POST /api/apps/versions/{AppVersionID}/keyinfo
Adds an app's public key or certificate (for runtime security).
Workflow: This operation checks whether the resource is governed by a workflow, and if so whether the action is valid based on the current state of the resource. If the action is not valid, the operation will fail.
Authorization Roles/Permissions: Must be logged in. App team member, Business Admin
This topic includes the following sections:
HTTP Method
POST
URL
https://{hostname}/api/apps/versions/{AppVersionID}/keyinfo
Sample Request
The example below shows a call to this operation.
Sample request URL
https://{hostname}/api/apps/versions/9vQtwz5cVjB4Lb0tW7YDoRGm.acmepaymentscorp/keyinfo?wrapInHTML=true
Sample request headers
POST http://{hostname}/api/apps/versions/9vQtwz5cVjB4Lb0tW7YDoRGm.acmepaymentscorp/keyinfo?wrapInHTML=true HTTP/1.1
Host: {hostname}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...
Cookie: AtmoAuthToken_acmepaymentscorp=TokenID%3Db1f87d98-a01e-11e4-a4c8-c152b79a9472%2Cclaimed_id
%3Durn%3Aacmepaymentscorp%3Auser%3Aacmepaymentscorp%3A7222fcd1-fe4b-4b80-ad25-ec86981c7962%2C
issueTime%3D1421701444022%2CexpirationTime%3D1421703244005%2CAttributesIncluded%3Dfalse%2C
UserFDN%3D7222fcd1-fe4b-4b80-ad25-ec86981c7962%252Eacmepaymentscorp%2CUserName%3D
adminacmepaymentscorp%2Csig%3DNE567Vbh1ZdIE1Yx6HlnQF9zFwy2-xKqq-EquYiugI-k2_jzUR9rvV0x
kyLDg8_CBL68dAqCfq1VXSghLjvFV2nreg4WLlR-mhBrOa209ZT7pgryPCTg-wlEL3e_zq-9lsoGxPPRSyCvRXqwz
urhLLM_9GWokQoZUYsXrTP6Jx8; Csrf-Token_acmepaymentscorp=TokenID%3Db1f87d98-a01e-11e4-a4c8-c
152b79a9472%2CexpirationTime%3D1421703244028%2CUserFDN%3D7222fcd1-fe4b-4b80-ad25-ec86981c79
62%252Eacmepaymentscorp%2Csig%3DIid5J_crulvfYk5hHYGUt6fCbZvpp4nACDBA7JIqIMGbDZXaaItzW87rrPx
PBazCQ-N8BacJcrEsib8bWmeGNZPqWgtXiFtRZcHBakb5zyFwLuSCE9RQK5lu8mg2iFfRH9Cm_ER
MqGUW2q28agiMT36tJWZ6SN9F8-JG6tRnYjA
Content-Type: multipart/form-data; boundary=---------------------------138372179114855
-----------------------------138372179114855
Content-Disposition: form-data; name="Certificate"; filename="cert.csr"
Content-Type: application/txt
-----BEGIN CERTIFICATE REQUEST-----
MIIClzCCAX8CAQAwVDEPMA0GA1UEAxMGUmFtZXNoMQwwCgYDVQQLEwNQRE8xDDAKBgNVBAoTA1NP
QTELMAkGA1UEBxMCTEExCzAJBgNVBAgTAkNBMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAIheb0Q2+PkfDwnxtdR+FLgMcNNRGuAy5pp8ku4VPpEt95//jJ+BRc52
zHc++FfSlDHOvn/N++1ZA+KM7PdpnJPYCu8ZDIkT2WVB+0CmuIRw9uToBdctLjpvBe1NLC/io7FD
UADSzXRu2/Iqv8Idj9UQSObrBiYPY5KIFtPA7M4b54M35YV6BHWg+eZ+vLEeSGpbsuA8TlbFKJF4
rrQApTPtcJkju7EMeBdkvRr7uKHSfSYCHQXPT8cYr6pVzq+dh38f960deS0QyHag3/d09fy7Ahmj
Re8ieWufYW6b9LsJut9hW9EmfM38sTcq2jFWvHUstl2qq4QcxG/X9SVJnPUCAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAcxkJWbv06sKseT5XSBrDCP2KiCdTv2BIgsZzGs0A56DmDj6Jbw3zfS/sgrO3
uN2nIp5zfiy9TzyAIN8Gs7DRKVBPptPARRXaSk6RhbrrjLg+erpFuNzHUmc9HAeXu6/MbnFDpLcr
lhRgJ495OhI+hEVGjCqcObSD2NqSTs4q8FtkVOegpEIHLJSgoZfBKAq8eo4DUTvr9oSpcHxg1ExA
xYAm6hfXZX9ucHM8X8U69H1LZm491mcp1svinseSlkh/q2Y1aHCyMYjWajHvbZbF5pw8zgFCespp
7a9BMDlEtvG2btQgd6sRv3rSWVEzXeMoJPFx/QKJGDyRc1luekrroA==
-----END CERTIFICATE REQUEST-----
-----------------------------138372179114855
Content-Disposition: form-data; name="Comments"
testing
-----------------------------138372179114855
