GlobalSign QSS API documentation version v1.3
https://emea.api.qss.globalsign.com:8443/
Qualified Signing Service API
/login
Login to obtain a JWT token for authentication on further requests
post /login
Login to obtain a JWT token for authentication on further requests
Headers
- Content-Type: required(string - pattern: ^application/json;charset=utf-8$)
Request Content-Type
- Content-Length: required(integer - minimum: 1)
Length of the request in bytes
- X-SSL-Client-Serial: (string)
SSL Client Certificate serial number
Body
Media type: application/json;charset=utf-8
Type: object
Properties- api_key: required(string - pattern: ^[A-Fa-f0-9]{16}$)
- api_secret: required(string - pattern: ^[A-Fa-f0-9]{40}$)
Example:
{
"api_key": "e510e289e6cd8947",
"api_secret": "a477a8393d17a55ecb2ba6a61f58feb84770b621"
}HTTP status code 200
Authentication was successful
Headers
- Authorization: required(string)
The Authorization header
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
Body
Media type: application/json;charset=utf-8
Type: object
Properties- access_token: required(string)
Example:
{
"access_token": "eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ"
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Returned on unsuccessful authentication
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 411
Request Content-Length is absent or 0
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Content-Length required"
}HTTP status code 415
Request content type is not application/json;charset=utf-8
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Content-Type"
}HTTP status code 422
Malformed authentication request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Invalid credentials"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/users
Submit a request for a new user
post /users
Submit a request for a new user
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ - Content-Type: required(string - pattern: ^application/json;charset=utf-8$)
Request Content-Type
- Content-Length: required(integer - minimum: 1)
Length of the request in bytes
Body
Media type: application/json;charset=utf-8
Type: object
Properties- given_name: required(string - maxLength: 50)
Given name used to identify the user
- surname: required(string - maxLength: 50)
Surname used to identify the user
- mobile_no: required(string - maxLength: 100)
Mobile number to verify a user request
- email: required(string - maxLength: 100)
Email address to verify a user request, the email address uniquely identifies the user for that organisation
Example:
{
"given_name": "Yeknod",
"surname": "Orrub",
"mobile_no": "0044678924758",
"email": "yeknod@orrub.com"
}HTTP status code 201
Successfully created a new user
Body
Media type: application/json;charset=utf-8
Type: object
Properties- user_id: required(string - minLength: 10 - maxLength: 10 - pattern: ^([a-z0-9]{10})$)
ID of the user, represented as a 10 character string containing lowercase letters and digits
Example:
{
"user_id": "i5wnzmc3ug"
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 411
Request Content-Length is absent or 0
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Content-Length required"
}HTTP status code 415
Request content type is not application/json;charset=utf-8
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Content-Type"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 429
Request rate exceeded the set limit
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Rate Limit Reached"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Retrieve the user
Update the user
Delete a user
get /users/{email}
Retrieve the user
URI Parameters
- email: required(email)
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
The user was successfully retrieved
Body
Media type: application/json;charset=utf-8
Type: object
Properties- given_name: required(string - maxLength: 50)
Given name used to identify the user
- surname: required(string - maxLength: 50)
Surname used to identify the user
- mobile_no: required(string - maxLength: 100)
Mobile number to verify a user request
- email: required(string - maxLength: 100)
Email address to verify a user request, the email address uniquely identifies the user for that organisation
- user_id: required(string - minLength: 10 - maxLength: 10 - pattern: ^([a-z0-9]{10})$)
The id of the user
- status: required(one of ACTIVE, INACTIVE, BLOCKED)
Status of the user
- created_at: required(string)
Timestamp the user was created
- last_updated_at: (string)
Timestamp the user was last updated
Example:
{
"user_id": "i5wnzmc3ug",
"status": "ACTIVE",
"given_name": "Yeknod",
"surname": "Orrub",
"email": "yeknod@orrub.com",
"mobile_no": "0044678924758",
"created_at": "2017-10-10 10:30:00",
"last_updated_at": "2017-10-10 10:30:00"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}patch /users/{email}
Update the user
URI Parameters
- email: required(email)
Headers
- Content-Type: required(string - pattern: ^application/json;charset=utf-8$)
Request Content-Type
- Content-Length: required(integer - minimum: 1)
Length of the request in bytes
