4.10 RequestCertificate

int RequestCertificate(MyIDCertificateRequest certificateRequest);

The RequestCertificate method requests a non-archived “Software Certificate” for the specified user, for use as a .CER certificate. This follows these rules:

Note: Requests through the API do not honor validation or role restrictions assigned to the credential profile. You can request any credential profile.

4.10.1 Inputs

Class

Field

Data Type

Description

Allow Null?

MyIDCertificateRequest

 

 

 

No

 

CertificateRequestPKCS10

String

The P10 Certificate Request, in Base64 format.

Note: The P10 Certificate Request content provided to this endpoint (such as the SAN) is the responsibility of the caller.

No

 

CredentialProfileName

String

The credential profile that this request will be made against. It must be a profile set for “Software Certificates Only”. Maps to:

CardProfiles.Name

No

 

PersonIdentifier

String

The unique identifier for finding a person in MyID. This will map to whatever field is specified in the MyID.config file.

See section 4.10.3, Mapping the user identifier.

No

4.10.2 Output

The output is the Certificates.ID for the new Certificate Request. Any failures to create this request will result in an exception being thrown. Possible error scenarios are:

  • Missing data

  • The user has not been found

  • Credential profile has not been found

  • Credential profile is invalid for this certificate request

4.10.3 Mapping the user identifier

When requesting a certificate, you provide a unique identifier for a person in MyID. You can map this to a variety of fields in the MyID database; you can use the following mappings:

To map the user identifier, you must edit the MyID.config file for the CWS web service. By default, this file is in the following location:

C:\Program Files\Intercede\MyID\SSP\CredentialWebService

Open the file in a text editor, and amend the following line:

<add key="PersonIdentifier" value="LogonName"/>

Set the value to the field you want to map.

Once you have saved the file, recycle the app pool used for the Credential Web Service in IIS. This ensures that the web service is using the latest settings.