User and client digital certificates API
An Access Token is required to authorize all API requests, as explained at the following link:
Retrieve all certificates belonging to a user
Returns a list of active digital certificates for a specific user.
REST service specs:
Method: GET
URL: {viafirma_fortress_url}/api/v1/user/{user_code}/certificate
Security:
Authorization: Bearer {access_token}
where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressuser_code
: user unique identifier, for example11111111H
Note: a user is identified in the platform by a unique code such as id-citizen, email, passport-id, etc.
Sample Request
Method GET
URL: https://fortress.viafirma.com/fortress/api/v1/user/sample_user/certificate
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Sample Response
Response in application/json
format:
[
{
"code": "226ffa94-1f0f-4c43-98aa-c7c8e4ccf657",
"name": "Sample Certificate 01",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1492432672000,
"dateExpired": 1555504674000,
"serialNumber": "1250978750360690486",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIGsTCCBZmgAwIBAgIQESeGCdXLzw9XurB4LNd0BjANBgkq..."
},
{
"code": "014e684e-4751-4850-853c-c90802385a78",
"name": "Sample Certificate 02",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1492517893000,
"dateExpired": 1555504678000,
"serialNumber": "4096319273351924161",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIFTDCCBDSgAwIBAgIIHZer06chPs4wDQYJKoZIhvcNAQEFB..."
},
{
"code": "024v694e-4899-4876-863f-j91872310e70",
"name": "Sample Certificate 03",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1493432678000,
"dateExpired": 1556504679000,
"serialNumber": "2046339272352914110",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIGnTCCBYWgAwIBAgIQTuF2zDNK0C5XVqAhuNMuHjANBgkqhk..."
}
]
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
pem | string | Public key in PEM format |
API Errors
Errors are returned using application/json
format:
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
user_not_found | incorrect or inactive user (HTTP Status: 404) |
Get information about a specific user certificate
Available only for active certificates.
REST service specs:
Method: GET
URL: {viafirma_fortress_url}/api/v1/user/{user_code}/certificate/{certificate_code}
Security:
Authorization: Bearer {access_token}
Where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressuser_code
: user unique identifier, for example11111111H
certificate_code
: unique code of the digital certificate requested
Sample Request
Method: GET
URL: https://fortress.viafirma.com/fortress/api/v1/user/sample_user/certificate/226ffa94-1f0f-4c43-98aa-c7c8e4ccf657
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Sample Response
Response in application/json
format:
[
{
"code": "226ffa94-1f0f-4c43-98aa-c7c8e4ccf657",
"name": "Sample Certificate 01",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1492432672000,
"dateExpired": 1555504674000,
"serialNumber": "1250978750360690486",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIGsTCCBZmgAwIBAgIQESeGCdXLzw9XurB4LNd0BjANBgkq..."
}
]
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
pem | string | Public key in PEM format |
API errors
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
user_not_found | incorrect or inactive user (HTTP Status: 404) |
certificate_not_found | incorrect or inactive digital certificate (HTTP Status: 404) |
Retrieve all certificates belonging to a system client
Returns a list of active digital certificates for a specific system client.
REST service specs:
Method: GET
URL: {viafirma_fortress_url}/api/v1/client/{client_id}/certificate
Security:
Authorization: Bearer {access_token}
where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressclient_id
: System client unique identifier, for examplesample_client
Sample Request
Method GET
URL: https://fortress.viafirma.com/fortress/api/v1/client/sample_user/certificate
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Sample Response
Response in application/json
format:
[
{
"code": "226ffa94-1f0f-4c43-98aa-c7c8e4ccf657",
"name": "Sample Certificate 01",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1492432672000,
"dateExpired": 1555504674000,
"serialNumber": "1250978750360690486",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIGsTCCBZmgAwIBAgIQESeGCdXLzw9XurB4LNd0BjANBgkq...",
"delegated": false,
"level": "MEDIUM"
},
{
"code": "014e684e-4751-4850-853c-c90802385a78",
"name": "Sample Certificate 02",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1492517893000,
"dateExpired": 1555504678000,
"serialNumber": "4096319273351924161",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIFTDCCBDSgAwIBAgIIHZer06chPs4wDQYJKoZIhvcNAQEFB...",
"delegated": false,
"level": "MEDIUM"
},
{
"code": "024v694e-4899-4876-863f-j91872310e70",
"name": "Sample Certificate 03",
"description": "Lorem ipsum dolor sit amet",
"dateIssued": 1493432678000,
"dateExpired": 1556504679000,
"serialNumber": "2046339272352914110",
"issuer": "Certificate Authority info",
"subject": "SERIALNUMBER=11111111H, GIVENNAME=JHON, SURNAME=DOE, C=ES",
"pem": "MIIGnTCCBYWgAwIBAgIQTuF2zDNK0C5XVqAhuNMuHjANBgkqhk...",
"delegated": false,
"level": "MEDIUM"
}
]
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
issuerMap | object | Issuer attributes |
subjectMap | object | Subject attributes |
delegated | boolean | Delegated certificate indicator |
pem | string | Public key in PEM format |
level | string | Certificate protection level |
API Errors
Errors are returned using application/json
format:
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
client_not_found | incorrect or inactive client (HTTP Status: 404) |
Get information about a specific client certificate
Available only for active certificates.