Content-Disposition: form-data; name="X-Csrf-Token_acmepaymentscorp"
TokenID%3Db1f87d98-a01e-11e4-a4c8-c152b79a9472%2CexpirationTime%3D1421703244
028%2CUserFDN%3D7222fcd1-fe4b-4b80-ad25-ec86981c7962%252Eacmepaymentscorp
%2Csig%3DIid5J_crulvfYk5hHYGUt6fCbZvpp4nACDBA7JIqIMGbDZXaaItzW87rrPxPBaz
CQ-N8BacJcrEsib8bWmeGNZPqWgtXiFtRZcHBakb5zyFwLuSCE9RQK5lu8mg2iFfRH9
Cm_ERMqGUW2q28agiMT36tJWZ6SN9F8-JG6tRnYjA
-----------------------------138372179114855--
Sample request body
The request body is the certificate signing request (CSR) or certificate which is uploaded. View an example.
For more information about running operations that use the multipart/form-data Content-Type header for file upload, see Managing Multipart/Form-Data Uploads.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | text/plain |
| Content-Type | multipart/form-data |
| Cookie | AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies. |
| X-Csrf-Token_{fedmemberID} | The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login. |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| AppVersionID | Path | string | Required | The unique ID for a specific app version. |
| InMultiPart | Body | multipart | Required | The CSR or CER. For more information, see Managing Multipart/Form-Data Uploads. |
Note: For information about the wrapInHTML parameter shown in the sample request above, see File Upload with Ajax. This is only used if you are running the API in a browser context.
Response
If successful, this operation returns HTTP status code 200, with the AppVersionID as confirmation that the operation completed successfully. The response is wrapped in HTML.
Sample Response
The sample response below shows that this operation completed successfully.
Sample response headers
HTTP/1.1 200 OK Content-Type: text/html Expires: Mon, 05 Jan 2015 10:56:17 GMT
Sample response body
<!DOCTYPE html><html lang="en" status="200" statusText="success"><head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="IE=edge" http-equiv="X-UA-Compatible"> <meta name="description" content="Lorem ipsum dolor sit amet, consectetur adipiscing elit. Mauris lacus elit, ornare eget luctus vel, porta id elit. Maecenas molestie, libero sit amet blandit faucibus, orci nisi aliquet nisi, id mollis mauris ipsum a enim. Morbi lacus velit, placerat sit amet luctus eget, pulvinar a massa. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Morbi eleifend tincidunt pellentesque. Cras eu sapien massa, vitae rutrum sapien. Aenean id condimentum sem. Suspendisse tempor luctus ipsum, vel metus."> </head> <body status="200" statusText="success">24kAuJa8ie9vsJNUdopeG61X.acmepaymentscorp</body></html>
Note: for information about the HTML wrapper shown in the sample response above, see File Upload with Ajax.
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | text/plain |
Response Body
| Name | Type | Description |
|---|---|---|
| Response | AppVersionID | The unique ID for a specific app version. |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 401 | Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing. |
| 500 | An error occurred processing the call. For example, you would get this response if you attempted to send a file that wasn't a valid CSR file. |
More information about Akana API Platform API error messages.
