Easy Certificate Provisioning

This API is used to create an AppViewX certificate and push to a device available in the instance.

Before you begin

Before attempting to trigger these service requests, ensure that:
  • The workflow is enabled.
    Note: For more information on how to enable a workflow, refer the section on Managing Certificates using Automation Workflows.
  • The API user has the necessary RBAC permissions to trigger the workflow. You can check this in the Platform module under IDENTITY > Role > Authorized functions.

Request Structure

Endpoint: /visualworkflow-submit-request
Type: POST
Sample URL: 
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/visualworkflow-submit-request?gwsource=external

To understand the elements of the sample URL, click here.
Headers
Content-Type: application/json
Table 1. Input Parameters
Name Description
sessionId

Header

 (Mandatory, if username and password are not provided) Session ID received after login.

Type: String
username

Header

 (Mandatory if sessionId is not provided) AppViewX login username.

Type: String

Constraint: Required if sessionId is not provided.
password

Header

 (Mandatory if sessionId is not provided) AppViewX login password.

Type: String

Constraint: Required if sessionId is not provided.
gwsource

Query

 (Mandatory) Source from which the request is triggered

Type: String
Payload

Body

 Contains all the parameters to be sent in the request body for the put request.

Type: Payload

Payload

Table 2. Payload
Name Description
appviewx_common_name (Mandatory) Common name of the certificate. Fully qualified domain name (FQDN) of the server for which certificate is requested.

Type: String
device_type (Mandatory) Type of device to which the certificate will be pushed. Possible Values: ADC, Server.

Type: String
push_devices (Mandatory) Contains all push details.

Type: Tabular
device_vendor (Mandatory) Device vendor type based on selection of device type. Possible Values: F5, LinuxServer, Citrix.

Type: String
device (Mandatory) Device name for selected device_vendor.

Type: String
linux_actions (Mandatory only for the Linux server) Linux action for the selected device_vendor. Possible Values: Default, Create KDB label (*.kdb), Certificate Overwrite (*.kdb).

Type: String
selected_profiles (Mandatory) Profile name for device.

Type: String
apache_custom_push (Mandatory only for the Apache server) Provision to opt for pushing the certificate to a custom location. Possible Values: Yes, No.

Type: String
apache_certificate_location (Mandatory only if apache_custom_push is set to Yes) Certificate path created by the user.

Type: String
apache_key_location (Mandatory only if apache_custom_push is set to Yes) Certificate Key path created by the user.

Type: String
password (Mandatory only if linux_action is set to Default) Password to access the KDB file.

Type: String
appviewx_dns_names (Optional) DNS values. (For example: www.appviewx.plus). Multiple values must be separated by comma (,).

Type: String
email_id (Optional) Email address of the organization. Possible values: Default value configured in the policy.

Type: String

Response Structure

Table 3. Response Structure
Name Description
response Contains the response params for the search object request.

Type: Response
message Success message or failure description in case of error.

Type: String
appStatusCode Application specific status code for the response

Will be non-null for failure response

Type: String
tags More information in case of a failure response

Type: NA
Table 4. Response
Name Description
requestId Unique identifier for the request

Type: String
workflowVersion Version of the workflow

Type: String
message The message with the status and request number for the request

Type: String
status Status of the request

Type: String
stausCode Status code for the request

Type: String
requestType Request type

Type: String
workorderId The ID of the work order for the request If there is no workorder, the value will be 0.

Type: String

Status Codes

HTTP Code appStatusCode Response Message
200 OK NA Success

Remediation: NA
400 Bad Request avx-common-028 Invalid/ Incorrect payload

Remediation: Check and ensure if a valid value is given in the request payload field - input.
401 Unauthorized WORKFLOW_1679 User is not authorized.

Remediation: Ensure that logged-in user is authorized to access the workflow.
404 Not Found engine-db-015 Workflow not found.

Remediation: Ensure the workflow data is valid.
409 Conflict WORKFLOW_1475 Given workflow is not in enabled state.

Remediation: Enable the workflow.
500 Internal Server Error WORKFLOW_1617 Invalid form data. Please provide all mandatory data

Remediation: Ensure a valid value is given in the request payload field - input.
500 Internal Server Error NA Error while processing

Remediation: NA

Sample Request/Response

Sample Request
{
  "payload": {
    "header": {
      "workflowName": "Easy Certificate Provisioning"
    },
    "data": {
      "input": {
        "requestData": [
          {
            "sequenceNo": 1,
            "scenario": "scenario",
            "fieldInfo": {
              "info": "",
              "appviewx_common_name": "<mandatory field>",
              "appviewx_dns_names": "",
              "device_type": "ADC,Server",
              "push_devices": [
                {
                  "device_vendor": "<mandatory field>",
                  "device": "<mandatory field>",
                  "linux_actions": "Default,Create KDB label (*.kdb),Certificate Overwrite (*.kdb)",
                  "selected_profiles": "<mandatory field>",
                  "password": "<mandatory field>"
                }
              ],
              "email_id": "<mandatory field>"
            }
          }
        ]
      },
      "globalData": {},
      "task_action": 1
    }
  }
}
Note: Please refer to the request structure to identify the changeable values.
Sample Response
{
    "response": {
        "workorderId": "0",
        "requestType": "default",
        "requestId": "306",
        "workflowVersion": "master",
        "message": "Workflow Request is created with Id 306 . Request submitted to workflow engine for processing workorder.",
        "status": "In Progress",
        "statusCode": 0
    },
    "message": "Success",
    "appStatusCode": null,
    "tags": null,
    "headers": null
}

References

Understanding the sample URL
  • IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
    • IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication

      The IP address will be included in the endpoint URL for an on-prem deployment.

    • HostName: A human-readable label assigned to a device (host) on a network

      The hostname will be included in the endpoint URL for an on-prem deployment.

    • TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify

      The tenant name will be included in the endpoint URL for a SaaS deployment.

  • GWPORT: AppViewX gateway port

    A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.

    Example: 31443

  • avxapi: Path parameter value (static) that is part of the endpoint's URL
  • Endpoint: Endpoint of the API, for example: execute-hook
  • gwsource: Source or origin of a gateway, for example: external.