Learn

IACA

Create an IACA

Creates a new IACA that can be used to sign new Document Signer Certificates (DSCs).

Analytic events

  • MOBILE_CREDENTIAL_IACA_CREATE_START
  • MOBILE_CREDENTIAL_IACA_CREATE_SUCCESS
  • MOBILE_CREDENTIAL_IACA_CREATE_FAIL
SecuritybearerAuth
Request
Request Body schema: application/json
required
commonName
string
Default: "{tenantDomain} IACA"

This optional parameter indicates the common name of the IACA certificate. When specified, the value must be a valid PrintableString and cannot be an empty string. If not provided and a custom domain is configured and verified, the custom domain is used followed by the word IACA. If no custom domain is configured, the tenant subdomain is used instead.

country
string

This optional parameter indicates the issuer country. If not provided, a country is selected based on the region of the tenant subdomain cloud host. When specified, the value must be a valid Alpha 2 country code as per ISO 3166-1.

notBefore
string

This optional parameter is used to set the date and time when the IACA becomes valid and can be used to sign mDocs. This can be used alongside the active field to support IACA rotation by creating inactive IACAs and distributing them to relying parties in advance. * Must not be in the past. * Must be before notAfter.

notAfter
string

This optional parameter is used to set the date and time when the IACA expires. When not provided, defaults to 10 years from notBefore, or from issuance if notBefore is not provided. Maximum value is 20 years from issuance. * If not provided, calculated as notBefore + 10 years. * In not provided and notBefore is not provided, calculated as time of issuance + 10 years.

active
boolean
Default: true

This optional boolean indicates whether the IACA is active or not. Only active IACAs can be used to sign mDocs. This can be used alongside the notBefore field to support IACA rotation by creating inactive IACAs and distributing them to relying parties in advance.

stateOrProvinceName
string

This optional parameter indicates the issuer state or province. When specified, the value must be uppercase and a valid state/province code as per ISO 3166-2.

Responses
201

IACA created

400

Bad Request

post/v2/credentials/mobile/iacas
Request samples
application/json
{
  • "commonName": "{tenant-subdomain}.vii.mattr.global IACA",
  • "country": "US",
  • "stateOrProvinceName": "US-AL",
  • "notAfter": "2034-09-26"
}
Response samples
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "active": true,
  • "certificatePem": "-----BEGIN CERTIFICATE-----\r\nMIICDjCCAbSgAwIBAgIKdeZsA5NPKimuAzAKBggqhkjOPQQDAjAiMSAwCQYDVQQG\r\nEwJOWjATBgNVBAMTDEV4YW1wbGUgSUFDQTAeFw0yMzA5MTEyMzM0MjJaFw0zMzA5\r\nMDgyMzM0MjJaMCIxIDAJBgNVBAYTAk5aMBMGA1UEAxMMRXhhbXBsZSBJQUNBMFkw\r\nEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBbK7JKKFMWuu8kHQK2qaML+MQ0Ykk3Qg\r\n/p3TC6lQKvYJozPSpLXbJQIzMPq9u/dG+j4vq1iX/G/jFIwfiEiKEqOB0TCBzjAS\r\nBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU9zTh\r\nKsqFxAgRJDDGW1au+ewJK6owHgYDVR0SBBcwFYYTaHR0cHM6Ly9leGFtcGxlLmNv\r\nbTBpBgNVHR8EYjBgMF6gXKBahlhodHRwczovL2V4YW1wbGUuY29tL3YyL2NyZWRl\r\nbnRpYWxzL21vYmlsZS9pYWNhcy8yZTg5YzE1Ni0zMWQ1LTQ3ODMtYmQ1OS05MDU1\r\nYjVmOGU3ZDIvY3JsMAoGCCqGSM49BAMCA0gAMEUCIQDD+eU8iOsYYC0v41L94fhF\r\nZ0brPo4gx2aRxrhE3NLFpwIgIgHCPBXJ+JICJg3K7dEsr153So4SEZzAA1rRn4eF\r\nvkM=\r\n-----END CERTIFICATE-----\r\n",
  • "certificateData": {
    },
  • "publicKeyJwk": {
    }
}

Retrieve all IACAs

Retrieves all existing IACAs from the tenant.

Analytic events

  • MOBILE_CREDENTIAL_IACA_RETRIEVE_LIST_START
  • MOBILE_CREDENTIAL_IACA_RETRIEVE_LIST_SUCCESS
  • MOBILE_CREDENTIAL_IACA_RETRIEVE_LIST_FAIL
SecuritybearerAuth
Responses
200

IACAs Retrieved

get/v2/credentials/mobile/iacas
Request samples 
Response samples 
application/json
{
  • "data": [
    ],
  • "nextCursor": "string"
}
Retrieve an IACA
Retrieves an existing IACA by providing its ID.


