members
domains
builders
certificates
- GETGet a list of current Certificates
- POSTAdd a new certificate
- GETDownload the Sutro root CA certificate
- POSTRequest a certificate
- GETGet a Certificate's details
- DELDelete a Certificate
- DELBatch unassign JWT issuers from a certificate
- POSTSet the Certificate used for verifying tokens from the Customer
- GETGet the list of accepted token issuers
- POSTAdd an accepted token issuer
- DELRemove an accepted token issuer
curl --request POST \
--url https://api.example.com/initialization \
--header 'Content-Type: application/json' \
--data '
{
"commonName": "<string>",
"jwtIssuer": "<string>",
"countryName": "US",
"organizationName": "<string>"
}
'{
"certificate": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"content": "<string>",
"issuerName": "<string>",
"subjectName": "<string>",
"valid": {
"before": "2023-11-07T05:31:56Z",
"after": "2023-11-07T05:31:56Z"
}
},
"privateKey": "<string>",
"tokenIssuer": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"issuer": "<string>"
},
"apiClientIdentifier": "<string>"
}Perform initial setup of platform for your organization
curl --request POST \
--url https://api.example.com/initialization \
--header 'Content-Type: application/json' \
--data '
{
"commonName": "<string>",
"jwtIssuer": "<string>",
"countryName": "US",
"organizationName": "<string>"
}
'{
"certificate": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"content": "<string>",
"issuerName": "<string>",
"subjectName": "<string>",
"valid": {
"before": "2023-11-07T05:31:56Z",
"after": "2023-11-07T05:31:56Z"
}
},
"privateKey": "<string>",
"tokenIssuer": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"issuer": "<string>"
},
"apiClientIdentifier": "<string>"
}Body
The Common Name (CN) field for the TLS certificate that we will generate for you
We recommend a useful short name, such as "mTLS certificate for communication with Sutro"; this will help you identify this Certificate's purpose in your secure storage system.
The string that you will use in the iss claim in JWTs that you generate for your Builders
A two-character country code that follows ISO-3166; this is added to the certificate that we generate for you.
See https://www.ssl.com/country-codes/ for a list of supported values.
This is an optional field that can be added to the certificate that we generate for you that indicates the name of your organization.
Response
The generated certificate, token issuer and private key
Show child attributes
Show child attributes
The private key that can be used for signing JWTs and securing requests.
This will only be provided this one time, so it should be stored somewhere securely
A Token Issuer generates JWTs to demonstrate the identity of a requester and their authority to perform a request
Show child attributes
Show child attributes
A string identifier to include with Builder requests to identify the requesting API client
Was this page helpful?