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
Body
Media type: application/json;charset=utf-8
Type: object
Properties- given_name: required(string - maxLength: 50)
Given name used to identify the user
- surname: required(string - maxLength: 50)
Surname used to identify the user
- mobile_no: required(string - maxLength: 100)
Mobile number to verify a user request
Example:
{
"given_name": "Yeknod",
"surname": "Orrub",
"mobile_no": "0044678924758"
}HTTP status code 204
The user was successfully updated
HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 411
Request Content-Length is absent or 0
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Content-Length required"
}HTTP status code 415
Request content type is not application/json;charset=utf-8
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Content-Type"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}delete /users/{email}
Delete a user
URI Parameters
- email: required(email)
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 204
User successfully deleted
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Submit a request for a signing identity
Revoke the certificate and delete keys
post /users/{email}/identity
Submit a request for a signing identity
URI Parameters
- email: required(email)
Headers
- Content-Type: required(string - pattern: ^application/json;charset=utf-8$)
Request Content-Type
- Content-Length: required(integer - minimum: 1)
Length of the request in bytes
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
Body
Media type: application/json;charset=utf-8
Type: object
Properties- subject_dn: required(object)
List of Distinguished Name attributes to include in the certificate. See RFC 5280#4.1.2.6
- country: (string - minLength: 2 - maxLength: 2 - pattern: ^[A-Z]{2}$)
Format: PrintableString, ISO 3166-1 alpha-2 two-letter country code
- state: (string - maxLength: 128)
Format: UTF8String or PrintableString
- locality: (string - maxLength: 128)
Format: UTF8String or PrintableString
- street_address: (string - maxLength: 128)
Format: UTF8String or PrintableString
- postal_code: (string - maxLength: 40)
Format: UTF8String or PrintableString
- organization: (string - maxLength: 64)
Format: UTF8String or PrintableString
- organizational_unit: (array of string)
Format: Array of UTF8String or PrintableString (string - maxLength: 64)
- organization_identifier: (string - maxLength: 64)
Format: UTF8String or PrintableString
- common_name: (string - maxLength: 64)
Format: UTF8String or PrintableString
- surname: (string - maxLength: 64)
Format: UTF8String or PrintableString
- given_name: (string - maxLength: 64)
Format: UTF8String or PrintableString
- email: (string - maxLength: 255)
Format: IA5String
- pseudonym: (string - maxLength: 128)
Format: UTF8String or PrintableString
- jurisdiction_of_incorporation_locality_name: (string - maxLength: 128)
Format: UTF8String or PrintableString
- jurisdiction_of_incorporation_state_or_province_name: (string - maxLength: 128)
Format: UTF8String or PrintableString
- jurisdiction_of_incorporation_country_name: (string - minLength: 2 - maxLength: 2 - pattern: ^[A-Z]{2}$)
Format: PrintableString, ISO 3166-1 alpha-2 two-letter country code
- business_category: (one of “Private Organization”, “Government Entity”, “Business Entity”, “Non-Commercial Entity” - maxLength: 128)
Format: UTF8String or PrintableString
- serial_number: (string - maxLength: 64)
Format: PrintableString
- extra_attributes: (array of basic.type_and_value)
Extra subject distinguished name attributes to include by OID and value
Items: type_and_value
- type: required(string - pattern: ^([0-9]{1,9}\.){0,63}[0-9]+$)
Object Identifier such as 1.3.6.1.4.1.311.20.2
- value: (string)
- type: required(string - pattern: ^([0-9]{1,9}\.){0,63}[0-9]+$)
Example:
{ "common_name": "John Doe", "surname": "Doe", "given_name": "John", "country": "GB", "state": "London", "locality": "London", "street_address": "1 GlobalSign Road", "postal_code": "E1", "organization": "GMO GlobalSign", "organizational_unit": [ "Operations", "Development" ], "organization_identifier": "PSDFI-FINFSA-29884997", "email": "john.doe@demo.hvca.globalsign.com", "pseudonym": "whatshisname", "jurisdiction_of_incorporation_locality_name": "London", "jurisdiction_of_incorporation_state_or_province_name": "London", "jurisdiction_of_incorporation_country_name": "United Kingdom", "business_category": "Internet security", "serial_number": "AA0448C4AE22702EF2C7A9BD7FA09743", "extra_attributes": [ { "type": "2.5.4.43", "value": "GS" } ] } - country: (string - minLength: 2 - maxLength: 2 - pattern: ^[A-Z]{2}$)
Example:
{
"subject_dn": {
"organizational_unit": [
"Operations",
"Development"
]
}
}HTTP status code 200
Successfully created a signing identity
Body
Media type: application/json;charset=utf-8
Type: object
Properties- signing_cert: required(string)
PEM encoded X509 signing certificate (defined in RFC 5280). The PEM encoding format (defined in RFC 1421) requires a line length of 64 characters except for the last line which can be shorter. In JSON newlines are delimited with ASCII newline symbol "\n".
