All URIs are relative to https://subdomain.okta.com
| Method | HTTP request | Description |
|---|---|---|
| CloneApplicationKey | POST /api/v1/apps/{appId}/credentials/keys/{keyId}/clone | Clone a key credential |
| GenerateApplicationKey | POST /api/v1/apps/{appId}/credentials/keys/generate | Generate a key credential |
| GenerateCsrForApplication | POST /api/v1/apps/{appId}/credentials/csrs | Generate a certificate signing request |
| GetApplicationKey | GET /api/v1/apps/{appId}/credentials/keys/{keyId} | Retrieve a key credential |
| GetCsrForApplication | GET /api/v1/apps/{appId}/credentials/csrs/{csrId} | Retrieve a certificate signing request |
| ListApplicationKeys | GET /api/v1/apps/{appId}/credentials/keys | List all key credentials |
| ListCsrsForApplication | GET /api/v1/apps/{appId}/credentials/csrs | List all certificate signing requests |
| PublishCsrFromApplication | POST /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish | Publish a certificate signing request |
| RevokeCsrFromApplication | DELETE /api/v1/apps/{appId}/credentials/csrs/{csrId} | Revoke a certificate signing request |
JsonWebKey CloneApplicationKey (string appId, string keyId, string targetAid)
Clone a key credential
Clones an X.509 certificate for an Application Key Credential from a source app to a target app. For step-by-step instructions to clone a credential, see Share application key credentials for IdPs across apps. > Note: Sharing certificates isn't a recommended security practice.
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class CloneApplicationKeyExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var keyId = sjP9eiETijYz110VkhHN; // string | ID of the Key Credential for the application
var targetAid = 0ouuytCAJSSDELFTUIDS; // string | Unique key of the target Application
try
{
// Clone a key credential
JsonWebKey result = apiInstance.CloneApplicationKey(appId, keyId, targetAid);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.CloneApplicationKey: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| keyId | string | ID of the Key Credential for the application | |
| targetAid | string | Unique key of the target Application |
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 201 | Created | - |
| 400 | Bad Request | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
JsonWebKey GenerateApplicationKey (string appId, int validityYears)
Generate a key credential
Generates a new X.509 certificate for an app key credential > Note: To update an Application with the newly generated key credential, use the Replace an Application request with the new credentials.signing.kid value in the request body. You can provide just the Signing Credential object instead of the entire Application Credential object.
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class GenerateApplicationKeyExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var validityYears = 5; // int | Expiry years of the Application Key Credential
try
{
// Generate a key credential
JsonWebKey result = apiInstance.GenerateApplicationKey(appId, validityYears);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.GenerateApplicationKey: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| validityYears | int | Expiry years of the Application Key Credential |
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 201 | Created | - |
| 400 | Bad Request | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
string GenerateCsrForApplication (string appId, CsrMetadata metadata)
Generate a certificate signing request
Generates a new key pair and returns the Certificate Signing Request(CSR) for it. The information in a CSR is used by the Certificate Authority (CA) to verify and create your certificate. It also contains the public key that is included in your certificate. Returns CSR in pkcs#10 format if the Accept media type is application/pkcs10 or a CSR object if the Accept media type is application/json. > Note: The key pair isn't listed in the Key Credentials for the app until it's published.
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class GenerateCsrForApplicationExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var metadata = new CsrMetadata(); // CsrMetadata |
try
{
// Generate a certificate signing request
string result = apiInstance.GenerateCsrForApplication(appId, metadata);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.GenerateCsrForApplication: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| metadata | CsrMetadata |
string
- Content-Type: application/json
- Accept: application/pkcs10, application/json
| Status code | Description | Response headers |
|---|---|---|
| 201 | Created | * Content-Type - The Content-Type of the response * Content-Transfer-Encoding - Encoding of the response |
| 400 | Bad Request | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
JsonWebKey GetApplicationKey (string appId, string keyId)
Retrieve a key credential
Retrieves a specific Application Key Credential by kid
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class GetApplicationKeyExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var keyId = sjP9eiETijYz110VkhHN; // string | ID of the Key Credential for the application
try
{
// Retrieve a key credential
JsonWebKey result = apiInstance.GetApplicationKey(appId, keyId);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.GetApplicationKey: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| keyId | string | ID of the Key Credential for the application |
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 200 | Success | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
Csr GetCsrForApplication (string appId, string csrId)
Retrieve a certificate signing request
Retrieves a Certificate Signing Request (CSR) for the app by csrId. Returns a Base64-encoded CSR in DER format if the Accept media type is application/pkcs10 or a CSR object if the Accept media type is application/json.
