Skip to main content

πŸ”— API Endpoints

The SecTrail CM API provides various endpoints to automate your certificate management operations. For detailed documentation of all endpoints, you can use the Swagger interface:

https://your-sectrailcm-server/documentation

Primary Use Cases​

1. Certificate Signing​

You can perform certificate signing operations in various formats through the API:

Supported Signing Types:

  • CSR (Certificate Signing Request) signing
  • Self-Signed certificate creation
  • Template-based certificate generation
  • JKS (Java KeyStore) format certificate creation

Endpoint:

POST /api/generate
info

For certificate signing operations, the operation type is determined using the requestType parameter. Please review the Swagger documentation for a detailed parameter list.

2. Certificate Upload and Distribution​

You can automatically distribute your certificates to target servers and devices through the API:

Features:

  • Distribution to multiple target devices (F5, Apache, Nginx, IIS, etc.)
  • Virtual host-based distribution
  • Scheduled distribution support
  • Retry mechanism for failed distributions
  • Distribution status querying and monitoring

Endpoint:

POST /api/deployment

3. Discovery List Management​

You can manage your discovery lists in bulk through the API:

Features:

  • Discovery list creation
  • Bulk domain/IP addition
  • Querying discovery results
  • Scheduling discovery plans

Endpoint:

POST /api/discoverList

4. Certificate Inventory​

You can query certificates in the inventory and retrieve their information:

Features:

  • Retrieving bulk certificate list
  • Viewing certificate details
  • Querying certificate status

Endpoint:

POST /api/getCertificates

API Usage Examples​

Authentication​

You must use an authentication token in all API requests:

curl -X POST https://your-sectrailcm-server/api/endpoint \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"key": "value"}'

Error Handling​

The API uses standard HTTP status codes:

  • 200 OK - Request successful
  • 201 Created - Resource created
  • 400 Bad Request - Invalid request
  • 401 Unauthorized - Authentication error
  • 403 Forbidden - Authorization error
  • 404 Not Found - Resource not found
  • 500 Internal Server Error - Server error

Swagger Documentation​

Use the Swagger interface for detailed descriptions of all endpoints, parameter definitions, and example request/response structures:

https://your-sectrailcm-server/documentation

Through the Swagger interface, you can:

  • Explore all endpoints
  • View request/response schemas
  • Test API calls interactively
tip

You can use the "Try it out" feature in the Swagger documentation to test your API calls directly and see the results.