You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Purpose

A set of API functions allows you to manage devices (tokens, smart cards) by means of client applications.

Usage

Access to API functions is implemented through the icmapi web application, which is part of the Indeed Certificate Manager server. To interact with Indeed CM through the API, in the Roles section of the Indeed CM configuration, you will need to create a service role, include the account on whose behalf the API will be accessed, and define privileges for the role:

  • Get smart cards
  • Revoke smart cards
  • Disable smart cards
  • Enable smart cards
  • Update smart cards

1. GetCards - get a list of user's smart cards.

Request type:

    • GET

Parameter:

    • Name - username in UPN format (user principal name)

Return values (CardInfo object list):

    • id - smart card identifier
    • serialNumber - smart card serial number
    • atr - ATR smart cards
    • label - smart card label
    • state - smart card state
    • pacNumber - smart card HID label

Example:

http://localhost/icmapi/user/getcards?name=user1

2. Revoke - withdraw user card.

Request type:

    • POST

Parameters:

    • id - smart card identifier
    • reason - smart card revoke reason:

      – 0 - none
      – 1 - broken
      – 2 - lost
      – 3 - upgrade
      – 4 - expired
      – 5 - withdraw
      – 6 - user removed

Return values:

    • not

Example:

http://localhost/icmapi/card/revoke?id=id1

Request body:

    • Smart card revoke reason - for example, { reason: 5 }

3. Disable - temporarily disable the user's smart card.

Request type:

    • POST

Parameter:

    • id - smart card identifier

Return values:

    • not

Example:

http://localhost/icmapi/card/disable?id=id1

4. Enable - enable the user's smart card.

Request type:

    • POST

Parameter:

    • id - smart card identifier

Return values:

    • not

Example:

http://localhost/icmapi/card/enable?id=id1

5. Preupdate - revoke irrelevant user certificate.

The Preupdate method is required when changing smart card usage policy. If the issued certificate is not supported in the new policy, it will be deleted.

The Preupdate method cannot be performed on a smart card that is disabled, assigned, revoked, and pending issue or update.

Request type:

    • POST

Parameter:

    • id -  smart card identifier

Return values:

    • not

Example:

http://localhost/icmapi/card/preupdate?id=id1


  • No labels