- ocsp_response: required(string)
Base64 encoded DER representation of the OCSP response for signing_certificate. See RFC6960
Example:
{
"signing_cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
"ocsp_response": "MIGIAkIA6CotF+LAs2MeymHWul2KuatxcqWDpvhgaEJCI+joyj7p9XEUyH5pBTJ2VqvO0hKYEm+dZl8KKD7ISHWz8Vfb9cECQgFwaB7u/5cw4kT5gv9BPTlxCSiZRlRPVbTbYWl/BeaWAwrt3oEqDuHXOwIQscj/887bBEN/SnYGpKkKe/qdKEd0gw=="
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
User not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 411
Request Content-Length is absent or 0
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Content-Length required"
}HTTP status code 415
Request content type is not application/json;charset=utf-8
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Content-Type"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 429
Request rate exceeded the set limit
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Rate Limit Reached"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}delete /users/{email}/identity
Revoke the certificate and delete keys
URI Parameters
- email: required(email)
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 204
Certificate successfully revoked, keys successfully deleted
HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Retrieve signatures for multiple digests
post /users/{email}/sign
Retrieve signatures for multiple digests
URI Parameters
- email: required(email)
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ - Content-Type: required(string - pattern: ^application/json;charset=utf-8$)
Request Content-Type
- Content-Length: required(integer - minimum: 1)
Length of the request in bytes
Body
Media type: application/json;charset=utf-8
Type: object
Properties- digests: required(array of message_digest)
List of Hex encoded SHA256 message digest as defined in RFC5652#section-5.4
Example:
{
"digests": [
"7573A237684A9CE53857C96B709A867A84D15B43B3381549E082CF421778B5DF",
"7573A237684A9CE53857C96B709A867A84D15B43B3381549E082CF421778B5DE"
]
}HTTP status code 200
Digests signed with signing identity, returning the signature for each one
Headers
- Content-Length: required(integer - default: 0)
Body
Media type: application/json;charset=utf-8
Type: object
Properties- signatures: required(array of string)
List of Hex encoded signatures as defined in RFC5652
Example:
{
"signatures": [
"2F786C81B507ACB5CC4C4F69CA1D73F46C0012440F3D1CBB0A194352AE0D120049977660F2BA6BCDFDF26DAAA1B386A8064C9C07335E5B5664445CA0A275140B3C0F60097C153FE9391C08AA4D312B5B0D1F4FBB59747D5AD364EEA4EBC6AA3BDE2485B485A3A43523D6F1E05472930C26D3E8EEE8A4C0CC18E14F8AA542D74BD315D48D51B00AF7FFD92E7C67A423AB49A572AD25F811C2021153FE5C4184036400AE21A542C05D8280919431698C331FBC3A332F56EC62525DECF90D803BE9A0667A266051EF04F96012F6191F0CB9A436288009540A2DC71A24167692CF720F9E9854BB1C092692EBB2EC33E117A3AAA8E8EEABC514D7CE4F73E341B96F83",
"2F786C81B507ACB5CC4C4F69CA1D73F46C0012440F3D1CBB0A194352AE0D120049977660F2BA6BCDFDF26DAAA1B386A8064C9C07335E5B5664445CA0A275140B3C0F60097C153FE9391C08AA4D312B5B0D1F4FBB59747D5AD364EEA4EBC6AA3BDE2485B485A3A43523D6F1E05472930C26D3E8EEE8A4C0CC18E14F8AA542D74BD315D48D51B00AF7FFD92E7C67A423AB49A572AD25F811C2021153FE5C4184036400AE21A542C05D8280919431698C331FBC3A332F56EC62525DECF90D803BE9A0667A266051EF04F96012F6191F0CB9A436288009540A2DC71A24167692CF720F9E9854BB1C092692EBB2EC33E117A3AAA8E8EEABC514D7CE4F73E341B96F83"
]
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 402
Quota has been reached
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Quota Reached"
}HTTP status code 404
Identity to sign with was not found or expired
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Identity not found or expired"
}HTTP status code 411
Request Content-Length is absent or 0
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Content-Length required"
}HTTP status code 415
Request content type is not application/json;charset=utf-8
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Content-Type"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 429
Request rate exceeded the set limit
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Rate Limit Reached"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Retrieve signature for digest
get /users/{email}/sign/{digest}
Retrieve signature for digest
URI Parameters
- email: required(email)
- digest: required(string - minLength: 64 - maxLength: 64 - pattern: ^([A-Fa-f0-9]{64})$)
Hex encoded SHA256 message digest as defined in RFC5652#section-5.4
Example:
7573A237684A9CE53857C96B709A867A84D15B43B3381549E082CF421778B5DF
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Digest signed with signing identity, returning the signature
Headers
- Content-Length: required(integer - default: 0)
Body
Media type: application/json;charset=utf-8
Type: object
Properties- signature: required(string)
Hex encoded SignatureValue as defined in RFC5652
Example:
{
"signature": "2F786C81B507ACB5CC4C4F69CA1D73F46C0012440F3D1CBB0A194352AE0D120049977660F2BA6BCDFDF26DAAA1B386A8064C9C07335E5B5664445CA0A275140B3C0F60097C153FE9391C08AA4D312B5B0D1F4FBB59747D5AD364EEA4EBC6AA3BDE2485B485A3A43523D6F1E05472930C26D3E8EEE8A4C0CC18E14F8AA542D74BD315D48D51B00AF7FFD92E7C67A423AB49A572AD25F811C2021153FE5C4184036400AE21A542C05D8280919431698C331FBC3A332F56EC62525DECF90D803BE9A0667A266051EF04F96012F6191F0CB9A436288009540A2DC71A24167692CF720F9E9854BB1C092692EBB2EC33E117A3AAA8E8EEABC514D7CE4F73E341B96F83"
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 402
Quota has been reached
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Quota Reached"
}HTTP status code 404
Identity to sign with was not found or expired
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Identity not found or expired"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 429
Request rate exceeded the set limit
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Rate Limit Reached"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/timestamp/{digest}
Retrieve timestamp token for digest
get /timestamp/{digest}
Retrieve timestamp token for digest
URI Parameters
- digest: required(string - minLength: 64 - maxLength: 64 - pattern: ^([A-Fa-f0-9]{64})$)
Hex encoded SHA2-256 digest of the object to be timestamped. Corresponds to MessageImprint hashedMesssage as defined in RFC3161.
