A set of API functions allows you to manage devices (tokens, smart cards) by means of client applications.
Access to API functions is implemented through the icmapi web application, which is part of the Indeed Certificate Manager server. To interact with Indeed CM through the API, in the Roles section of the Indeed CM configuration, you will need to create a service role, include the account on whose behalf the API will be accessed, and define privileges for the role:
1. GetCards - get a list of user's smart cards.
Request type:
Parameter:
Return values (CardInfo object list):
http://localhost/icmapi/user/getcards?name=user1 |
2. Revoke - withdraw user card.
Request type:
Parameters:
reason - smart card revoke reason:
– 0 - none
– 1 - broken
– 2 - lost
– 3 - upgrade
– 4 - expired
– 5 - withdraw
– 6 - user removed
Return values:
http://localhost/icmapi/card/revoke?id=id1 |
Request body:
3. Disable - temporarily disable the user's smart card.
Request type:
Parameter:
Return values:
http://localhost/icmapi/card/disable?id=id1 |
4. Enable - enable the user's smart card.
Request type:
Parameter:
Return values:
http://localhost/icmapi/card/enable?id=id1 |
5. Preupdate - revoke irrelevant user certificate.
The Preupdate method is required when changing smart card usage policy. If the issued certificate is not supported in the new policy, it will be deleted. The Preupdate method cannot be performed on a smart card that is disabled, assigned, revoked, and pending issue or update. |
Request type:
Parameter:
Return values:
http://localhost/icmapi/card/preupdate?id=id1 |