5. API#

5.1. API keys#

You can generate any number of API keys under Settings Manage API keys. These API keys will only be shown once and thereafter hashed and encrypted in the database, so remember to take note of the API keys when shown the first time.

The complete API documentation has been moved to Swagger UI inside TrustView, under the Support section, in the upper right corner of the top navigation of TrustView.

Use the built-in Swagger UI to test API calls from TrustView

Important

Use your API key located under License info in the side menu, to authorize the Swagger UI to be able to test and perform API calls, directly from TrustView.

5.2. Legacy API#

Danger

It is recommended to avoid setting up these API handles in a production workflow, as they will be moved to the new API framework and Swagger UI in the future, and therefore changes will inevitably occur.

5.3. Certificate import#

TrustView allows you to import SSL and other certificates by using API calls. The parameters are identical to those used to manually import a certificate.

The import API has two URLs:

Certificate import#
1POST trustview.your-url.org/api/monitoredsslcertificates/
2POST trustview.your-url.org/api/monitoredcertificates/

One to import SSL certificates and another to import other certificates. The parameters are the same for both.

The parameters for the certificate import should be included in a JSON format similar to this:

Example of JSON format#
 1 {"apikey":"x4309sdfm",
 2 "certificate":"MIIFzTCCBLWgAwIBAgIQDueitDozhMm2oAZlUslm+jANBgkqhkiG9w0BAQsFADB1
 3 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 4 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
 5 IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE0MTEyNjAwMDAwMFoXDTE1MTIwMTEy
 6 MDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
 7 BAGCNzwCAQMTAkRLMREwDwYDVQQFEwgzNTQ2Nzk1NTEhMB8GA1UECRMYSW5nZSBM
 8 ZWhtYW5ucyBHYWRlIDEwLCA2MQ0wCwYDVQQREwQ4MDAwMQswCQYDVQQGEwJESzEP
 9 MA0GA1UECBMGQWFyaHVzMREwDwYDVQQHEwhBYXJodXMgQzEYMBYGA1UEChMPVFJV
10 U1RTS0lMTFMgQXBTMR0wGwYDVQQDExR2aWV3LnRydXN0c2tpbGxzLmNvbTCCASIw
11 DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMHGEREUGbqnV8iLjGIe01tv8nT
12 WA0fI19bc3AfpYEKUCF0j4w2/1i3LGgGq6vCTbdQ3mbRSroltRMHLbQo/s/KimMj
13 O5NipIyCG2zcSTC//1VAI4skc74sXe5QmwUMynZcn9QlX63LAkIgP3gbC9UwZW1T
14 zG0c1KCyBLq3nnP7lAJwx4HODCGqWrx7Wi1CcvwUe2MGZ5guzWDlo2m7b0VmToal
15 Gf3AKOJmIk1VRMtg7x9QGFT+AHC8pvI2v+3J4AMYZ6t2Yc94RfwHUKsiwnS/PZeX
16 HeuCC7YInbZkqG+May7ja70W8xRBh77MCXZ0Kfumyjgud2ajihlrVC7xY7kCAwEA
17 AaOCAegwggHkMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1Ud
18 DgQWBBTEypXxWBKpTOnfxY4cbE4D/lMFKDAfBgNVHREEGDAWghR2aWV3LnRydXN0
19 c2tpbGxzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
20 CCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
21 LmNvbS9zaGEyLWV2LXNlcnZlci1nMS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRp
22 Z2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMS5jcmwwQgYDVR0gBDswOTA3Bglg
23 hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
24 L0NQUzCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
25 aWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0
26 LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQw
27 DAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAVmbxaK32dQNuV5KROTdm
28 WuEjgpzwmJqLbCucdbCYoIpgint2Nae0ss5v09QGy0prhsxbaB3Qc7M6NHVrGqwj
29 qWVPC7rZEPkLMI5dhBxo4M6E5YQKkNTj6ZXVJqKc/RCfa+JchR9kVSVELMmgKeG1
30 08dNQXjkrek1gMZ0nwaU1C1nKoykh2rrJGcRqoHp0TLNDKVPgu1LOEuNerDgVdFl
31 G218FWVrNbGo0+fYTJUqb6Q23nNjM4HO15QtsXCMYnwuXOHq79qjA4RJUHJp5dcT
32 QcBW7sF+nMJuYsXNOuq9poJoT+MZ/0a5dDR9RDKObeBNZzUWFBnZhNRnt0i5hKnA
33 6Q==",
34 "comment":"trustskills cert",
35 "customField1":"foo",
36 "customField2":"bar",
37 ...
38 "customField10":"baz"
39 }

The API key field is the API key string. The certificate field is the certificate itself. The comment and custom fields are optional, matching the comment field and the custom fields from 1 to 10.