Example:
7573A237684A9CE53857C96B709A867A84D15B43B3381549E082CF421778B5DF
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Returns timestamp token for digest
Headers
- Content-Length: required(integer - default: 0)
Body
Media type: application/json;charset=utf-8
Type: object
Properties- token: required(string)
Base64 encoded DER representation of timestamp token according to RFC3161. It includes the TSA signing certificate in SignedData.CertificatesSet.
Example:
{
"token": "MIGIAkIA6CotF+LAs2MeymHWul2KuatxcqWDpvhgaEJCI+joyj7p9XEUyH5pBTJ2VqvO0hKYEm+dZl8KKD7ISHWz8Vfb9cECQgFwaB7u/5cw4kT5gv9BPTlxCSiZRlRPVbTbYWl/BeaWAwrt3oEqDuHXOwIQscj/887bBEN/SnYGpKkKe/qdKEd0gw=="
}HTTP status code 400
Request could not be parsed
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Bad Request"
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 402
Quota has been reached
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Quota Reached"
}HTTP status code 422
Invalid request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Validation error message"
}HTTP status code 429
Request rate exceeded the set limit
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Rate Limit Reached"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/validationpolicy
Retrieve the validation policy associated with the calling account
get /validationpolicy
Retrieve the validation policy associated with the calling account
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Validation policy associated with the current account
Body
Media type: application/json;charset=utf-8
Type: object
Properties- subject_dn: (object)
Validation policy for subject_dn field.
- common_name: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- surname: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- given_name: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- organization: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- organizational_unit: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- organization_identifier: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- country: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- state: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- locality: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- street_address: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- postal_code: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- email: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- pseudonym: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- jurisdiction_of_incorporation_locality_name: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- jurisdiction_of_incorporation_state_or_province_name: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- jurisdiction_of_incorporation_country_name: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- business_category: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- serial_number: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- format: required(string)
- extra_attributes: required(object)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Validation policy for type_and_value fields.
- static: required(boolean)
- value_type: required(one of IA5STRING, PRINTABLESTRING, UTF8STRING, INTEGER, DER, NIL)
This field describes what ASN.1 type the value in a type_and_value object should be encoded as. IA5STRING: International ASCII characters (International Alphabet 5). PRINTABLESTRING: a-z, A-Z, 0-9, ' () +,-.?:/= and SPACE. UTF8STRING: any character from a recognized alphabet (including ASCII control characters). INTEGER: values can be positive, negative, or zero, and can have any magnitude. DER: hex string of DER encoded data which will be used as-is. Should include Tag Length and Value. NIL: Indicates no value will be present.
