Get a smart credential by serial number
GET/api/web/v1/smartcredentials/serialnumber/:sernum
Get the specified smart credential by serial number. Caller requires the SMARTCREDENTIALS:VIEW permission.
Request
Path Parameters
The serial number of the smart credential to be retrieved.
Responses
- 200
- 400
- 401
- 403
- 404
- 409
Successful
- application/json
- Schema
- Example (from schema)
Schema
Array [
]
Array [
]
Array [
]
Array [
]
Array [
]
Array [
]
Array [
]
Array [
Array [
]
]
Array [
]
Possible values: [ACTIVATE
, REACTIVATE
, UPDATE
, UNASSIGN
, UNBLOCK
, ENABLE
, DISABLE
, DELETE
, VIEW_CERTIFICATES
]
A list of administration actions currently allowed for this smart credential.
cardDigitalConfig
object
Information that defines how digital ids are created in the CA.
If true, digital ids using this config will be set to have all CA groups.
If allCAGroups is set to false then digital ids using this config will use this specified list of CA groups.
The UUID of the CA for this digital id config.
The name of the CA for this digital id config.
Possible values: [EDC
, MS
, PKIAAS
]
The CA type of this Digital Id Config.
certTemplates
object[]
A list of cert templates associated with this digital id config.
The UUID of the Digital Id Config that owns this Digital Id Config Cert Template.
The UUID of the Digital Id Config Cert Template.
Possible values: [RSA_2048
, EC_P_256
]
The key type of the Digital Id Config Cert Template.
The name of the Digital Id Config Cert Template.
Possible values: [PivAuth
, CardAuth
, DigSig
, KeyMgmt
, None
]
The PIV container of the Digital Id Config Cert Template.
The CA certificate type which digital ids using this config will use.
When creating a digital id config, default values can be provided from this specified digital id config template.
A flag indicating if digital ids using this config will create directory entries in the CA.
The format which digital ids using this config will use for their DN.
Whether digital ids using this config should include the searchbase in their DN.
The UUID of this Digital Id Config.
The name of this Digital Id Config.
The CA role which digital ids using this config will use.
The searchbase within the CA in which digital ids using this config will be created.
subjectAltNames
object[]
A list of subjectAltNames associated with this digital id config.
The UUID of the digital id config that owns this subjectAltName.
The UUID of this Digital Id Config SubjectAltName.
Possible values: [EMAIL
, UPN
, IP
, DNS
, OTHER
, X400
, DN
, EDI
, URI
, REGISTERED_ID
]
The type of subjectAltName.
The value for the subjectAltName.
Possible values: [PIV_CARDHOLDER
, PIV_CARD
]
The type of digital id.
The CA user type which digital ids using this config will use.
variables
object[]
A list of variables associated with this digital id config.
The UUID of the Digital Id Config that owns this Digital Id Config Variable.
The UUID of the Digital Id Config Variable.
A flag indicating if values for this variable are included in the Digital Id's DN when it is generated by the CA.
The name of the Digital Id Config Variable.
Possible values: [CERTIFICATE
, USER
, VARIABLE
, CUSTOM
]
The type of the Digital Id Config Variable.
The value of the Digital Id Config Variable.
The UUID of the Card Digital Id config of this smart credential. If not set, the smart credential will not have a Card Digital Id.
Indicates if the card digitalid config is required or not.
cardHolderDigitalConfig
object
Information that defines how digital ids are created in the CA.
If true, digital ids using this config will be set to have all CA groups.
If allCAGroups is set to false then digital ids using this config will use this specified list of CA groups.
The UUID of the CA for this digital id config.
The name of the CA for this digital id config.
Possible values: [EDC
, MS
, PKIAAS
]
The CA type of this Digital Id Config.
certTemplates
object[]
A list of cert templates associated with this digital id config.
The UUID of the Digital Id Config that owns this Digital Id Config Cert Template.
The UUID of the Digital Id Config Cert Template.
Possible values: [RSA_2048
, EC_P_256
]
The key type of the Digital Id Config Cert Template.
The name of the Digital Id Config Cert Template.
Possible values: [PivAuth
, CardAuth
, DigSig
, KeyMgmt
, None
]
The PIV container of the Digital Id Config Cert Template.
