Обновление managedDeviceCertificateState
Пространство имен: microsoft.graph
Важный: API Microsoft Graph в версии /beta могут быть изменены; Использование в рабочей среде не поддерживается.
Примечание. API Microsoft Graph для Intune требует наличия активной лицензии Intune для клиента.
Обновите свойства объекта managedDeviceCertificateState .
Этот API доступен в следующих национальных облачных развертываниях.
| Глобальная служба | Правительство США L4 | Правительство США L5 (DOD) | Китай управляется 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Разрешения
Для вызова этого API требуется одно из следующих разрешений. Дополнительные сведения, включая сведения о том, как выбрать разрешения, см. в статье Разрешения.
| Тип разрешения | Разрешения (в порядке повышения привилегий) |
|---|---|
| Делегированные (рабочая или учебная учетная запись) | DeviceManagementConfiguration.ReadWrite.All |
| Делегированные (личная учетная запись Майкрософт) | Не поддерживается. |
| Приложение | DeviceManagementConfiguration.ReadWrite.All |
HTTP-запрос
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.aospDeviceOwnerPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.aospDeviceOwnerScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidWorkProfilePkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidWorkProfileScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidForWorkImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/identityCertificate/microsoft.graph.androidForWorkPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/identityCertificate/microsoft.graph.androidForWorkScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsPhone81VpnConfiguration/identityCertificate/microsoft.graph.windowsPhone81SCEPCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSScepCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows10PkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows81SCEPCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows10ImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windowsPhone81ImportedPFXCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
Заголовки запроса
| Заголовок | Значение |
|---|---|
| Авторизация | Bearer {token}. Обязательно. Дополнительные сведения о проверке подлинности и авторизации. |
| Accept | application/json |
Текст запроса
В тексте запроса укажите представление объекта managedDeviceCertificateState в формате JSON.
В следующей таблице показаны свойства, необходимые при создании managedDeviceCertificateState.
| Свойство | Тип | Описание |
|---|---|---|
| id | String | Ключ объекта. |
| devicePlatform | devicePlatformType | Платформа устройства. Возможные значения: android, , iOSandroidForWork, macOS, windowsPhone81, windows81AndLater, windows10AndLater, , androidWorkProfile, unknown, androidAOSP, androidMobileApplicationManagement, iOSMobileApplicationManagement, , unknownFutureValue, . windowsMobileApplicationManagement |
| certificateKeyUsage | keyUsages | Использование ключей. Возможные значения: keyEncipherment, digitalSignature. |
| certificateValidityPeriodUnits | certificateValidityPeriodScale | Единицы срока действия. Возможные значения: days, months, years. |
| certificateIssuanceState | certificateIssuanceStates | Состояние выдачи. Возможные значения: unknown, , challengeIssued, challengeIssueFailed, requestSubmitFailedrequestCreationFailed, challengeValidationSucceeded, , issueFailedchallengeValidationFailed, issuePending, issuedresponsePendingrevokedresponseProcessingFailedenrollmentSucceededenrollmentNotNeeded, removedFromCollection, , renewVerifiedinstallFailed, , , installed, deleteFailed, deleted, . requestedrenewalRequested |
| certificateKeyStorageProvider | keyStorageProviderOption | Поставщик хранилища ключей. Возможные значения: useTpmKspOtherwiseUseSoftwareKsp, useTpmKspOtherwiseFail, usePassportForWorkKspOtherwiseFail, useSoftwareKsp. |
| certificateSubjectNameFormat | subjectNameFormat | Формат имени субъекта. Возможные значения: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId. |
| certificateSubjectAlternativeNameFormat | subjectAlternativeNameType | Формат альтернативного имени субъекта. Возможные значения: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier. |
| certificateRevokeStatus | certificateRevocationStatus | Состояние отзыва. Возможные значения: none, pending, issued, failed, revoked. |
| certificateProfileDisplayName | String | Отображаемое имя профиля сертификата |
| deviceDisplayName | String | Отображаемое имя устройства |
| userDisplayName | String | Отображаемое имя пользователя |
| certificateExpirationDateTime | DateTimeOffset | Дата окончания срока действия сертификата |
| certificateLastIssuanceStateChangedDateTime | DateTimeOffset | Изменение состояния последней выдачи сертификата |
| lastCertificateStateChangeDateTime | DateTimeOffset | Изменение состояния последней выдачи сертификата |
| certificateIssuer | String | Издатель |
| certificateThumbprint | String | Thumbprint |
| certificateSerialNumber | String | Серийный номер |
| certificateKeyLength | Int32 | Длина ключа |
| certificateEnhancedKeyUsage | String | Расширенное использование ключа |
| certificateValidityPeriod | Int32 | Срок действия |
| certificateSubjectNameFormatString | String | Строка формата имени субъекта для настраиваемых форматов имен субъектов |
| certificateSubjectAlternativeNameFormatString | String | Строка альтернативного формата имени субъекта для пользовательских форматов |
| certificateIssuanceDateTime | DateTimeOffset | Дата выдачи |
| certificateErrorCode | Int32 | Код ошибки |
Отклик
В случае успешного 200 OK выполнения этот метод возвращает код ответа и обновленный объект managedDeviceCertificateState в теле отклика.