- value_format: (string)
- mincount: required(integer)
- maxcount: required(integer)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Example:
{ "common_name": { "presence": "REQUIRED", "format": "^[A-Za-z][A-Za-z -]+$" }, "surname": { "presence": "REQUIRED", "format": "^[A-Za-z][A-Za-z -]+$" }, "given_name": { "presence": "REQUIRED", "format": "^[A-Za-z][A-Za-z -]+$" }, "organization": { "presence": "STATIC", "format": "GMO GlobalSign" }, "organizational_unit": { "static": false, "list": [ "^[A-Za-z][A-Za-z \\-]+$" ], "mincount": 1, "maxcount": 3 }, "organization_identifier": { "presence": "OPTIONAL", "format": "^[A-Za-z][A-Za-z \\-]+$" }, "country": { "presence": "STATIC", "format": "GB" }, "state": { "presence": "OPTIONAL", "format": "^[A-Za-z][A-Za-z \\-]+$" }, "locality": { "presence": "OPTIONAL", "format": "^[A-Za-z][A-Za-z \\-]+$" }, "street_address": { "presence": "OPTIONAL", "format": "^\\w+$" }, "postal_code": { "presence": "OPTIONAL", "format": "^[A-Za-z][A-Za-z \\-]+$" }, "email": { "presence": "REQUIRED", "format": "^\\w[-._\\w]*\\w@\\w[-._\\w]*\\w.\\w{2,3}" }, "pseudonym": { "presence": "OPTIONAL", "format": "^[A-Za-z][A-Za-z]+$" }, "jurisdiction_of_incorporation_locality_name": { "presence": "OPTIONAL", "format": "^[A-Za-z \\-]*$" }, "jurisdiction_of_incorporation_state_or_province_name": { "presence": "OPTIONAL", "format": "^[A-Za-z \\-]*$" }, "jurisdiction_of_incorporation_country_name": { "presence": "FORBIDDEN", "format": "^[A-Za-z \\-]*$" }, "business_category": { "presence": "OPTIONAL", "format": "^[A-Za-z \\-]*$" }, "serial_number": { "presence": "OPTIONAL", "format": "^[A-Za-z \\-]*$" }, "extra_attributes": { "1.3.6.1.5.5.7.48.1.5": { "static": true, "value_type": "PRINTABLESTRING", "value_format": "static attribute", "mincount": 1, "maxcount": 1 }, "1.3.6.1.5.5.7.48.1.6": { "static": false, "value_type": "UTF8STRING", "value_format": "^[A-Za-z \\\\-]*$", "mincount": 0, "maxcount": 3 } } } - common_name: required(object)
- san: (object)
Validation policy for san field.
- dns_names: required(object)
Validation policy for list fields that are validated by suffix matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- emails: required(object)
Validation policy for list fields that are validated by suffix matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- uris: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- ip_addresses: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- other_names: required(object)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Validation policy for type_and_value fields.
- static: required(boolean)
- value_type: required(one of IA5STRING, PRINTABLESTRING, UTF8STRING, INTEGER, DER, NIL)
This field describes what ASN.1 type the value in a type_and_value object should be encoded as. IA5STRING: International ASCII characters (International Alphabet 5). PRINTABLESTRING: a-z, A-Z, 0-9, ' () +,-.?:/= and SPACE. UTF8STRING: any character from a recognized alphabet (including ASCII control characters). INTEGER: values can be positive, negative, or zero, and can have any magnitude. DER: hex string of DER encoded data which will be used as-is. Should include Tag Length and Value. NIL: Indicates no value will be present.
- value_format: (string)
- mincount: required(integer)
- maxcount: required(integer)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Example:
{ "dns_names": { "static": false, "list": [ ".hvca.demo.globalsign.com" ], "mincount": 0, "maxcount": 1 }, "emails": { "static": false, "list": [ "@hvca.demo.globalsign.com" ], "mincount": 0, "maxcount": 1 }, "ip_addresses": { "static": false, "list": [], "mincount": 0, "maxcount": 0 }, "uris": { "static": false, "list": [ ".*\\.hvca\\.demo\\.globalsign\\.com/[A-Za-z /.]*$" ], "mincount": 0, "maxcount": 1 }, "other_names": { "1.3.6.1.5.5.7.48.1.5": { "static": false, "value_type": "UTF8STRING", "value_format": "^[A-Za-z.-]@demo.globalsign.com", "mincount": 0, "maxcount": 1 } } } - dns_names: required(object)
- key_usages: (object)
Validation policy for key_usages field.
- digital_signature: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- content_commitment: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- key_encipherment: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- data_encipherment: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- key_agreement: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- key_certificate_sign: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- crl_sign: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- encipher_only: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- decipher_only: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
Example:
{ "digital_signature": "OPTIONAL", "content_commitment": "OPTIONAL", "key_encipherment": "OPTIONAL", "data_encipherment": "OPTIONAL", "key_agreement": "OPTIONAL", "key_certificate_sign": "OPTIONAL", "crl_sign": "OPTIONAL", "encipher_only": "OPTIONAL", "decipher_only": "OPTIONAL" } - digital_signature: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
- extended_key_usages: (object)
Validation policy for extended_key_usages field.
- ekus: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- critical: required(boolean)
Example:
{ "ekus": { "static": false, "list": [ "^1.3.6.1.5.5.7.3.[1-3]$" ], "mincount": 1, "maxcount": 3 }, "critical": true } - ekus: required(object)
- subject_da: (object)
Validation policy for subject_da field.
