NVIDIA UFM Enterprise REST API Guide
NVIDIA UFM Enterprise REST API Guide
Breadcrumbs

Client Authentication REST API

Get Client Authentication Settings

  • Description: Get client authentication settings 

  • URL: GET /ufmRest/app/client_authentication/settings

  • Request Content Type – Application/json

  • Request Data: N/A

  • Response: 

    {
    "enable": true,
    "client_cert_sans": [
        {
            "san": "ufm-test.net",
            "user": "ufmsysadmin"
        }
    ],
    "ssl_cert_hostnames": [
        "ufm-test.net"
    ],
    "ssl_cert_file": "Present",
    "ca_intermediate_cert_file": "Present",
    "cert_auto_refresh": {
        "enabled": true,
        "root_intermediate_certs_url": https://test.net,
        "ssl_cert_url": https://rest.net,
        "ssl_cert_thumbprint": "41EBA872F116E720E494A0AE1ED357EF8A0C60C9",
        "last_checked": "2022-03-15 11:35:40",
        "last_updated": "2022-03-15 11:35:40",
        "bootstrap_cert_file": "Present"
    }
}

  • Status Codes:200 – Ok

Configure Certificate "Auto-Refresh"

  • Description: Configure settings 

  • URL: PUT /ufmRest/app/client_authentication/settings

  • Request Content Type – Application/json

  • Request Data format: 

    {
       "enable": true,
       "client_cert_sans": [
             {
                    "san": "ufm-test.net",
                    "user": "ufmsysadmin"
             }
       ],
       "ssl_cert_hostnames": [
             "ufm-test.net"
       ],
       "cert_auto_refresh": {
             "enable": true,
             "root_intermediate_certs_url": https://test.net2,
             "ssl_cert_url": passwordhttps://test.net,
             "ssl_cert_thumbprint": "2268BDD79DF7FD9C818EB97F315AE0F35D223A16",
             "bootstrap_pfx_password": "password",
             "bootstrap_cert_file": base64 test format
              "bootstrap_pfx_password_file":           
}

  • Response: N/A

    • Only switches to "auto-refresh after refresh.

    • The bootstrap_cert_file file should be made up of base64 strings

  • Status Codes:200 – Ok400 - Bad Request (bad or missing parameters)404 – Resource does not exist

Bootstrap certificate bootstrap_pfx_password_file and bootstrap_pfx_password options are mutually exclusive, only one should be provided.

Update Certificates

  • Description: Update certificates

  • URL: POST /ufmRest/app/client_authentication/auto_refresh_certificates

  • Request Content Type – Application/json

  • Request Data: N/A

  • Response: N/A

    After the certificates are updated, the system switches to client certificates.

  • Status Codes:

    • 200 – Ok

    • 400 – Bad Request (bad or missing parameters)

Delete All Client Certificates

  • Description: Delete client certificates return to user/password

  • URL: DELETE /ufmRest/app/client_authentication/settings

  • Request Content Type – Application/json

  • Request Data: N/A

  • Response: "Success"

  • Status Codes:

    • 200 – Ok

    • 400 – Bad Request (bad or missing parameters)

    • 404 - Resource does not exist

Refresh Certificates

  • Description: Refresh certificates for both the UFM REST API server and all registered UFM plugins.

  • URL: DELETE /ufmRest/app/client_authentication/refresh_certificates

  • Request Content Type – Application/json

  • Request Data: N/A

  • Response: "Success"

  • Status Codes:

    • 202 – Accepted (Certificate refresh completed successfully)

    • 202 – Accepted with warning message (Partial failure - either Apache restart or plugin notification failed)

    • 400 – Bad Request (Complete failure - both Apache restart and plugin notification failed)

Last updated: