHPcLilHEB+T0vgP31wIDAQABozgwNjALBgNVHQ8EBAMCAYYwEwYDVR0lBAwwCgYIKwYBBQUHAwkwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQUFAAOCAgEAQkNdHQNSYrpFMGd7A4FUVHIiRL5stF5Znillozu2RCgSvUnZjX/3qJFcG6Go2jbOQukXc/Be1AbwcUYr+EEd6LjgWzEUuq+GcLnm6pj6eaoqinNVQ7RvivVCxRGsEBEBxib+YR6AeeCucP+FSl9Enri5zYBmmVBxB6R85S5CPaZ793OXXuJLS9qzX1ecwkEqiYt+8u6SxPXXeYQgh1libdsU9AHpaY86XDJQQLww/+iXk9H/iNo7leFKOQAJcfHiBwcLF5hZwQAzdnjUChThNGJI4S03dQFI4ii1pV5YRM/5O+S0M/ZQxr27OZKrKMiHMNQ5X3WEoJLtv1A60yYw1rrA0itMeiameqWNVtjTaJBNbO1A47lZTfi0DZC3s5HGi9Vs8QAur+tQtHICbPkxq5FThM95m05RhSJyyo1qzwRD7eU7/P+KZ2WmkMeROwmKhJw6Pvsmi2vQlUleDQnjxAMVzyTF5fIGllsaZAV9rY+jZxmu6VHS4yo4sBx00w9rIyIoMjR9wSVUpzZfCJkgeOsfu09KaN5vr1seW7xvaKOKTZqTY1kzZMZ9wah+SMCWokKS6qboXeOJ6ERmcDRBOq2I+slCkaaCP/apcNZFGP7YH9WcTZhb767IBZaPVdrjFVYoABbufyvs8HcHqfv7mcAtvUFnaf5Yi5S98KJhqc0=",
    "not_before": "2023-06-05T12:31:36Z",
    "not_after": "2028-06-03T12:31:36Z"
  }
]

get /authorizer/api/v1/{ca_type}/cas/{id}

Gets authorizer's extender CA certificate.

ca_type

string

required

CA type, "extender" or "icap"

id

string

required

CA id

Response

ExamplesSchema

Successful response, returns the root certificate as a download object

"string"

get /authorizer/api/v1/{ca_type}/cas/{id}/crl

Gets authorizer CA's certificate revocation list.

ca_type

string

required

CA type, "extender" or "icap"

id

string

required

CA id

Response

ExamplesSchema

Successful response, returns the certificate revocation list as a download object

"string"

post /authorizer/api/v1/{ca_type}/enroll

Enroll an EE certificate from extender CA

ca_id

string

Optional CA key UUID, if not specified the default extender CA is used

csr

string

required

Certificate signing request in PEM format

owner

string

required

Certificate owner UUID

Response

ExamplesSchema

Successful response, returns EE certificate in enroll response

{
  "id": "string",
  "cert": "string",
  "ca": "string"
}

post /authorizer/api/v1/{ca_type}/revoke

Revoke a certificate

reason

string

RFC 5280 CRL Entry Reason Code

owner

string

Optional certificate owner UUID (when revoking by owner)

cert

string

Optional certificate in PEM format (when revoking a specific certificate)

Response

ExamplesSchema

Successful response

{
  "ids": [
    "string"
  ]
}

post /authorizer/api/v1/extender/conf/{trusted_client_id}

Gets a extender-config.toml pre-configured for this PrivX installation

trusted_client_id

string

required

Trusted client ID used by the extender

Response

ExamplesSchema

Successful response, returns session id.

{
  "session_id": "string"
}

get /authorizer/api/v1/extender/conf/{trusted_client_id}/{session_id}

Gets a extender-config.toml pre-configured for this PrivX installation

trusted_client_id

string

required

Trusted client ID used by the extender

session_id

string

required

Session ID returned in /authorizer/api/v1/extender/conf/{trusted_client_id}

Response

ExamplesSchema

Successful response, returns the extender-config.toml.

"string"

Was this page helpful?