Focus

Prisma Access

Create a New Certificate

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Release Notes
Select a Document
- 6.0 Preferred and Innovation
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Activation & Onboarding
Administration
Select a Document
- 4.0 & Later
- Prisma Access China
Integrations
Incidents & Alerts

Query Verdict Statistics

Create a New Token

Create a New Certificate

Creates a new certificate.

To authenticate Third-Party Device-ID API requests, you must use the signed certificate and API token you obtained during onboarding in the Cloud Identity Engine user interface.

The Third-Party Device-ID service allows a maximum of two valid certificates for any tenant and vendor ID combination. You can perform three attempts to refresh the certificate. After you have reached the maximum number of certificate attempts, you can perform one additional certificate request operation every hour.

If there are currently more than the two certificates already in use, then the oldest certificate is automatically deleted and its name returned in the deletedCertName response. If there is no deleted certificate, the deletedCertName is empty.

Synopsis

URI	/api/v1/token/cert:refresh The legacy API method with the apiKey in the path of the URI is not supported.
HTTP Method	GET

Success Response

Upon success, the HTTP response code is 200. In addition, the response contains a JSON object with the following fields:

Field	Description
cert	The newly-created certificate. The certificate is in the format of "cert" : "-----BEGIN CERTIFICATE-----\n....-----END CERTIFICATE-----".
deletedCertName	The name of the certificate that was deleted. If there are more than the two certificates already in use, the oldest certificate is deleted and its name returned in the deletedCertName response. If there is no deleted certificate, deletedCertName returns an empty string.

For example:

Body: {
    "pemCsr": "string",
    "certName": "string"
} 

Header: {
    "apiKey": "string"
}

Error Response

Upon error, the HTTP response code is one of the following:

Response Code	Description
400	Invalid request.
401	Unauthorized. Try regenerating your API certificate. If that doesn’t work, contact support.
409	Conflict. The request couldn’t be processed because there is another ongoing update or delete job. Try again after the other job finishes.
429	Too many requests. The request could not be processed because too many requests have been issued in a specific period of time.

In addition, the response body contains the following fields:

Field	Description
code	The error code.
message	The error message.

Query Verdict Statistics

Create a New Token

Prisma Access Docs

Create a New Certificate

Prisma Access Docs

Create a New Certificate

Synopsis

Success Response

Error Response

Activation & Onboarding

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner

Translated Documents