- gender: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- date_of_birth: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- place_of_birth: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- country_of_citizenship: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- country_of_residence: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- extra_attributes: required(object)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Validation policy for type_and_value fields.
- static: required(boolean)
- value_type: required(one of IA5STRING, PRINTABLESTRING, UTF8STRING, INTEGER, DER, NIL)
This field describes what ASN.1 type the value in a type_and_value object should be encoded as. IA5STRING: International ASCII characters (International Alphabet 5). PRINTABLESTRING: a-z, A-Z, 0-9, ' () +,-.?:/= and SPACE. UTF8STRING: any character from a recognized alphabet (including ASCII control characters). INTEGER: values can be positive, negative, or zero, and can have any magnitude. DER: hex string of DER encoded data which will be used as-is. Should include Tag Length and Value. NIL: Indicates no value will be present.
- value_format: (string)
- mincount: required(integer)
- maxcount: required(integer)
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Example:
{ "gender": { "presence": "OPTIONAL", "format": "^[MmFf]$" }, "date_of_birth": "OPTIONAL", "place_of_birth": { "presence": "OPTIONAL", "format": "^[A-Za-z \\\\-]*$" }, "country_of_citizenship": { "static": true, "list": [ "GB", "US" ], "mincount": 2, "maxcount": 2 }, "country_of_residence": { "static": false, "list": [ "GB", "US" ], "mincount": 0, "maxcount": 2 }, "extra_attributes": { "1.3.6.1.5.5.7.48.1.5": { "static": true, "value_type": "PRINTABLESTRING", "value_format": "static attribute", "mincount": 1, "maxcount": 1 }, "1.3.6.1.5.5.7.48.1.6": { "static": false, "value_type": "UTF8STRING", "value_format": "^[A-Za-z \\\\-]*$", "mincount": 1, "maxcount": 3 } } } - gender: required(object)
- qualified_statements: (object)
Validation policy for qualified_statements field.
- semantics: required(object)
- identifier: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- name_authorities: required(object)
Validation policy for list fields that are validated by regex matching.
- static: required(boolean)
- list: required(array of string)
- mincount: required(integer)
- maxcount: required(integer)
- identifier: required(object)
- etsi_qc_compliance: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- etsi_qc_sscd_compliance: required(one of OPTIONAL, STATIC_TRUE, STATIC_FALSE)
Determines if a boolean field is optional or statically set to true or false.
- etsi_qc_type: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- etsi_qc_retention_period: required(object)
Validation policy for integer fields.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- min: required(integer - minimum: 0)
- max: required(integer - minimum: 0)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- etsi_qc_pds: required(object)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- policies: required(object)
- /^[A-Z]{2}/: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Example:
{ "semantics": { "identifier": { "presence": "STATIC", "format": "1.1.1.1.1.1" }, "name_authorities": { "static": true, "list": [ "contact@ra1.globalsign.com" ], "mincount": 1, "maxcount": 1 } }, "etsi_qc_compliance": "STATIC_TRUE", "etsi_qc_sscd_compliance": "OPTIONAL", "etsi_qc_type": { "presence": "REQUIRED", "format": "^0.4.0.1862.1.6.[1-3]$" }, "etsi_qc_retention_period": { "presence": "OPTIONAL", "min": 1, "max": 3 }, "etsi_qc_pds": { "presence": "STATIC", "policies": { "EN": "https://etsi.pds.demo.globalsign.com/en/pds" } } } - semantics: required(object)
- ms_extension_template: (object)
Validation policy for ms_extension_template field.
- critical: required(boolean)
- template_id: required(object)
Validation policy for a string field.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- format: required(string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- major_version: required(object)
Validation policy for integer fields.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- min: required(integer - minimum: 0)
- max: required(integer - minimum: 0)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
- minor_version: required(object)
Validation policy for integer fields.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- min: required(integer - minimum: 0)
- max: required(integer - minimum: 0)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Example:
{ "critical": true, "template_id": { "presence": "REQUIRED", "format": "^1.2.3.4.123.4.5.[1-3]$" }, "major_version": { "presence": "REQUIRED", "min": 1, "max": 10 }, "minor_version": { "presence": "OPTIONAL", "min": 1, "max": 10 } } - custom_extensions: (object)
Validation policy for custom_extensions field.
- /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Validation policy for extension fields.
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Determines if a field is required, optional, forbidden, static, or overwritten by the service.
- REQUIRED presence for a field specifies that the field SHALL be included in certificate requests.
- OPTIONAL presence for a field specifies that the field MAY be included in certificate requests.
- STATIC presence for a field specifies that the field SHALL NOT be included in certificate requests, and instead will be provided automatically.
