List Certificate Groups

This API is used to fetch the list of certificate groups the specified user has access to.

Before you Begin

  • The user should have the following ACF permissions:
    • CERT+ > Group
    • Policy > Group >View Group

Request Structure

Endpoint: certificategroup/list
Type: POST
Sample URL: 
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/certificategroup/list?gwsource=external

To understand the elements of the sample URL, click here.
Headers
Content-Type: application/json
Table 1. Input Parameters
Name Description
sessionId

Header

 (Mandatory if username and password are not provided) Session ID received after login

Type: String

Constraint: Required if username and password are not provided.
username

Header

 (Mandatory only if sessionID is not provided) Username for logging in to AppViewX

Type: String
password

Header

 (Mandatory only if sessionID is not provided) Password for logging in to AppViewX

Type: String
content-type

Header

 (Mandatory) Payload content-type with application/json value.

Type: String

Constraint: The value must be application/json.
gwsource

Query

 (Mandatory) The source from which the request is triggered, e.g., external.

Type: String
Payload

Body

 Contains all the parameters to be sent in the request body for the put request.

Type: Payload

Payload

Table 2. Payload
Name Description
nextPageToken (Optional; not required for fetching the first set of results) Reference point for fetching the subsequent set of certificate groups the user has access to

The certificategroup/list API fetches only a limited set of results on each execution. The nextPageToken paramter is used as a reference point to continue fetching the next set of results.

The nextPageToken value returned in the API's response can be used in the next request payload.

Type: String
searchOptions (Optional) Additional criteria to filter the search results

Type: searchOptions
Table 3. searchOptions
Name Description
limit (Optional) Number of records to be fetched in the response

Type: Integer

Default value: 100

Constraints: The value should be a valid integer <= 1000. If limit > 1000, the value is capped at 1000.

Response Structure

Response returns string of type application/json with the following body parameters:

Table 4. Parameters
Name Description
response Contains the response attributes

Type: response
message Success message or failure description in case of error.

Type: String
appStatusCode Application specific status code for the response. It is a non-null value for a failure response.

Type: String
tags Additional information in case of failure response.
Table 5. Response
Name Description
data Details of the certificate groups the user has access to
name

data

 Name of the certificate group
displayName

data

 User friendly name assigned to the certificate group
description

data

 Additional details related to the certificate group
appID

data

 Organization ID associated with the certificate group
policyName

data

 Certificate policy associated with the group
appPolicyName

data
permission

data

 Access permissions assigned to the certificate group
groupBusinessInfo

data

 Details of the business unit associated with the certificate group
contactName

groupBusinessInfo

 Contact of the associated business unit's contact person
firstName

groupBusinessInfo

 First name of the associated business unit's contact person
lastName

groupBusinessInfo

 Last name of the associated business unit's contact person
phoneNumber

groupBusinessInfo

 Phone number of the associated business unit's contact person
lobName

groupBusinessInfo

 Name of the business unit associated with the certificate group
costCenter

groupBusinessInfo

 Code/label of the cost center associated with the certificate group
environmentName

groupBusinessInfo

 Business unit environment associated with the certificate group
inventoryNumber

groupBusinessInfo

 Inventory tracking number for the certificate group
email

groupBusinessInfo

 Email address of the associated business unit's contact person
keywordSet

data

 Keywords associated with the listed certificate group
groupLevelCertConfig

data

 Configuration details for the certificates that will be associated with the group
autoPushNeededAfterRenewReissue

groupLevelCertConfig

 Indicates if certificates associated with this group will be automatically pushed after they are renewed/reissued
isGroupOverrideEnabled

groupLevelCertConfig

 Indicates if the group level settings for auto renewal/regeneration will override the certificate level settings
appConnectorSyncStatusListToDelete

groupLevelCertConfig

 List of application connectors to be deleted
autoRenewConfig

groupLevelCertConfig

 Specifies the auto renewal-related configuration details for this certificate group
renewBefore

autoRenewConfig

 For the certificates associated with this group, indicates how many days prior to a certificate's expiry the renewal process will start
autoRenewal