When POSTING to /api/monitoredsslcertificates/, TrustView will ignore the value of name and overwrite it the same way as if you imported the certificate manually in TrustView.

When POSTING to /api/monitoredcertificates/, TrustView will use the value of name in the name field of the certificate.

The call will return a status 201 if successful, or an error status and text if not. The error will also be logged.

Note

Note that the call will be rejected if a custom field value is given and the custom field is not enabled for SSL certificates, or does not match one of the approved values.

5.4. Certificate deletion#

TrustView allows you to delete certificates in the other category by using API calls.

The deletion API has the following URL:

Certificate deletion#
1DELETE trustview.your-url.org/api/monitoredcertificates/delete

The parameters for the certificate deletion should be included in a JSON format similar to this:

Example of JSON format#
 1 {"apikey":"x4309sdfm",
 2 "certificate":"MIIFzTCCBLWgAwIBAgIQDueitDozhMm2oAZlUslm+jANBgkqhkiG9w0BAQsFADB1
 3 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 4 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
 5 IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE0MTEyNjAwMDAwMFoXDTE1MTIwMTEy
 6 MDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
 7 BAGCNzwCAQMTAkRLMREwDwYDVQQFEwgzNTQ2Nzk1NTEhMB8GA1UECRMYSW5nZSBM
 8 ZWhtYW5ucyBHYWRlIDEwLCA2MQ0wCwYDVQQREwQ4MDAwMQswCQYDVQQGEwJESzEP
 9 MA0GA1UECBMGQWFyaHVzMREwDwYDVQQHEwhBYXJodXMgQzEYMBYGA1UEChMPVFJV
10 U1RTS0lMTFMgQXBTMR0wGwYDVQQDExR2aWV3LnRydXN0c2tpbGxzLmNvbTCCASIw
11 DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMHGEREUGbqnV8iLjGIe01tv8nT
12 WA0fI19bc3AfpYEKUCF0j4w2/1i3LGgGq6vCTbdQ3mbRSroltRMHLbQo/s/KimMj
13 O5NipIyCG2zcSTC//1VAI4skc74sXe5QmwUMynZcn9QlX63LAkIgP3gbC9UwZW1T
14 zG0c1KCyBLq3nnP7lAJwx4HODCGqWrx7Wi1CcvwUe2MGZ5guzWDlo2m7b0VmToal
15 Gf3AKOJmIk1VRMtg7x9QGFT+AHC8pvI2v+3J4AMYZ6t2Yc94RfwHUKsiwnS/PZeX
16 HeuCC7YInbZkqG+May7ja70W8xRBh77MCXZ0Kfumyjgud2ajihlrVC7xY7kCAwEA
17 AaOCAegwggHkMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1Ud
18 DgQWBBTEypXxWBKpTOnfxY4cbE4D/lMFKDAfBgNVHREEGDAWghR2aWV3LnRydXN0
19 c2tpbGxzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
20 CCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
21 LmNvbS9zaGEyLWV2LXNlcnZlci1nMS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRp
22 Z2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMS5jcmwwQgYDVR0gBDswOTA3Bglg
23 hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
24 L0NQUzCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
25 aWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0
26 LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQw
27 DAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAVmbxaK32dQNuV5KROTdm
28 WuEjgpzwmJqLbCucdbCYoIpgint2Nae0ss5v09QGy0prhsxbaB3Qc7M6NHVrGqwj
29 qWVPC7rZEPkLMI5dhBxo4M6E5YQKkNTj6ZXVJqKc/RCfa+JchR9kVSVELMmgKeG1
30 08dNQXjkrek1gMZ0nwaU1C1nKoykh2rrJGcRqoHp0TLNDKVPgu1LOEuNerDgVdFl
31 G218FWVrNbGo0+fYTJUqb6Q23nNjM4HO15QtsXCMYnwuXOHq79qjA4RJUHJp5dcT
32 QcBW7sF+nMJuYsXNOuq9poJoT+MZ/0a5dDR9RDKObeBNZzUWFBnZhNRnt0i5hKnA
33 6Q=="
34 }

The API key field is the API key string. The certificate field is the certificate to be deleted.

The call will return a status 200 if successful, or an error status and text if not. The error will also be logged.