Пример
Запрос
Ниже приведен пример запроса.
PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosPkcsCertificateProfile/managedDeviceCertificateStates/{managedDeviceCertificateStateId}
Content-type: application/json
Content-length: 1517
{
"@odata.type": "#microsoft.graph.managedDeviceCertificateState",
"devicePlatform": "androidForWork",
"certificateKeyUsage": "digitalSignature",
"certificateValidityPeriodUnits": "months",
"certificateIssuanceState": "challengeIssued",
"certificateKeyStorageProvider": "useTpmKspOtherwiseFail",
"certificateSubjectNameFormat": "commonNameIncludingEmail",
"certificateSubjectAlternativeNameFormat": "emailAddress",
"certificateRevokeStatus": "pending",
"certificateProfileDisplayName": "Certificate Profile Display Name value",
"deviceDisplayName": "Device Display Name value",
"userDisplayName": "User Display Name value",
"certificateExpirationDateTime": "2017-01-01T00:02:14.9489247-08:00",
"certificateLastIssuanceStateChangedDateTime": "2017-01-01T00:00:27.7468732-08:00",
"lastCertificateStateChangeDateTime": "2017-01-01T00:01:10.7144639-08:00",
"certificateIssuer": "Certificate Issuer value",
"certificateThumbprint": "Certificate Thumbprint value",
"certificateSerialNumber": "Certificate Serial Number value",
"certificateKeyLength": 4,
"certificateEnhancedKeyUsage": "Certificate Enhanced Key Usage value",
"certificateValidityPeriod": 9,
"certificateSubjectNameFormatString": "Certificate Subject Name Format String value",
"certificateSubjectAlternativeNameFormatString": "Certificate Subject Alternative Name Format String value",
"certificateIssuanceDateTime": "2016-12-31T23:59:41.5044473-08:00",
"certificateErrorCode": 4
}
Отклик
Ниже приведен пример отклика. Примечание. Представленный здесь объект отклика может быть усечен для краткости. При фактическом вызове будут возвращены все свойства.
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1566
{
"@odata.type": "#microsoft.graph.managedDeviceCertificateState",
"id": "d99bc884-c884-d99b-84c8-9bd984c89bd9",
"devicePlatform": "androidForWork",
"certificateKeyUsage": "digitalSignature",
"certificateValidityPeriodUnits": "months",
"certificateIssuanceState": "challengeIssued",
"certificateKeyStorageProvider": "useTpmKspOtherwiseFail",
"certificateSubjectNameFormat": "commonNameIncludingEmail",
"certificateSubjectAlternativeNameFormat": "emailAddress",
"certificateRevokeStatus": "pending",
"certificateProfileDisplayName": "Certificate Profile Display Name value",
"deviceDisplayName": "Device Display Name value",
"userDisplayName": "User Display Name value",
"certificateExpirationDateTime": "2017-01-01T00:02:14.9489247-08:00",
"certificateLastIssuanceStateChangedDateTime": "2017-01-01T00:00:27.7468732-08:00",
"lastCertificateStateChangeDateTime": "2017-01-01T00:01:10.7144639-08:00",
"certificateIssuer": "Certificate Issuer value",
"certificateThumbprint": "Certificate Thumbprint value",
"certificateSerialNumber": "Certificate Serial Number value",
"certificateKeyLength": 4,
"certificateEnhancedKeyUsage": "Certificate Enhanced Key Usage value",
"certificateValidityPeriod": 9,
"certificateSubjectNameFormatString": "Certificate Subject Name Format String value",
"certificateSubjectAlternativeNameFormatString": "Certificate Subject Alternative Name Format String value",
"certificateIssuanceDateTime": "2016-12-31T23:59:41.5044473-08:00",
"certificateErrorCode": 4
}