POST Workflow/Ticket/Enumerate

Returns the GUIDs of all workflow tickets associated with the object and user.

If the WebSDK caller is configured to be an approver and the workflow ticket was created after the established WebSDK session (automatically by Trust Protection Platform as part of lifecycle processing or by calling POST Workflow/Ticket/Create), you must call GET Permissions/Refresh after ticket creation. Otherwise, the caller will not be able to see or act on the ticket until you get another bearer token.


  • Token scope:  Any valid scope, such as Agent, Certificate, or SSH


  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.


Specify at least one input parameter.

Input parameters




(Optional) The Distinguished Name (DN) of an object that may be managed by a workflow.


(Optional) A comma-separated list of identities that are associated with the ticket. Expressed as prefixed universals.


Response description



HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • GUIDs: An array of unique identification strings for workflow tickets that match the specified parameters.

  • Result:  Integer result code indicating success 1 or failure. For more information, see Workflow result codes.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • error: The reason for the error.
  • error_description: If available, additional information about how to retry the request.

Example: Find workflow ticket GUIDs for a certificate

POST https://tpp.venafi.example/vedsdk/Workflow/Ticket/Enumerate
Authorization:Bearer 4MyGeneratedBearerTknz==


HTTP/1.1 200 OK