POST Certificates/Dissociate

Detaches one or more Application objects and corresponding Device objects from an existing certificate. Use the DeleteOrphans parameter to manage the Application Distinguished Name (DN) and corresponding Device DNs.

Requirements

  • Permissions
    • Write permission to the Certificate object.
    • Write permission or Associate permission to Application objects that are associated with the certificate.
    • (Optional) Delete permission to Application objects that are associated with the certificate. For example, when DeleteOrphans:true.
    • (Optional) Delete permission to the device. For example, when DeleteOrphans:true.
  • Token scope:  Certificate:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

CertificateDN

The Distinguished Name (DN) of the certificate.

ApplicationDN An array of one or more Application objects, specified by their distinguished names, that uniquely identify them in the Venafi platform.

DeleteOrphans

The action to take after dissociating the Application DN and device from the Certificate DN:

  • false: Default. Retain both the Application DN and corresponding Device DN. Use this option to retain the Application DN and associate it with some other certificate.
  • true: Delete the Application DN. Only delete the corresponding Device DN when it has no child objects. Otherwise retain only the Device DN and its children. Use this option to completely remove the application object and corresponding device objects.

Returns

Response description

Name

Description

HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • Success:true:  The set of certificates successfully dissociated from the Application DN.

HTTP 400

For invalid requests, this call returns a HTTP 400 BadRequest and the following data in the message body:

  • Success: false: The API call failed.
  • Error: Returns an error message for bad parameters, data, or syntax:
    • Dissociate error. Application [ ApplicationDN] is associated with a different certificate [ CertificateDN].

    • Dissociate error. Certificate [ CertificateDN] is not currently associated with the application [ ApplicationDN].
    • Permissions error. You do not have Delete permission to the orphan Application [ ApplicationDN].
    • Permissions error. You do not have Delete permission to the orphan Device [ DeviceDN].

Example: Dissociate an Application DN from its certificate

Request

POST https://tpp.venafi.example/vedsdk/Certificates/Dissociate
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "CertificateDN":"\\VED\\Policy\\CertificateSet\\Cert75G-Lab04",
   "ApplicationDN":[
      "\\VED\\Policy\\CertificateSet\\HSM95\\F5 LTM Advanced"
   ],
   "DeleteOrphans":"true"
}

Response

HTTP/1.1 200 OK
{
   "Success":true
}