Add a key or create a new certificate for the given software statement

POST /organisations/{OrganisationId}/softwarestatements/{SoftwareStatementId}/certificates/{SoftwareStatementCertificateOrKeyType}
oAuth

Headers

  • x-fapi-auth-date string

    The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC

    Format should match the following pattern: ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$.

  • x-fapi-customer-ip-address string

    The PSU's IP address if the PSU is currently logged in with the TPP.

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

  • x-customer-user-agent string

    Indicates the user-agent that the PSU is using.

Path parameters

  • OrganisationId string Required

    The organisation ID

    Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

  • SoftwareStatementId string Required

    The software statement ID

    Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

  • SoftwareStatementCertificateOrKeyType string Required

    The certificate or key type that can be associated with a software statement

    Values are rtstransport, rtssigning, sigkey, enckey, brcac, brcac_ext, or brcac_2022. Default value is rtssigning.

application/x-pem-file

Body Required

string string

Format should match the following pattern: ^[^<>]*$.

Responses

  • 201 application/jwk+json

    A certificate object

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

    Hide response attributes Show response attributes object
    • ClientName string

      Maximum length is 40.

    • ExpiryDateTime string

      Maximum length is 30.

    • JwkPath string

      Used to display path to JWKS containing this certificate

      Maximum length is 255.

    • OrgJwkPath string

      Used to display path to Org JWKS containing org certificates

      Maximum length is 255.

    • OrganisationId string

      Unique ID associated with the organisation

      Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

    • RevokedDateTime string

      Maximum length is 30.

    • SignedCertPath string

      Used to display location of the signed certificate in PEM format

      Maximum length is 255.

    • SoftwareStatementIds array[string]

      Unique Software Statement Id

      Maximum length of each is 40. Format of each should match the following pattern: ^[^<>]*$.

    • Status string

      Maximum length is 40.

    • ValidFromDateTime string

      Maximum length is 30.

    • e string

      Maximum length is 255.

    • keyType string

      Maximum length is 255.

    • kid string

      Maximum length is 255.

    • kty string

      Maximum length is 255.

    • n string

      Maximum length is 255.

    • use string

      Maximum length is 255.

    • x5c array[string]

      A PKIX certificate [RFC5280]

      Maximum length of each is 255.

    • x5t string

      Maximum length is 255.

    • x5thashS256 string

      Maximum length is 255.

    • x5u string

      Maximum length is 255.
  • 400 application/json

    Bad Request

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

    Hide response attribute Show response attribute object
    • errors array[string]

      Validation Error messages
  • 401

    Unauthorized

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  • 403

    Forbidden

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  • 429

    Too many requests, maximum capacity reached. Requests are now throttled.

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  • 500

    Internal Server Error

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  • 502

    Bad Gateway

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  • 504

    Upstream timeout, insufficient capacity to serve request. More capacity being brought online. Please try again.

    Hide headers attribute Show headers attribute
    • x-fapi-interaction-id string

      An RFC4122 UID used as a correlation id.

      Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

POST /organisations/{OrganisationId}/softwarestatements/{SoftwareStatementId}/certificates/{SoftwareStatementCertificateOrKeyType} 
curl \
 -X POST https://matls-api.sandbox.raidiam.io/organisations/{OrganisationId}/softwarestatements/{SoftwareStatementId}/certificates/{SoftwareStatementCertificateOrKeyType} \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/x-pem-file" \
 -H "x-fapi-auth-date: string" \
 -H "x-fapi-customer-ip-address: string" \
 -H "x-fapi-interaction-id: string" \
 -H "x-customer-user-agent: string"
Response examples (201) 
# Headers
x-fapi-interaction-id: 73cac523-d3ae-2289-b106-330a6218710d

# Payload
{
  "ClientName": "string",
  "ExpiryDateTime": "string",
  "JwkPath": "string",
  "OrgJwkPath": "string",
  "OrganisationId": "string",
  "RevokedDateTime": "string",
  "SignedCertPath": "string",
  "SoftwareStatementIds": [
    "string"
  ],
  "Status": "string",
  "ValidFromDateTime": "string",
  "e": "string",
  "keyType": "string",
  "kid": "string",
  "kty": "string",
  "n": "string",
  "use": "string",
  "x5c": [
    "string"
  ],
  "x5t": "string",
  "x5thashS256": "string",
  "x5u": "string"
}
Response examples (400) 
# Headers
x-fapi-interaction-id: 73cac523-d3ae-2289-b106-330a6218710d

# Payload
{
  "errors": [
    "string"
  ]
}