你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
Certificate - Refresh Secret
From KeyVault, Refresh the certificate being used for authentication with the backend.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}/refreshSecret?api-version=2021-08-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
certificate
|
path | True |
string |
Identifier of the certificate entity. Must be unique in the current API Management service instance. Regex pattern: |
resource
|
path | True |
string |
The name of the resource group. |
service
|
path | True |
string |
The name of the API Management service. Regex pattern: |
subscription
|
path | True |
string |
Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call. |
api-version
|
query | True |
string |
Version of the API to be used with the client request. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
The certificate details were successfully updated. Headers ETag: string |
|
Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
ApiManagementRefreshCertificate
Sample request
Sample response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
Definitions
Name | Description |
---|---|
Certificate |
Certificate details. |
Error |
Error Field contract. |
Error |
Error Response. |
Key |
KeyVault contract details. |
Key |
Issue contract Update Properties. |
CertificateContract
Certificate details.
Name | Type | Description |
---|---|---|
id |
string |
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} |
name |
string |
The name of the resource |
properties.expirationDate |
string |
Expiration date of the certificate. The date conforms to the following format: |
properties.keyVault |
KeyVault location details of the certificate. |
|
properties.subject |
string |
Subject attribute of the certificate. |
properties.thumbprint |
string |
Thumbprint of the certificate. |
type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
ErrorFieldContract
Error Field contract.
Name | Type | Description |
---|---|---|
code |
string |
Property level error code. |
message |
string |
Human-readable representation of property-level error. |
target |
string |
Property name. |
ErrorResponse
Error Response.
Name | Type | Description |
---|---|---|
error.code |
string |
Service-defined error code. This code serves as a sub-status for the HTTP error code specified in the response. |
error.details |
The list of invalid fields send in request, in case of validation error. |
|
error.message |
string |
Human-readable representation of the error. |
KeyVaultContractProperties
KeyVault contract details.
Name | Type | Description |
---|---|---|
identityClientId |
string |
Null for SystemAssignedIdentity or Client Id for UserAssignedIdentity , which will be used to access key vault secret. |
lastStatus |
Last time sync and refresh status of secret from key vault. |
|
secretIdentifier |
string |
Key vault secret identifier for fetching secret. Providing a versioned secret will prevent auto-refresh. This requires API Management service to be configured with aka.ms/apimmsi |
KeyVaultLastAccessStatusContractProperties
Issue contract Update Properties.
Name | Type | Description |
---|---|---|
code |
string |
Last status code for sync and refresh of secret from key vault. |
message |
string |
Details of the error else empty. |
timeStampUtc |
string |
Last time secret was accessed. The date conforms to the following format: |