REST service specs:
Method: GET
URL: {viafirma_fortress_url}/api/v1/client/{client_id}/certificate/{certificate_code}
Security:
Authorization: Bearer {access_token}
Where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressclient_id
: client unique identifiercertificate_code
: unique code of the digital certificate requested
Sample Request
Method: GET
URL: https://fortress.viafirma.com/fortress/api/v1/client/sample_client/certificate/226ffa94-1f0f-4c43-98aa-c7c8e4ccf657
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Sample Response
Response in application/json
format:
{
"code": "08d87ff2ed124a8bb7b323cbfb889e9e",
"dateIssued": 1555495728000,
"dateExpired": 1618567728000,
"serialNumber": "228897951488527728794",
"issuer": "C=DO, L=WWW.AVANSI.COM.DO, O=AVANSI S.R.L. - RNC 130222509, CN=TESTAVANSI CERTIFICADOS DIGITALES ",
"subject": "OID.1.3.6.1.4.1.27395.8.1=CERTIFICADO DE PERSONA INDIVIDUAL, CN=LUCAS MORA PRIETO, SERIALNUMBER = 94967442 M, GIVENNAME = LUCAS, SURNAME = MORA PRIETO, C = DO ",
"issuerMap": {
"C": "DO",
"CN": "TEST AVANSI CERTIFICADOS DIGITALES",
"L": "WWW.AVANSI.COM.DO",
"O": "AVANSI S.R.L. - RNC 130222509"
},
"subjectMap": {
"SURNAME": "MORA PRIETO",
"C": "DO",
"SERIALNUMBER": "94967442M",
"1.3.6.1.4.1.27395.8.1": "CERTIFICADO DE PERSONA INDIVIDUAL",
"CN": "LUCAS MORA PRIETO",
"GIVENNAME": "LUCAS"
},
"pem": "MIIFWjCCBEKgAwIBAgI...",
"delegated": false,
"level": "MEDIUM"
}
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
issuerMap | object | Issuer attributes |
subjectMap | object | Subject attributes |
delegated | boolean | Delegated certificate indicator |
pem | string | Public key in PEM format |
level | string | Certificate protection level |
API errors
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
client_not_found | incorrect or inactive client (HTTP Status: 404) |
certificate_not_found | incorrect or inactive digital certificate (HTTP Status: 404) |
Signing of new client certificates
This service allows registering a new certificate and associating it with a client system.
REST service specs:
Method: POST
URL: `{viafirma_fortress_url}/api/v1/client/{client_id}/certificate
Where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressclient_id
: client unique identifier
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Example:
Method POST
URL: https://fortress.viafirma.com/fortress/api/v1/client/sample_client/certificate
Security Header: Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Service parameters
This service receives by parameters the configuration of the certificate to be signed:
The parameters that are received (in application / json
format) have the following form:
{
"keystore": "MIIZXwIBAzCCGRgGCSq...",
"password": "123456"
}
Where:
Parameter | Type | Description |
---|---|---|
code | string | [OPTIONAL] Code to associate the certificate, if not reported Fortress generates one |
description | string | [OPTIONAL] Description associated with the certificate |
keystore | string | Content of keystore in PKCS#12 format encoded in Base64 |
password | string | Password of the keystore |
alias | string | [OPTIONAL] Alias of the certificate within the keystore, only required if the keystore stores more than one certificate |
Service response
The response of this service will be given (in application / json
format) with the certificate data in the same format as the query service of a certificate of a client system.