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class GetCsrForApplicationExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var csrId = fd7x1h7uTcZFx22rU1f7; // string | `id` of the CSR
try
{
// Retrieve a certificate signing request
Csr result = apiInstance.GetCsrForApplication(appId, csrId);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.GetCsrForApplication: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| csrId | string | `id` of the CSR |
- Content-Type: Not defined
- Accept: application/json, application/pkcs10
| Status code | Description | Response headers |
|---|---|---|
| 200 | Success | * Content-Type - The Content-Type of the response * Content-Transfer-Encoding - Encoding of the response |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
List<JsonWebKey> ListApplicationKeys (string appId)
List all key credentials
Lists all key credentials for an app
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class ListApplicationKeysExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
try
{
// List all key credentials
List<JsonWebKey> result = apiInstance.ListApplicationKeys(appId).ToListAsync();
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.ListApplicationKeys: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID |
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 200 | Success | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
List<Csr> ListCsrsForApplication (string appId)
List all certificate signing requests
Lists all Certificate Signing Requests for an application
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class ListCsrsForApplicationExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
try
{
// List all certificate signing requests
List<Csr> result = apiInstance.ListCsrsForApplication(appId).ToListAsync();
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.ListCsrsForApplication: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID |
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 200 | Success | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
JsonWebKey PublishCsrFromApplication (string appId, string csrId, System.IO.Stream body)
Publish a certificate signing request
Publishes a Certificate Signing Request (CSR) for the app with a signed X.509 certificate and adds it into the Application Key Credentials. > Note: Publishing a certificate completes the lifecycle of the CSR and it's no longer accessible.
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class PublishCsrFromApplicationExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var csrId = fd7x1h7uTcZFx22rU1f7; // string | `id` of the CSR
var body = new System.IO.MemoryStream(System.IO.File.ReadAllBytes("/path/to/file.txt")); // System.IO.Stream |
try
{
// Publish a certificate signing request
JsonWebKey result = apiInstance.PublishCsrFromApplication(appId, csrId, body);
Debug.WriteLine(result);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.PublishCsrFromApplication: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| csrId | string | `id` of the CSR | |
| body | System.IO.Stream****System.IO.Stream |
- Content-Type: application/x-x509-ca-cert, application/pkix-cert, application/x-pem-file
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 201 | Created | - |
| 400 | Bad Request | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
void RevokeCsrFromApplication (string appId, string csrId)
Revoke a certificate signing request
Revokes a Certificate Signing Request and deletes the key pair from the app
using System.Collections.Generic;
using System.Diagnostics;
using Okta.Sdk.Api;
using Okta.Sdk.Client;
using Okta.Sdk.Model;
namespace Example
{
public class RevokeCsrFromApplicationExample
{
public static void Main()
{
Configuration config = new Configuration();
config.OktaDomain = "https://subdomain.okta.com";
// Configure API key authorization: apiToken
config.Token ="YOUR_API_KEY";
// Configure OAuth2 access token for authorization: oauth2
config.AccessToken = "YOUR_ACCESS_TOKEN";
var apiInstance = new ApplicationSSOCredentialKeyApi(config);
var appId = 0oafxqCAJWWGELFTYASJ; // string | Application ID
var csrId = fd7x1h7uTcZFx22rU1f7; // string | `id` of the CSR
try
{
// Revoke a certificate signing request
apiInstance.RevokeCsrFromApplication(appId, csrId);
}
catch (ApiException e)
{
Debug.Print("Exception when calling ApplicationSSOCredentialKeyApi.RevokeCsrFromApplication: " + e.Message );
Debug.Print("Status Code: "+ e.ErrorCode);
Debug.Print(e.StackTrace);
}
}
}
}| Name | Type | Description | Notes |
|---|---|---|---|
| appId | string | Application ID | |
| csrId | string | `id` of the CSR |
void (empty response body)
- Content-Type: Not defined
- Accept: application/json
| Status code | Description | Response headers |
|---|---|---|
| 204 | No Content | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 429 | Too Many Requests | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]