Focus
Prisma Access

Create a New Certificate

Table of Contents

Create a New Certificate

Creates a new certificate.
To authenticate Third-Party Device-ID API requests, you must use the signed certificate and API token you obtained during onboarding in the Cloud Identity Engine user interface.
The Third-Party Device-ID service allows a maximum of two valid certificates for any tenant and vendor ID combination. You can perform three attempts to refresh the certificate. After you have reached the maximum number of certificate attempts, you can perform one additional certificate request operation every hour.
If there are currently more than the two certificates already in use, then the oldest certificate is automatically deleted and its name returned in the deletedCertName response. If there is no deleted certificate, the deletedCertName is empty.

Synopsis

URI/api/v1/token/cert:refresh
The legacy API method with the apiKey in the path of the URI is not supported.
HTTP MethodGET

Success Response

Upon success, the HTTP response code is 200. In addition, the response contains a JSON object with the following fields:
FieldDescription
cert
The newly-created certificate. The certificate is in the format of "cert" : "-----BEGIN CERTIFICATE-----\n....-----END CERTIFICATE-----".
deletedCertNameThe name of the certificate that was deleted.
If there are more than the two certificates already in use, the oldest certificate is deleted and its name returned in the deletedCertName response. If there is no deleted certificate, deletedCertName returns an empty string.
For example:
Body: {
    "pemCsr": "string",
    "certName": "string"
} 

Header: {
    "apiKey": "string"
}

Error Response

Upon error, the HTTP response code is one of the following:
Response CodeDescription
400Invalid request.
401Unauthorized. Try regenerating your API certificate. If that doesn’t work, contact support.
409Conflict. The request couldn’t be processed because there is another ongoing update or delete job. Try again after the other job finishes.
429 Too many requests. The request could not be processed because too many requests have been issued in a specific period of time.
In addition, the response body contains the following fields:
Field
Description
codeThe error code.
messageThe error message.