autoRenewConfig

 Indicates if auto renewal is enabled for the certificates associated with this group
manuallyTriggered

autoRenewConfig

 Specifies if the renewal process requires manual triggering
approvalRequiredForAutoRenew

autoRenewConfig

 Indicates if approval is required before certificate renewal is triggered
autoRegenerateConfig

groupLevelCertConfig

 Indicates the auto regeneration-related configuration details for this certificate group
reportingTo

data

 Indicates the business entity this certificate group reports to
reportingPath

data

 Indicates the group hierarchy structure
updateChild

data

 Indicates if child groups have to be updated
reportedBy

data

 Gives information about who reported this group
deleteRestricted

data

 Indicates if this certificate group can be deleted
_id

data

 Unique identifier assigned to the certificate group
nextPageToken A continuation token for fetching the next batch of certificate groups

Status Codes

HTTP Code appStatusCode Response Message
200 OK null List of certificate groups fetched successfully
401 Unauthorized AVX_GW_003 Authentication failed, reason - Invalid Credentials.

Remediation: Ensure that valid username and password or a valid sessionId is provided as header parameters.
400 Bad Request VALIDATION_ERROR_0004 Invalid nextPageToken

Remediation: Invalid nextPageToken. Please ensure the correct nextPageToken is sent.
403 Forbidden AVX_GW_005 User does not have access to the targeted API
Remediation:
  • Ensure that the given user has the proper ACF permissions to add comments to the respective certificates.
  • For the respective role mapped to the user check under - CERT+> > Groups and Policy > Group > View Group.

Sample Request/Response

Request Payload (initial request)
{
"searchOptions" :{"limit":1000}
}
Request Payload (subsequent requests)
{
"searchOptions" :{"limit":1000},
       "nextPageToken":"5422a5c96eeec10c12e3f7be"
}
Response
{
   "response": {
       "data": [
           {
               "name": "Certificate-Gateway",
               "displayName": null,
               "description": "",
               "appId": "",
               "policyName": "Certificate-Gateway",
               "appPolicyName": null,
               "permission": "RW",
               "groupBusinessInfo": {
                   "contactName": "",
                   "firstName": null,
                   "lastName": null,
                   "phoneNumber": "",
                   "lobName": "",
                   "costCenter": "",
                   "environmentName": "",
                   "inventoryNumber": "",
                   "email": ""
               },
               "keywordSet": [
                   "Certificate-Gateway"
               ],
               "groupLevelCertConfig": {
                   "autoPushNeededAfterRenewReissue": true,
                   "isGroupOverrideEnabled": false,
                   "appConnectorSyncStatusListToDelete": [],
                   "autoRenewConfig": {
                       "renewBefore": 20,
                       "autoRenewal": true,
                       "manuallyTriggered": false,
                       "approvalRequiredForAutoRenew": false
                   },
                   "autoRegenerateConfig": null
               },
               "reportingTo": "Default",
               "reportingPath": "Default:@:Certificate-Gateway",
               "updateChild": false,
               "reportedBy": null,
               "deleteRestricted": false,
               "_id": "5bac87e10b3e1937a4bb7abe"
           }
       ],
       "nextPageToken": "5bac87e10b3e1937a4bb7abe"
   },
   "message": null,
   "appStatusCode": null,
   "tags": {},
   "headers": null
}

References

Understanding the sample URL
  • IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
    • IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication

      The IP address will be included in the endpoint URL for an on-prem deployment.

    • HostName: A human-readable label assigned to a device (host) on a network

      The hostname will be included in the endpoint URL for an on-prem deployment.

    • TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify

      The tenant name will be included in the endpoint URL for a SaaS deployment.

  • GWPORT: AppViewX gateway port

    A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.

    Example: 31443

  • avxapi: Path parameter value (static) that is part of the endpoint's URL
  • Endpoint: Endpoint of the API, for example: execute-hook
  • gwsource: Source or origin of a gateway, for example: external.