Using Session ID for further API calls
The sessionID retrieved using the login API can be used in the header for making further API calls.
In this section, as an example, we are using the session ID with the API call for reissuing a certificate in the async mode.
Before you begin
- The CA setting must be configured in AppViewX for the CA.
- Connectivity to the CA via the chosen setting is working fine.
- Approval is not required: Enable this mode by setting the ‘Certificate Requests Need Approval?’ flag to false in the Certificate Policy.
- Approval is required: If the approval setting in the policy cannot be changed, users can approve specific requests by following the After you are done section.
Request Structure
| Endpoint: | /certificate/action |
| Type: | PUT |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session Id received after
login. Type: String Constraint: Required if username and password are not provided. |
| userName
|
(Mandatory only if sessionID is not provided)
Username that is configured in AppViewX. Type: String |
| password
|
(Mandatory only if sessionID is not provided)
Password of that user. Type: String |
| content-type
|
(Mandatory) Payload content-type with
application/json value. Type: String Constraint: The value must be application/json. |
| gwkey
|
(Mandatory) Tenant Key. This is required only for
multi-tenant installations and can be disregarded for other types of
installations. Type: String |
| gwsource
|
(Mandatory) The source from which the request is
triggered, e.g., external. Type: String |
| Payload
|
Contains all the parameters to be sent in the
request body for the put request. Type: Payload |
Payload
| Name | Description |
|---|---|
| resourceId | (Mandatory) Unique Id of the
certificate. Type: String Constraint: Required if the commonName and serialNumber are not specified. |
| commonName | (Mandatory) Common name of the certificate.
Type: String Constraint: Required if resourceId is not specified. |
| serialNumber | (Mandatory) Serial number of the
certificate. Type: String Constraint: Required if resourceId is not specified. |
| action | (Mandatory) Action name for the
reissue. Type: String Possible values: Reissue |
| reason | (Mandatory) Reason for reissue
request. Type: String |
Response Structure
Response returns string of type application/json with the following body parameters:
| Name | Description |
|---|---|
| response | Contains the response attributes for the reissue request. |
| resourceId
|
Identifier of the certificate record that has been
created. Type: String |
| requestId
|
Work order request Id. Type: String |
| message
|
Success message - Reissue action triggered
successfully. Type: String |
| message | Success message or failure description in case of
error. Type: String |
| appStatusCode | Application specific status code for the response. It is a
non-null value for a failure response. Type: String |
| tags | Additional information in case of failure response. |
Status codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 202 Accepted | null | Reissue action has been triggered successfully |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid Credentials.
Remediation: Ensure that valid username and password or a valid sessionId is provided as header parameters. |
| 404 Not Found | NO_RECORDS_FOUND | No matching records found. Remediation: Check and ensure that the values provided for commonName / serialNumber / resourceId are correct. |
| 400 Bad Request | INVALID_REQUEST | Please give valid common name and serial number or
resourceId. Remediation: Provide a valid commonName and serialNumber or resourceId. |
| 400 Bad Request | INVALID_REQUEST | Please provide a valid action. Remediation: Provide a valid action. |
| 400 Bad Request | MANDATORY_FIELD_MISSING | Mandatory field is missing or invalid -
action. Remediation: Ensure that the action field is available in the request payload. |
| 400 Bad Request | MANDATORY_FIELD_MISSING | Mandatory field is missing or invalid -
reason. Remediation: Ensure that the reason field is available in the request payload. |
| 417 Expectation Failed | OPEN_WORK_ORDERS_FOUND | Since requested certificate's work order is in progress, cannot
initiate another action. Remediation: Trigger the request once the open workOrder for the certificate is completed. |
| 406 Not Acceptable | CERT-VWF-0006 | Life cycle action is unsupported by CA or another work order is
in progress or certificate belongs to read group or is in Monitored
status. Remediation: Ensure the following:
|
Sample Request/Response
{
"commonName":"testcert8g.appviewx.plus",
"serialNumber":"08:BD:54:35:FD:81:AC:A4:45:2B:FC:9F:77:56:FE:2C",
"action":"Reissue",
"reason":"Superseded"
}{
"response": {
"resourceId": "5f51f7312fa95059a12b0aee",
"message": "Reissue action triggered successfully.",
"requestId": "238"
},
"message": "Reissue action has been triggered successfully",
"appStatusCode": null,
"tags": {},
"headers": null
}