Fetch Single Certificate Discovery

This API is used to list a specific discovery.

Before you begin

The user should have the ACF permission to view the certificate discovery.

Request Structure


Endpoint:	/certificate/discovery/instance?discoveryName=<name>
Type:	GET
Sample URL:	`https://<IP/HostName/TenantName>:<GWPORT>/avxapi/certificate/discovery/instance?discoveryName=<name>&gwsource=external` To understand the elements of the sample URL, click here.
Headers
Content-Type:	application/json

Table 1. Input Parameters
Name	Description
sessionId `Header`	(Mandatory) Session ID received after login. Type: String Constraints: Required if username and password are not provided.
userName `Header`	(Mandatory) Username that is configured in AppViewX. Type: String
password `Header`	(Mandatory) Password of that user. Type: String
content-type `Header`	(Mandatory) Payload content-type with application/json value. Type: String Constraint: The value must be application/json.
gwsource `Query`	(Mandatory) The source from which the request is triggered, e.g., external. Type: String

Response Structure

Response returns string of type application/json with the following body parameters:

Table 2. Parameters
Name	Description
response	Contains the response attributes.
id `response`	Unique identifier for the discovery object. Type: String
name `response`	Name of the discovery instance. Type: String
type `response`	Type of discovery such as e.g.: On-demand, Scheduled, Managed. Type: String
source `response`	Source of the discovery eg: IP range, Upload, etc. Type: String
syncStatus `response`	Status indicating whether the certificate is managed or monitored. Type: String
groupName `response`	Group name of the discovery instance under which it is categorized. Type: String
dicoverCount `response`	Count of discovered certificates. Type: Integer
passwordCertCount`response`	Count of certificates that are protected by a password. Type: Integer
encryptedPrivateKeyCount `response`	Count of certificates with encrypted private keys. Type: Integer
mergedCount `response`	Total number of merged certificates during the discovery process. Type: Integer
status `response`	Overall status of the discovery instance. Eg: success, failure or in-progress Type: String
statusMessage `response`	Message providing additional information about the status of the discovery process. Type: String
passiveMode `response`	X Type: Boolean (true/false)
startTime `response`	Time when the discovery instance was initiated (DD/MM/YY HH:MM). Type: Date/time
endTime `response`	Time when the discovery completed (DD/MM/YY HH:MM). Type: Date/time
associatedRule `response`	Discovery rule associated with the discovery instance. Type: String
discoverAllCerts `response`	Determines if all certificates were discovered. Type: Boolean (true/false)
customDirectoryNames `response`	Custom directory names specified for the discovery instance. Type: String
totalCertCount `response`	Total number of certificates discovered in the instance. Type: Integer
filters `response`	Specifies the criteria for simplifying the discovery process. Type: Object
startDate `response.filters`	Start date for filtering the discovery instance. Type: Date/time
endDate `response.filters`	End date for filtering the discovery instance. Type: Date/time
discoverBy `response.filters`	Method or criteria used to discover the certificates. Type: String
caNames `response.filters`	List of Certificate Authority names from which certificates are discovered (If discoverBy field value is CA). Type: List of String
regions `response.filters`	Regions considered during the discovery process. Type: List of String
vendorSpecificConditions `response.filters`	Conditions specific to the vendor for the discovery process. Type: Object
certStatus `response.filters.vendorSpecificConditions`	List of certificate statuses to filter by. Type: List of String
certTypes `response.filters.vendorSpecificConditions`	List of certificate types to filter by. Type: List of String
message	Displays the number of records found if success or a failure message. Type: String
appStatusCode	Application specific status code for the response. It is a non-null value for a failure response. Type: String
tags	Additional information in case of failure response.
headers	HTTP headers associated with the response. Type: String

Status Codes


HTTP Code	appStatusCode	Response Message
202 Accepted	NA	Accepted.
400 Bad Request	ERR_DISC_DISCOVERY_HISTORY_RETRIVAL	Error while retrieving discovery history. Remediation: Discovery name passed in the request should be present in the database.
400 Bad Request	NO_RECORDS_FOUND	No matching records found. Remediation: Discovery name passed in the request should be present in the system.
417 Expectation failed	MANDATORY_QUERY_PARAM_MISSING	Mandatory query param is missing or invalid. Remediation: The parameter <discoveryName> must be present in the URL request.
417 Expectation failed	CERT-FV-001	Invalid query param found for discoveryName. Remediation: The discoveryName value should be a minimum of 2 characters.
500 Internal Server Error	avx-common-011	Error while processing.

Sample Request/Response

Request Payload

No payload for GET request.

Response

{
    "response": {
        "id": "666156a4afa237151d466af7",
        "name": "googleCAScan",
        "type": "ONDEMAND",
        "source": "Certificate Authorities",
        "syncStatus": "Managed",
        "groupName": "Default",
        "discoverCount": 0,
        "passwordCertCount": 0,
        "encryptedPrivateKeyCount": 0,
        "mergedCount": 9661,
        "status": "Success",
        "statusMessage": "Discovery Completed Successfully",
        "passiveMode": false,
        "startTime": "06/06/24 06:26:44",
        "endTime": "06/06/24 06:39:37",
        "associatedRule": "",
        "discoverAllCerts": true,
        "customDirectoryNames": null,
        "totalCertCount": 9661,
        "filters": {
            "startDate": 0,
            "endDate": 0,
            "discoverBy": "CA",
            "caNames": [
                "us-east1:Google-External-CA",
                "us-east1:SplunkLab"
            ],
            "regions": null,
            "vendorSpecificConditions": {
                "certStatus": [],
                "certTypes": []
            }
        }
    },
    "message": "Summary view fetched successfully with discovery name.",
    "appStatusCode": null,
    "tags": {},
    "headers": null
}

References

Understanding the sample URL

IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication
  The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host) on a network
  The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify
  The tenant name will be included in the endpoint URL for a SaaS deployment.
GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
avxapi: Path parameter value (static) that is part of the endpoint's URL
Endpoint: Endpoint of the API, for example: execute-hook
gwsource: Source or origin of a gateway, for example: external.