创建 managedDeviceCertificateState
命名空间:microsoft.graph
重要: Microsoft /beta 版本下的 Graph API 可能会发生更改;不支持生产使用。
注意:适用于 Intune 的 Microsoft Graph API 需要适用于租户的活动 Intune 许可证。
创建新的 managedDeviceCertificateState 对象。
此 API 可用于以下国家级云部署。
| 全局服务 | 美国政府 L4 | 美国政府 L5 (DOD) | 由世纪互联运营的中国 |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
权限
要调用此 API,需要以下权限之一。 若要了解详细信息,包括如何选择权限的信息,请参阅权限。
| 权限类型 | 权限(从最低特权到最高特权) |
|---|---|
| 委派(工作或学校帐户) | DeviceManagementConfiguration.ReadWrite.All |
| 委派(个人 Microsoft 帐户) | 不支持。 |
| 应用程序 | DeviceManagementConfiguration.ReadWrite.All |
HTTP 请求
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.aospDeviceOwnerPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.aospDeviceOwnerScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidWorkProfilePkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidWorkProfileScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidForWorkImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.androidDeviceOwnerImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/identityCertificate/microsoft.graph.androidForWorkPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/identityCertificate/microsoft.graph.androidForWorkScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsPhone81VpnConfiguration/identityCertificate/microsoft.graph.windowsPhone81SCEPCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSPkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSScepCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows10PkcsCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows81SCEPCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windows10ImportedPFXCertificateProfile/managedDeviceCertificateStates
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsWifiEnterpriseEAPConfiguration/identityCertificateForClientAuthentication/microsoft.graph.windowsPhone81ImportedPFXCertificateProfile/managedDeviceCertificateStates
请求标头
| 标头 | 值 |
|---|---|
| Authorization | 持有者 {token}。 必填。 详细了解 身份验证和授权。 |
| 接受 | application/json |
请求正文
在请求正文中,提供 managedDeviceCertificateState 对象的 JSON 表示形式。
下表显示了创建 managedDeviceCertificateState 时所需的属性。
| 属性 | 类型 | 说明 |
|---|---|---|
| id | String | 实体的键。 |
| devicePlatform | devicePlatformType | 设备平台。 可能的值为:、、、、iOSwindows10AndLaterwindowsPhone81androidAOSPunknownandroidWorkProfilewindows81AndLatermacOS、androidMobileApplicationManagement、iOSMobileApplicationManagement、 。 windowsMobileApplicationManagementunknownFutureValueandroidForWorkandroid |
| certificateKeyUsage | keyUsages | 密钥用法。 可取值为:keyEncipherment、digitalSignature。 |
| certificateValidityPeriodUnits | certificateValidityPeriodScale | 有效期单位。 可取值为:days、months、years。 |
| certificateIssuanceState | certificateIssuanceStates | 颁发状态。 可能的值为:、、、、challengeIssueFailedrequestSubmitFailedissuePendingissueFailedrequestCreationFailedchallengeValidationSucceededissuedchallengeValidationFailed、renewVerifiedinstallFailedremovedFromCollectionrevokedresponseProcessingFailedenrollmentSucceededenrollmentNotNeededresponsePending、installed、deleteFailed、 。 requestedrenewalRequesteddeletedchallengeIssuedunknown |
| certificateKeyStorageProvider | keyStorageProviderOption | 密钥存储提供程序。 可能的值是:useTpmKspOtherwiseUseSoftwareKsp、useTpmKspOtherwiseFail、usePassportForWorkKspOtherwiseFail、useSoftwareKsp。 |
| certificateSubjectNameFormat | subjectNameFormat | 使用者名称格式。 可取值为:commonName、commonNameIncludingEmail、commonNameAsEmail、custom、commonNameAsIMEI、commonNameAsSerialNumber、commonNameAsAadDeviceId、commonNameAsIntuneDeviceId、commonNameAsDurableDeviceId。 |
| certificateSubjectAlternativeNameFormat | subjectAlternativeNameType | 使用者可选名称格式。 可取值为:none、emailAddress、userPrincipalName、customAzureADAttribute、domainNameService、universalResourceIdentifier。 |
| certificateRevokeStatus | certificateRevocationStatus | 撤销状态。 可取值为:none、pending、issued、failed、revoked。 |
| certificateProfileDisplayName | String | 证书配置文件显示名称 |
| deviceDisplayName | String | 设备显示名称 |
| userDisplayName | String | 用户的显示名称 |
