Freigeben über

Certificate - Refresh Secret

  • Reference
Service:
API Management
API Version:
2024-05-01

From KeyVault, Refresh the certificate being used for authentication with the backend.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}/refreshSecret?api-version=2024-05-01

URI Parameters

Name In Required Type Description
certificateId
 path True

string

Identifier of the certificate entity. Must be unique in the current API Management service instance.

Regex pattern: ^[^*#&+:<>?]+$
resourceGroupName
 path True

string

The name of the resource group. The name is case insensitive.
serviceName
 path True

string

The name of the API Management service.

Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
subscriptionId
 path True

string

uuid

The ID of the target subscription. The value must be an UUID.
api-version
 query True

string

The API version to use for this operation.

Responses

Name Type Description
200 OK

CertificateContract

The certificate details were successfully updated.

Headers

ETag: string
Other Status Codes

ErrorResponse

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

ApiManagementRefreshCertificate

Sample request

POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv/refreshSecret?api-version=2024-05-01

Sample response

Status code:
200 
{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
  "type": "Microsoft.ApiManagement/service/certificates",
  "name": "templateCertkv",
  "properties": {
    "subject": "CN=*.msitesting.net",
    "thumbprint": "EA**********************9AD690",
    "expirationDate": "2037-01-01T07:00:00Z",
    "keyVault": {
      "secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
      "identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
      "lastStatus": {
        "code": "Success",
        "timeStampUtc": "2020-09-22T00:24:53.3191468Z"
      }
    }
  }
}

Definitions

Name Description
CertificateContract

Certificate details.
ErrorAdditionalInfo

The resource management error additional info.
ErrorDetail

The error detail.
ErrorResponse

Error response
KeyVaultContractProperties

KeyVault contract details.
KeyVaultLastAccessStatusContractProperties

Issue contract Update Properties.

CertificateContract

Certificate details.

Name Type Description
id

string

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name

string

The name of the resource
properties.expirationDate

string

Expiration date of the certificate. The date conforms to the following format: yyyy-MM-ddTHH:mm:ssZ as specified by the ISO 8601 standard.
properties.keyVault

KeyVaultContractProperties

KeyVault location details of the certificate.
properties.subject

string

Subject attribute of the certificate.
properties.thumbprint

string

Thumbprint of the certificate.
type

string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.
type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.
code

string

The error code.
details

ErrorDetail[]

The error details.
message

string

The error message.
target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

KeyVaultContractProperties

KeyVault contract details.

Name Type Description
identityClientId

string

Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret.
lastStatus

KeyVaultLastAccessStatusContractProperties

Last time sync and refresh status of secret from key vault.
secretIdentifier

string

Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi

KeyVaultLastAccessStatusContractProperties

Issue contract Update Properties.

Name Type Description
code

string

Last status code for sync and refresh of secret from key vault.
message

string

Details of the error else empty.
timeStampUtc

string

Last time secret was accessed. The date conforms to the following format: yyyy-MM-ddTHH:mm:ssZ as specified by the ISO 8601 standard.