The CA certificate type which digital ids using this config will use.
When creating a digital id config, default values can be provided from this specified digital id config template.
A flag indicating if digital ids using this config will create directory entries in the CA.
The format which digital ids using this config will use for their DN.
Whether digital ids using this config should include the searchbase in their DN.
The UUID of this Digital Id Config.
The name of this Digital Id Config.
The CA role which digital ids using this config will use.
The searchbase within the CA in which digital ids using this config will be created.
subjectAltNames
object[]
A list of subjectAltNames associated with this digital id config.
The UUID of the digital id config that owns this subjectAltName.
The UUID of this Digital Id Config SubjectAltName.
Possible values: [EMAIL
, UPN
, IP
, DNS
, OTHER
, X400
, DN
, EDI
, URI
, REGISTERED_ID
]
The type of subjectAltName.
The value for the subjectAltName.
Possible values: [PIV_CARDHOLDER
, PIV_CARD
]
The type of digital id.
The CA user type which digital ids using this config will use.
variables
object[]
A list of variables associated with this digital id config.
The UUID of the Digital Id Config that owns this Digital Id Config Variable.
The UUID of the Digital Id Config Variable.
A flag indicating if values for this variable are included in the Digital Id's DN when it is generated by the CA.
The name of the Digital Id Config Variable.
Possible values: [CERTIFICATE
, USER
, VARIABLE
, CUSTOM
]
The type of the Digital Id Config Variable.
The value of the Digital Id Config Variable.
The UUID of the Card Holder Digital Id config of this smart credential. If not set, the smart credential will not have a Card Holder Digital Id.
Indicates if the card holder digitalid config is required or not.
certificates
object[]
A list of certificates associated with this smart credential.
The description providing the purpose of this certificate.
The UUID of the digital id to which this certificate belongs
Possible values: [PIV_CARDHOLDER
, PIV_CARD
]
The type of the digital Id to which this certificate belongs.
The UUID of this Digital Id Certificate.
The issuer DN of this certificate.
The expiry date of this certificate.
The issue date of this certificate.
The name of the PIV container that stores this certificate on the smart card.
The serial number of this certificate.
Possible values: [ACTIVE
, REVOKED
, HOLD
, EXPIRED
, NOT_AVAILABLE
]
The status of this certificate. If not set, the revocation status has not been retrieved from the CA.
The subject DN of this certificate.
The chip id of the smart card set when the smart credential is encoded.
digitalIds
object[]
A list of digital ids associated with this smart credential.
certificates
object[]
The certificates associated with this digital id.
The description providing the purpose of this certificate.
The UUID of the digital id to which this certificate belongs
Possible values: [PIV_CARDHOLDER
, PIV_CARD
]
The type of the digital Id to which this certificate belongs.
The UUID of this Digital Id Certificate.
The issuer DN of this certificate.
The expiry date of this certificate.
The issue date of this certificate.
The name of the PIV container that stores this certificate on the smart card.
The serial number of this certificate.
Possible values: [ACTIVE
, REVOKED
, HOLD
, EXPIRED
, NOT_AVAILABLE
]
The status of this certificate. If not set, the revocation status has not been retrieved from the CA.
The subject DN of this certificate.
The UUID of the digital Id config that defines this digital Id.
The name of the digital id Config that defines this digital Id.
Possible values: [PIV_CARDHOLDER
, PIV_CARD
]
The type of this digital Id.
The current DN of the digital id.
The UUID of this DigitalId.
For smart credentials that have failed to encode, the encode message stores a message providing information about the failure.
Possible values: [ENCODE_START
, ENCODE_DONE
, ENCODE_ERROR
]
The encode state of a smart credential indicates if encoding has started, completed successfully or failed.
Possible values: [ENROLLING
, ENROLLED
]
The enrollment state of a smart credential indicates if all of the necessary enrollment values have been collected. Only smart credentials in the ENROLLED state can be activated.
For issued smart credentials, the expiry date is the date on which the smart credential will expire.
The unique UUID assigned to the smart credential when it is created.
The date on which the smart credential was issued.
A flag indicating if notification is enabled for this smart credential.
The platform of the Mobile SC application on which this smart credential was encoded.
The UUID of the Smart Credential Definition that defines this smart credential.
The name of the smart credential definition of this smart credential.
The unique serial number of the smart credential generated when it is created.
Possible values: [ACTIVE
, INACTIVE
]
The state of the smart credential. Only smart credentials in the ACTIVE state can be used for authentication.
The UUID of the user that owns this smart credential.
The user Id of the user that owns this smart credential.
variableValues
object[]
Variable values for this smart credential
scDefnVariable
object
SC Defn Variables define the details about variables defined in the SC Defn.
The default value of this variable.
A flag indicating if values for this variable should be displayed.
A flag indicating if the initial value for this variable should be generated.
A length value used when generating values for this variable.
The UUID of this SC Defn Variable.
A flag indicating if values for this variable can be modified.
The name of this SC Defn Variable.
A value that specifies the order of this variable with respect to the other variables in the SC Defn.
Optional prompt to be used when prompting for a value for this variable.
A flag indicating if a value is required for this variable.
Possible values: [ALLOWED
, REQUIRED
, NOT_ALLOWED
, NOT_SET
]
A value specifying restrictions on digits appearing in values of this variable.
Possible values: [ALLOWED
, REQUIRED
, NOT_ALLOWED
, NOT_SET
]
A value specifying restrictions on lowercase characters appearing in values of this variable.
A value indicating a maximum for values of this variable. How this is enforced depends on the variable type.
A value indicating a minimum for values of this variable. How this is enforced depends on the variable type.
A value specifying a regex that values of this variable must match.
Possible values: [ALLOWED
, REQUIRED
, NOT_ALLOWED
, NOT_SET
]
A value specifying restrictions on special characters appearing in values of this variable.
Possible values: [ALLOWED
, REQUIRED
, NOT_ALLOWED
, NOT_SET
]
A value specifying restrictions on uppercase characters appearing in values of this variable.
The UUID of the SC Defn that owns this variable definition.
Possible values: [STRING
, BOOLEAN
, INTEGER
, UUID
]
The type of this variable.
Possible values: [GLOBAL
, USER
, NONE
]
A flag indicating if values of this variable must be unique and if so within what scope.
A value that allows a variable to be defined unique in the scope of another variable.
The UUID of the SC Defn Variable that defines the variable.
The variable value.
The version of the Mobile SC application on which this smart credential was encoded.
{
"allowedActions": [
"ACTIVATE"
],
"cardDigitalConfig": {
"allCAGroups": true,
"caGroups": [
"string"
],
"caId": "string",
"caName": "string",
"caType": "EDC",
"certTemplates": [
{
"digitalIdConfigId": "string",
"id": "string",
"keyType": "RSA_2048",
"name": "string",
"pivContainer": "PivAuth"
}
],
"certificateType": "string",
"digitalIdConfigTemplateId": "string",
"directoryEntry": true,
"dnFormat": "string",
"dnFormatSearchbaseIncluded": true,
"id": "string",
"name": "string",
"role": "string",
"searchbase": "string",
"subjectAltNames": [
{
"digitalIdConfigId": "string",
"id": "string",
"type": "EMAIL",
"value": "string"
}
],
"type": "PIV_CARDHOLDER",
"userType": "string",
"variables": [
{
"digitalIdConfigId": "string",
"id": "string",
"includedInDN": true,
"name": "string",
"type": "CERTIFICATE",
"value": "string"
}
]
},
"cardDigitalConfigId": "string",
"cardDigitalConfigRequired": true,
"cardHolderDigitalConfig": {
"allCAGroups": true,
"caGroups": [
"string"
],
"caId": "string",
"caName": "string",
"caType": "EDC",
"certTemplates": [
{
"digitalIdConfigId": "string",
"id": "string",
"keyType": "RSA_2048",
"name": "string",
"pivContainer": "PivAuth"