{
"code": "08d87ff2ed124a8bb7b323cbfb889e9e",
"dateIssued": 1555495728000,
"dateExpired": 1618567728000,
"serialNumber": "228897951488527728794",
"issuer": "C=DO, L=WWW.AVANSI.COM.DO, O=AVANSI S.R.L. - RNC 130222509, CN=TESTAVANSI CERTIFICADOS DIGITALES ",
"subject": "OID.1.3.6.1.4.1.27395.8.1=CERTIFICADO DE PERSONA INDIVIDUAL, CN=LUCAS MORA PRIETO, SERIALNUMBER = 94967442 M, GIVENNAME = LUCAS, SURNAME = MORA PRIETO, C = DO ",
"issuerMap": {
"C": "DO",
"CN": "TEST AVANSI CERTIFICADOS DIGITALES",
"L": "WWW.AVANSI.COM.DO",
"O": "AVANSI S.R.L. - RNC 130222509"
},
"subjectMap": {
"SURNAME": "MORA PRIETO",
"C": "DO",
"SERIALNUMBER": "94967442M",
"1.3.6.1.4.1.27395.8.1": "CERTIFICADO DE PERSONA INDIVIDUAL",
"CN": "LUCAS MORA PRIETO",
"GIVENNAME": "LUCAS"
},
"pem": "MIIFWjCCBEKgAwIBAgI...",
"delegated": false,
"level": "MEDIUM"
}
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
issuerMap | object | Issuer attributes |
subjectMap | object | Subject attributes |
delegated | boolean | Delegated certificate indicator |
pem | string | Public key in PEM format |
level | string | Certificate protection level |
API errors
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
client_not_found | incorrect or inactive client (HTTP Status: 404) |
invalid_keystore | The keystore is not in PKCS#12 format or the password is incorrect (HTTP Status: 404) |
invalid_alias | The certificate with the specified alias was not found within the keystore, or there are several certificates and the alias has not been specified (HTTP Status: 404) |
certificate_already_exists | The certificate is already associated with the client system (HTTP Status: 404) |
expired_certificate | The certificate has expired (HTTP Status: 404) |
revoked_certificate | The certificate is revoked (HTTP Status: 404) |
not_trusted_certificate | Some of the certificates in the chain can not be found in the trust store (HTTP Status: 404) |
certificate_validation | An error occurred while validating the certificate (HTTP Status: 404) |
Deleting client certificates
This service allows you to eliminate certificates associated with a client system.
REST service specs:
Method: DELETE
URL: `{viafirma_fortress_url}/api/v1/client/{client_id}/certificate/{certificate_code}
Where:
viafirma_fortress_url
: URL of the Fortress implementation, for example https://sandbox.viafirma.com/fortress or https://fortress.viafirma.com/fortressclient_id
: client unique identifiercertificate_code
: unique code of the digital certificate requested
Security Header:Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42
Example:
Method DELETE
URL: https://fortress.viafirma.com/fortress/api/v1/client/sample_client/certificate/08d87ff2ed124a8bb7b323cbfb889e9e
Security Header:
Authorization: Bearer 0b79bab50daca910b000d4f1a2b675d604257e42`
Service response
The response of this service will be given (in application / json
format) with the certificate data in the same format as the query service of a certificate of a client system.
{
"code": "08d87ff2ed124a8bb7b323cbfb889e9e",
"dateIssued": 1555495728000,
"dateExpired": 1618567728000,
"serialNumber": "228897951488527728794",
"issuer": "C=DO, L=WWW.AVANSI.COM.DO, O=AVANSI S.R.L. - RNC 130222509, CN=TESTAVANSI CERTIFICADOS DIGITALES ",
"subject": "OID.1.3.6.1.4.1.27395.8.1=CERTIFICADO DE PERSONA INDIVIDUAL, CN=LUCAS MORA PRIETO, SERIALNUMBER = 94967442 M, GIVENNAME = LUCAS, SURNAME = MORA PRIETO, C = DO ",
"issuerMap": {
"C": "DO",
"CN": "TEST AVANSI CERTIFICADOS DIGITALES",
"L": "WWW.AVANSI.COM.DO",
"O": "AVANSI S.R.L. - RNC 130222509"
},
"subjectMap": {
"SURNAME": "MORA PRIETO",
"C": "DO",
"SERIALNUMBER": "94967442M",
"1.3.6.1.4.1.27395.8.1": "CERTIFICADO DE PERSONA INDIVIDUAL",
"CN": "LUCAS MORA PRIETO",
"GIVENNAME": "LUCAS"
},
"pem": "MIIFWjCCBEKgAwIBAgI...",
"delegated": false,
"level": "MEDIUM"
}
where:
Param | Type | Desc |
---|---|---|
code | string | Digital certificate unique code |
name | string | Name |
description | string | Description |
dateIssued | string | Date issued in milliseconds format |
dateExpired | string | Date expired in milliseconds format |
serialNumber | string | Serial number |
issuer | string | Issuer (Certificate Authority) |
subject | string | Subject |
issuerMap | object | Issuer attributes |
subjectMap | object | Subject attributes |
delegated | boolean | Delegated certificate indicator |
pem | string | Public key in PEM format |
level | string | Certificate protection level |
API errors
{
"error": "error_code",
"error_description": "error_description"
}
Where:
Param | Type | Desc |
---|---|---|
error | string | error description |
error_description | string | error description |
Errors:
Error code | Error |
---|---|
invalid_token | invalid access_token (HTTP Status: 401) |
client_not_found | incorrect or inactive client (HTTP Status: 404) |
certificate_not_found | incorrect or inactive digital certificate (HTTP Status: 404) |
results matching ""
No results matching ""