Analytic events


    

  • MOBILE_CREDENTIAL_IACA_RETRIEVE_START
    • 

  • MOBILE_CREDENTIAL_IACA_RETRIEVE_SUCCESS
    • 

  • MOBILE_CREDENTIAL_IACA_RETRIEVE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
iacaId
required
string <uuid> 
IACA ID


 
 Example:  497f6eca-6276-4993-bfeb-53cbbbba6f08
Responses 
200
IACA retrieved


400
Bad Request. The request was malformed or missing required parameters.


404
Not Found. The specified resource was not found.


get/v2/credentials/mobile/iacas/{iacaId}
Request samples 
Response samples 
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "active": true,
  • "certificatePem": "-----BEGIN CERTIFICATE-----\r\nMIICDjCCAbSgAwIBAgIKdeZsA5NPKimuAzAKBggqhkjOPQQDAjAiMSAwCQYDVQQG\r\nEwJOWjATBgNVBAMTDEV4YW1wbGUgSUFDQTAeFw0yMzA5MTEyMzM0MjJaFw0zMzA5\r\nMDgyMzM0MjJaMCIxIDAJBgNVBAYTAk5aMBMGA1UEAxMMRXhhbXBsZSBJQUNBMFkw\r\nEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBbK7JKKFMWuu8kHQK2qaML+MQ0Ykk3Qg\r\n/p3TC6lQKvYJozPSpLXbJQIzMPq9u/dG+j4vq1iX/G/jFIwfiEiKEqOB0TCBzjAS\r\nBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU9zTh\r\nKsqFxAgRJDDGW1au+ewJK6owHgYDVR0SBBcwFYYTaHR0cHM6Ly9leGFtcGxlLmNv\r\nbTBpBgNVHR8EYjBgMF6gXKBahlhodHRwczovL2V4YW1wbGUuY29tL3YyL2NyZWRl\r\nbnRpYWxzL21vYmlsZS9pYWNhcy8yZTg5YzE1Ni0zMWQ1LTQ3ODMtYmQ1OS05MDU1\r\nYjVmOGU3ZDIvY3JsMAoGCCqGSM49BAMCA0gAMEUCIQDD+eU8iOsYYC0v41L94fhF\r\nZ0brPo4gx2aRxrhE3NLFpwIgIgHCPBXJ+JICJg3K7dEsr153So4SEZzAA1rRn4eF\r\nvkM=\r\n-----END CERTIFICATE-----\r\n",
  • "certificateData": {
    },
  • "publicKeyJwk": {
    }
}
Update IACA
Update the status of an IACA. Only active IACAs can be used for signing mDocs.


Creating an IACA with active set to false enables distributing the IACA's PEM to relying parties in advance, before it is being used to sign mDocs.


Analytic events


    

  • MOBILE_CREDENTIAL_IACA_UPDATE_START
    • 

  • MOBILE_CREDENTIAL_IACA_UPDATE_SUCCESS
    • 

  • MOBILE_CREDENTIAL_IACA_UPDATE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
iacaId
required
string <uuid> 
IACA ID


 
 Example:  497f6eca-6276-4993-bfeb-53cbbbba6f08
Request Body schema: application/json
required
active
required
boolean
Indicates whether the IACA is active or not. Only active IACAs can be used to sign mDocs.


 
Responses 
200
IACA updated


404
Not Found. The specified resource was not found.


put/v2/credentials/mobile/iacas/{iacaId}
Request samples 
application/json
{
  • "commonName": "https://learn.vii.au01.mattr.global IACA",
  • "country": "US",
  • "stateOrProvinceName": "US-AL",
  • "notAfter": "2030-01-21",
  • "active": false
}
Response samples 
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "active": true,
  • "certificatePem": "-----BEGIN CERTIFICATE-----\r\nMIICDjCCAbSgAwIBAgIKdeZsA5NPKimuAzAKBggqhkjOPQQDAjAiMSAwCQYDVQQG\r\nEwJOWjATBgNVBAMTDEV4YW1wbGUgSUFDQTAeFw0yMzA5MTEyMzM0MjJaFw0zMzA5\r\nMDgyMzM0MjJaMCIxIDAJBgNVBAYTAk5aMBMGA1UEAxMMRXhhbXBsZSBJQUNBMFkw\r\nEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBbK7JKKFMWuu8kHQK2qaML+MQ0Ykk3Qg\r\n/p3TC6lQKvYJozPSpLXbJQIzMPq9u/dG+j4vq1iX/G/jFIwfiEiKEqOB0TCBzjAS\r\nBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU9zTh\r\nKsqFxAgRJDDGW1au+ewJK6owHgYDVR0SBBcwFYYTaHR0cHM6Ly9leGFtcGxlLmNv\r\nbTBpBgNVHR8EYjBgMF6gXKBahlhodHRwczovL2V4YW1wbGUuY29tL3YyL2NyZWRl\r\nbnRpYWxzL21vYmlsZS9pYWNhcy8yZTg5YzE1Ni0zMWQ1LTQ3ODMtYmQ1OS05MDU1\r\nYjVmOGU3ZDIvY3JsMAoGCCqGSM49BAMCA0gAMEUCIQDD+eU8iOsYYC0v41L94fhF\r\nZ0brPo4gx2aRxrhE3NLFpwIgIgHCPBXJ+JICJg3K7dEsr153So4SEZzAA1rRn4eF\r\nvkM=\r\n-----END CERTIFICATE-----\r\n",
  • "certificateData": {
    },
  • "publicKeyJwk": {
    }
}
Delete an IACA
Deletes an existing IACA by providing its ID.


Analytic events


    

  • MOBILE_CREDENTIAL_IACA_DELETE_START
    • 

  • MOBILE_CREDENTIAL_IACA_DELETE_LIST_SUCCESS
    • 

  • MOBILE_CREDENTIAL_IACA_DELETE_LIST_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
iacaId
required
string <uuid> 
IACA ID


 
 Example:  497f6eca-6276-4993-bfeb-53cbbbba6f08
Responses 
204
IACA deleted


400
Bad Request


404
IACA not found


delete/v2/credentials/mobile/iacas/{iacaId}
Request samples 
Response samples 
application/json
{
  • "code": "string",
  • "message": "string",
  • "details": [
    ]
}
➔ Next to Webhooks