- FORBIDDEN presence for a field specifies that the field SHALL NOT be included in certificate requests and SHALL NOT be supplied automatically. The field will be empty or absent from the resulting certificate.
- API_OVERRIDE presence for a field specifies that the field SHALL NOT be included in certificate requests. The value will instead be computed dynamically.
- OPTIONAL_API_OVERRIDE presence for a field specifies that the field MAY be included in certificate requests. If a value is not provided in the request, then instead a value will be computed dynamically. If a value is provided in the request, then the value provided will be used as is and will not be overwritten.
- critical: required(boolean)
- value_type: required(one of IA5STRING, PRINTABLESTRING, UTF8STRING, INTEGER, DER, NIL)
This field describes what ASN.1 type the value in a type_and_value object should be encoded as. IA5STRING: International ASCII characters (International Alphabet 5). PRINTABLESTRING: a-z, A-Z, 0-9, ' () +,-.?:/= and SPACE. UTF8STRING: any character from a recognized alphabet (including ASCII control characters). INTEGER: values can be positive, negative, or zero, and can have any magnitude. DER: hex string of DER encoded data which will be used as-is. Should include Tag Length and Value. NIL: Indicates no value will be present.
- value_format: (string)
- presence: required(one of REQUIRED, OPTIONAL, FORBIDDEN, STATIC, API_OVERRIDE, OPTIONAL_API_OVERRIDE)
Example:
{ "1.3.6.1.5.5.7.48.1.5": { "presence": "STATIC", "critical": false, "value_type": "NIL" }, "1.3.6.1.5.5.7.48.1.6": { "presence": "STATIC", "critical": true, "value_type": "DER", "value_format": "^([A-Fa-f0-9]{2})+$" } } - /^([0-9]{1,9}\.){0,63}[0-9]+$/: required(object)
Example:
{
"subject_dn": {
"common_name": {
"presence": "FORBIDDEN",
"format": "^[A-Za-z][A-Za-z -]+$"
},
"surname": {
"presence": "REQUIRED",
"format": "^[A-Za-z][A-Za-z -]+$"
},
"given_name": {
"presence": "REQUIRED",
"format": "^[A-Za-z][A-Za-z -]+$"
},
"organization": {
"presence": "STATIC",
"format": "GMO GlobalSign"
},
"organizational_unit": {
"static": false,
"list": [
"^[A-Za-z][A-Za-z \\-]+$"
],
"mincount": 1,
"maxcount": 3
},
"organization_identifier": {
"presence": "OPTIONAL",
"format": "^[A-Za-z][A-Za-z \\-]+$"
},
"country": {
"presence": "STATIC",
"format": "GB"
},
"state": {
"presence": "OPTIONAL",
"format": "^[A-Za-z][A-Za-z \\-]+$"
},
"locality": {
"presence": "OPTIONAL",
"format": "^[A-Za-z][A-Za-z \\-]+$"
},
"street_address": {
"presence": "OPTIONAL",
"format": "^[A-Za-z0-9][A-Za-z0-9 \\-]+$"
},
"postal_code": {
"presence": "OPTIONAL",
"format": "^[A-Za-z][A-Za-z -]+$"
},
"email": {
"presence": "FORBIDDEN",
"format": "^\\w[-._\\w]*\\w@\\w[-._\\w]*\\w.\\w{2,3}"
},
"pseudonym": {
"presence": "OPTIONAL",
"format": "^[A-Za-z][A-Za-z]+$"
},
"jurisdiction_of_incorporation_locality_name": {
"presence": "OPTIONAL",
"format": "^[A-Za-z \\-]*$"
},
"jurisdiction_of_incorporation_state_or_province_name": {
"presence": "OPTIONAL",
"format": "^[A-Za-z \\-]*$"
},
"jurisdiction_of_incorporation_country_name": {
"presence": "FORBIDDEN",
"format": "^[A-Za-z \\-]*$"
},
"business_category": {
"presence": "FORBIDDEN",
"format": "^[A-Za-z \\-]*$"
},
"serial_number": {
"presence": "OPTIONAL",
"format": "^[A-Za-z \\-]*$"
},
"extra_attributes": {
"1.3.6.1.5.5.7.48.1.5": {
"static": true,
"value_type": "PRINTABLESTRING",
"value_format": "static attribute",
"mincount": 1,
"maxcount": 1
},
"1.3.6.1.5.5.7.48.1.6": {
"static": false,
"value_type": "UTF8STRING",
"value_format": "^[A-Za-z \\\\-]*$",
"mincount": 0,
"maxcount": 3
}
}
},
"san": {
"dns_names": {
"static": false,
"list": [],
"mincount": 0,
"maxcount": 0
},
"emails": {
"static": false,
"list": [
"^\\w[-._\\w]*\\w@\\w[-._\\w]*\\w.\\w{2,3}$"
],
"mincount": 0,
"maxcount": 1
},
"ip_addresses": {
"static": false,
"list": [],
"mincount": 0,
"maxcount": 0
},
"uris": {
"static": false,
"list": [],
"mincount": 0,
"maxcount": 0
},
"other_names": {
"1.3.6.1.5.5.7.48.1.5": {
"static": false,
"value_type": "UTF8STRING",
"value_format": "^[A-Za-z.-]@demo.globalsign.com",
"mincount": 0,
"maxcount": 1
}
}
},
"subject_da": {
"gender": {
"presence": "OPTIONAL",
"format": "^[MmFf]$"
},
"date_of_birth": "OPTIONAL",
"place_of_birth": {
"presence": "OPTIONAL",
"format": "^[A-Za-z \\\\-]*$"
},
"country_of_citizenship": {
"static": true,
"list": [
"GB",
"US"
],
"mincount": 2,
"maxcount": 2
},
"country_of_residence": {
"static": false,
"list": [
"GB",
"US"
],
"mincount": 0,
"maxcount": 2
},
"extra_attributes": {}
