API Reference
Certificates
Create DTS root CA certificate
Create a DTS root CA certificate
Creates a DTS root CA certificate which is used to sign DTS signer certificates.
- A maximum of three DTS root CA certificates can be created per tenant.
Analytic events
- ECOSYSTEM_DTS_CA_CERTIFICATE_CREATE_START
- ECOSYSTEM_DTS_CA_CERTIFICATE_CREATE_SUCCESS
- ECOSYSTEM_DTS_CA_CERTIFICATE_CREATE_FAIL
POST
/v1/ecosystems/certificates/caAuthorizationBearer <token>
In: header
commonName?string
Indicates the common name of the DTS root CA certificate. When specified, the value must be a valid PrintableString and cannot be an empty string. If not provided and a custom domain is configured and verified, the custom domain is used followed by the words DTS CA. If no custom domain is configured, the tenant subdomain is used instead.
country?string
Indicates the DTS provider's country. If not provided, a country is selected based on the region of the tenant subdomain cloud host. When specified, the value must be a valid Alpha 2 country code as per ISO 3166-1.
organisationNamestring
Indicates the organization associated with the DTS root CA certificate.
notAfter?string
Used to set the date and time when the DTS root CA certificate expires.
- If not provided, calculated as
notBefore+ 20 years. - If not provided and
notBeforeis not provided, calculated as time of creation + 20 years. - Maximum value is 20 years from creation.
- Must be after
notBefore, if provided.
Format
date-timenotBefore?string
Used to set the date and time when the DTS root CA certificate becomes valid and can be used to sign other intermediate certificates.
- Must not be in the past.
- Must be before
notAfter.
Format
date-timecertificatePemstring
DTS root CA certificate in PEM format. The certificate must be valid and not expired.
curl -X POST "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca" \ -H "Content-Type: application/json" \ -d '{ "organisationName": "Example Inc." }'{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"organisationName": "Example Inc.",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
},
"isManaged": true
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Retrieve all DTS root CA certificates
Retrieve all DTS root CA certificates
Retrieves all DTS root CA certificates.
Analytic events
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_LIST_START
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_LIST_SUCCESS
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_LIST_FAIL
GET
/v1/ecosystems/certificates/caAuthorizationBearer <token>
In: header
Query Parameters
limit?number
Range size of returned list.
Default
100Range
1 <= value <= 1000cursor?string
Starting point for the list of entries.
curl -X GET "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca?limit=2&cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h"{
"data": [
{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"organisationName": "Example Inc.",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
},
"isManaged": true
}
],
"nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM"
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Retrieve all DTS root CA Certificates (public)
Retrieve all public DTS root CA certificates
Retrieves all public DTS root CA certificates.
GET
/v1/ecosystems/public/certificates/cacurl -X GET "https://example.vii.au01.mattr.global/v1/ecosystems/public/certificates/ca"{
"rootCertificates": [
{
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"notBefore": "2023-10-22T00:00:00Z",
"notAfter": "2024-10-22T00:00:00Z",
"fingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"commonName": "example.com"
}
]
}Retrieve a DTS root CA certificate
Retrieve a DTS root CA certificate
Retrieves a DTS root CA certificate.
Analytic events
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_START
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_SUCCESS
- ECOSYSTEM_DTS_CA_CERTIFICATE_RETRIEVE_FAIL
GET
/v1/ecosystems/certificates/ca/{dtsCaCertificateId}AuthorizationBearer <token>
In: header
Path Parameters
dtsCaCertificateIdstring
Unique identifier of the DTS root CA certificate.
Format
uuidcurl -X GET "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca/b0aae560-10e7-4247-8e96-7cdd3578a1e2"{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"organisationName": "Example Inc.",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
},
"isManaged": true
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Update a DTS root CA certificate
Update a DTS root CA certificate
Updates a DTS root CA certificate.
Analytic events
- ECOSYSTEM_DTS_CA_CERTIFICATE_UPDATE_START
- ECOSYSTEM_DTS_CA_CERTIFICATE_UPDATE_SUCCESS
- ECOSYSTEM_DTS_CA_CERTIFICATE_UPDATE_FAIL
PUT
/v1/ecosystems/certificates/ca/{dtsCaCertificateId}AuthorizationBearer <token>
In: header
Path Parameters
dtsCaCertificateIdstring
Unique identifier of the DTS root CA certificate.
Format
uuidactiveboolean
Indicates if the DTS root CA certificate is active. Only active certificates can be used to sign other intermediate certificates.
curl -X PUT "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca/b0aae560-10e7-4247-8e96-7cdd3578a1e2" \ -H "Content-Type: application/json" \ -d '{ "active": true }'{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"organisationName": "Example Inc.",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
},
"isManaged": true
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Delete a DTS root CA certificate
Delete a DTS root CA certificate
Deletes a DTS root CA certificate.
Analytic events
- ECOSYSTEM_DTS_CA_CERTIFICATE_DELETE_START
- ECOSYSTEM_DTS_CA_CERTIFICATE_DELETE_SUCCESS
- ECOSYSTEM_DTS_CA_CERTIFICATE_DELETE_FAIL
DELETE
/v1/ecosystems/certificates/ca/{dtsCaCertificateId}AuthorizationBearer <token>
In: header
Path Parameters
dtsCaCertificateIdstring
Unique identifier of the DTS root CA certificate.
Format
uuidcurl -X DELETE "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca/b0aae560-10e7-4247-8e96-7cdd3578a1e2"Empty
{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Retrieve a DTS root CA certificate Certificate Revocation List (CRL) (public)
Retrieve a DTS root CA certificate revocation list
Retrieves the revocation list for a given DTS root CA certificate.
GET
/v1/ecosystems/certificates/ca/{dtsCaCertificateId}/crlPath Parameters
dtsCaCertificateIdstring
Unique identifier of the DTS root CA certificate.
Format
uuidcurl -X GET "https://example.vii.au01.mattr.global/v1/ecosystems/certificates/ca/b0aae560-10e7-4247-8e96-7cdd3578a1e2/crl""string"{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}How would you rate this page?