| certificateExpirationDateTime | DateTimeOffset | 证书到期日期 |
| certificateLastIssuanceStateChangedDateTime | DateTimeOffset | 上次证书颁发状态更改 |
| lastCertificateStateChangeDateTime | DateTimeOffset | 上次证书颁发状态更改 |
| certificateIssuer | String | 颁发者 |
| certificateThumbprint | String | 指纹 |
| certificateSerialNumber | String | 序列号 |
| certificateKeyLength | Int32 | 密钥长度 |
| certificateEnhancedKeyUsage | String | 扩展密钥用法 |
| certificateValidityPeriod | Int32 | 有效期 |
| certificateSubjectNameFormatString | String | 自定义使用者名称格式的使用者名称格式字符串 |
| certificateSubjectAlternativeNameFormatString | String | 自定义格式的使用者可选名称格式字符串 |
| certificateIssuanceDateTime | DateTimeOffset | 颁发日期 |
| certificateErrorCode | Int32 | 错误代码 |
响应
如果成功,此方法在 201 Created 响应正文中返回响应代码和 managedDeviceCertificateState 对象。
示例
请求
下面是一个请求示例。
POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.iosPkcsCertificateProfile/managedDeviceCertificateStates
Content-type: application/json
Content-length: 1517
{
"@odata.type": "#microsoft.graph.managedDeviceCertificateState",
"devicePlatform": "androidForWork",
"certificateKeyUsage": "digitalSignature",
"certificateValidityPeriodUnits": "months",
"certificateIssuanceState": "challengeIssued",
"certificateKeyStorageProvider": "useTpmKspOtherwiseFail",
"certificateSubjectNameFormat": "commonNameIncludingEmail",
"certificateSubjectAlternativeNameFormat": "emailAddress",
"certificateRevokeStatus": "pending",
"certificateProfileDisplayName": "Certificate Profile Display Name value",
"deviceDisplayName": "Device Display Name value",
"userDisplayName": "User Display Name value",
"certificateExpirationDateTime": "2017-01-01T00:02:14.9489247-08:00",
"certificateLastIssuanceStateChangedDateTime": "2017-01-01T00:00:27.7468732-08:00",
"lastCertificateStateChangeDateTime": "2017-01-01T00:01:10.7144639-08:00",
"certificateIssuer": "Certificate Issuer value",
"certificateThumbprint": "Certificate Thumbprint value",
"certificateSerialNumber": "Certificate Serial Number value",
"certificateKeyLength": 4,
"certificateEnhancedKeyUsage": "Certificate Enhanced Key Usage value",
"certificateValidityPeriod": 9,
"certificateSubjectNameFormatString": "Certificate Subject Name Format String value",
"certificateSubjectAlternativeNameFormatString": "Certificate Subject Alternative Name Format String value",
"certificateIssuanceDateTime": "2016-12-31T23:59:41.5044473-08:00",
"certificateErrorCode": 4
}
响应
下面是一个响应示例。 注意:为简洁起见,可能会截断此处显示的响应对象。 将从实际调用中返回所有属性。
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 1566
{
"@odata.type": "#microsoft.graph.managedDeviceCertificateState",
"id": "d99bc884-c884-d99b-84c8-9bd984c89bd9",
"devicePlatform": "androidForWork",
"certificateKeyUsage": "digitalSignature",
"certificateValidityPeriodUnits": "months",
"certificateIssuanceState": "challengeIssued",
"certificateKeyStorageProvider": "useTpmKspOtherwiseFail",
"certificateSubjectNameFormat": "commonNameIncludingEmail",
"certificateSubjectAlternativeNameFormat": "emailAddress",
"certificateRevokeStatus": "pending",
"certificateProfileDisplayName": "Certificate Profile Display Name value",
"deviceDisplayName": "Device Display Name value",
"userDisplayName": "User Display Name value",
"certificateExpirationDateTime": "2017-01-01T00:02:14.9489247-08:00",
"certificateLastIssuanceStateChangedDateTime": "2017-01-01T00:00:27.7468732-08:00",
"lastCertificateStateChangeDateTime": "2017-01-01T00:01:10.7144639-08:00",
"certificateIssuer": "Certificate Issuer value",
"certificateThumbprint": "Certificate Thumbprint value",
"certificateSerialNumber": "Certificate Serial Number value",
"certificateKeyLength": 4,
"certificateEnhancedKeyUsage": "Certificate Enhanced Key Usage value",
"certificateValidityPeriod": 9,
"certificateSubjectNameFormatString": "Certificate Subject Name Format String value",
"certificateSubjectAlternativeNameFormatString": "Certificate Subject Alternative Name Format String value",
"certificateIssuanceDateTime": "2016-12-31T23:59:41.5044473-08:00",
"certificateErrorCode": 4
}