}
}HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/trustchain
Query the chain of trust for the certificates issued by the calling account and the revocation info for the certificates in the chain
get /trustchain
Query the chain of trust for the certificates issued by the calling account and the revocation info for the certificates in the chain
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return the chain of trust for certificates issued by the calling account and the OCSP revocation info for each certificate in the trustchain except the root certificate
Body
Media type: application/json;charset=utf-8
Type: object
Properties- trustchain: required(array of string)
List of PEM encoded X509 certificates (defined in RFC5280). The PEM encoding format (defined in RFC 1421) requires a line length of 64 characters except for the last line which can be shorter. In JSON newlines are delimited with ASCII newline symbol "\n".
Example:
[ "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----" ] - ocsp_revocation_info: required(array of string)
List of base 64 encoded DER representations of OCSP responses as defined in RFC6960.
Example:
{
"trustchain": [
"-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
"-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
"-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----"
],
"ocsp_revocation_info": [
"MIGIAkIA6CotF+LAs2MeymHWul2KuatxcqWDpvhgaEJCI+joyj7p9XEUyH5pBTJ2VqvO0hKYEm+dZl8KKD7ISHWz8Vfb9cECQgFwaB7u/5cw4kT5gv9BPTlxCSiZRlRPVbTbYWl/BeaWAwrt3oEqDuHXOwIQscj/887bBEN/SnYGpKkKe/qdKEd0gw==",
"MIIFwgoBAKCCBbswggW3BgkrBgEFBQcwAQEEggWoMIIFpDCBl6IWBBT/NPtQUZYRx/m4TAR1hsiuNLg7VRgPMjAxOTA2MTMwOTMxMDBaMGwwajBCMAkGBSsOAwIaBQAEFCLa3sqPbBy5JbdySytOdZFivex3BBRc2ZafUmLZgeDbqZJTQpm0vCqzAgI="
]
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/counters
Query the number of signatures created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
- It is recommended to use the /quotas/signatures endpoint instead.
get /counters/signatures
Query the number of signatures created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
- It is recommended to use the /quotas/signatures endpoint instead.
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Query the number of timestamps created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
- It is recommended to use the /quotas/timestamps endpoint instead.
get /counters/timestamps
Query the number of timestamps created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
- It is recommended to use the /quotas/timestamps endpoint instead.
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Query the number of identities created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
get /counters/identities
Query the number of identities created by the calling account
Deprecated
- This endpoint is not recommended for use and is subject to removal in future major releases.
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 404
Requested resource is not found
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Not found"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}/quotas
Query remaining signatures quota for the calling account
get /quotas/signatures
Query remaining signatures quota for the calling account
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Query remaining timestamp quota for the calling account
get /quotas/timestamps
Query remaining timestamp quota for the calling account
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}Query remaining users quota for the calling account
get /quotas/users
Query remaining users quota for the calling account
Headers
- Authorization: required(string)
The Authorization header. Only "Bearer" is supported
Example:
Bearer eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
HTTP status code 200
Return integer value
Body
Media type: application/json;charset=utf-8
Type: object
Properties- value: required(integer)
Example:
{
"value": 12
}
HTTP status code 401
Request is unauthorized
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Unauthorized"
}HTTP status code 503
System temporarily cannot process the request
Body
Media type: application/problem+json;charset=utf-8
Type: object
Properties- description: required(string)
- id: (string)
- errors: (object)
key value error type
- /^.+$/: required(string)
key is the error type, and value contains error details
- /^.+$/: required(string)
Example:
{
"description": "Service busy, please retry later",
"id": "0vqe8FWeDe4DQ7rU7wbzzGmPc4B"
}