}
],
"certificateType": "string",
"digitalIdConfigTemplateId": "string",
"directoryEntry": true,
"dnFormat": "string",
"dnFormatSearchbaseIncluded": true,
"id": "string",
"name": "string",
"role": "string",
"searchbase": "string",
"subjectAltNames": [
{
"digitalIdConfigId": "string",
"id": "string",
"type": "EMAIL",
"value": "string"
}
],
"type": "PIV_CARDHOLDER",
"userType": "string",
"variables": [
{
"digitalIdConfigId": "string",
"id": "string",
"includedInDN": true,
"name": "string",
"type": "CERTIFICATE",
"value": "string"
}
]
},
"cardHolderDigitalConfigId": "string",
"cardHolderDigitalConfigRequired": true,
"certificates": [
{
"description": "string",
"digitalIdId": "string",
"digitalIdType": "PIV_CARDHOLDER",
"id": "string",
"issuerDN": "string",
"notAfter": "2019-02-19T13:15:27Z",
"notBefore": "2019-02-19T13:15:27Z",
"pivContainer": "string",
"serialNumber": "string",
"status": "ACTIVE",
"subjectDN": "string"
}
],
"chipId": "string",
"digitalIds": [
{
"certificates": [
{
"description": "string",
"digitalIdId": "string",
"digitalIdType": "PIV_CARDHOLDER",
"id": "string",
"issuerDN": "string",
"notAfter": "2019-02-19T13:15:27Z",
"notBefore": "2019-02-19T13:15:27Z",
"pivContainer": "string",
"serialNumber": "string",
"status": "ACTIVE",
"subjectDN": "string"
}
],
"digitalIdConfigId": "string",
"digitalIdConfigName": "string",
"digitalIdConfigType": "PIV_CARDHOLDER",
"dn": "string",
"id": "string"
}
],
"encodeMsg": "string",
"encodeState": "ENCODE_START",
"enrollState": "ENROLLING",
"expiryDate": "2019-02-19T13:15:27Z",
"id": "string",
"issueDate": "2019-02-19T13:15:27Z",
"notifyEnabled": true,
"platform": "string",
"scDefnId": "string",
"scDefnName": "string",
"serialNumber": "string",
"state": "ACTIVE",
"userId": "string",
"userUserId": "string",
"variableValues": [
{
"scDefnVariable": {
"defaultValue": "string",
"displayable": true,
"generate": true,
"generateLength": 0,
"id": "string",
"modifiable": true,
"name": "string",
"order": 0,
"prompt": "string",
"required": true,
"restrictionDigits": "ALLOWED",
"restrictionLower": "ALLOWED",
"restrictionMax": 0,
"restrictionMin": 0,
"restrictionRegex": "string",
"restrictionSpecial": "ALLOWED",
"restrictionUpper": "ALLOWED",
"scDefnId": "string",
"type": "STRING",
"uniqueness": "GLOBAL",
"uniquenessScopeId": "string"
},
"scDefnVariableId": "string",
"value": "string"
}
],
"version": "string"
}
Bad Request
- application/json
- Schema
- Example (from schema)
Schema
Error Codes specific to cause of failure.
Additional Error Message describing the error.
Optional additional error information.
{
"errorCode": "invalid_user_response",
"errorMessage": "Application id cannot be null",
"parameters": [
{}
]
}
Access denied
- application/json
- Schema
- Example (from schema)
Schema
Error Codes specific to cause of failure.
Additional Error Message describing the error.
Optional additional error information.
{
"errorCode": "invalid_user_response",
"errorMessage": "Application id cannot be null",
"parameters": [
{}
]
}
Forbidden
- application/json
- Schema
- Example (from schema)
Schema
Error Codes specific to cause of failure.
Additional Error Message describing the error.
Optional additional error information.
{
"errorCode": "invalid_user_response",
"errorMessage": "Application id cannot be null",
"parameters": [
{}
]
}
Not Found
- application/json
- Schema
- Example (from schema)
Schema
Error Codes specific to cause of failure.
Additional Error Message describing the error.
Optional additional error information.
{
"errorCode": "invalid_user_response",
"errorMessage": "Application id cannot be null",
"parameters": [
{}
]
}
Conflict
- application/json
- Schema
- Example (from schema)
Schema
Error Codes specific to cause of failure.
Additional Error Message describing the error.
Optional additional error information.
{
"errorCode": "invalid_user_response",
"errorMessage": "Application id cannot be null",
"parameters": [
{}
]
}