POST Codesign/UpdateTemplate

Updates or applies CodeSign Protect Environment Template settings. The changes apply to all project environments that use this template.

Requirements

  • The template PerUser attribute is already set to true. To set the value, call POST Codesign/CreateTemplate.
  • Permissions:  The caller must be a Code Signing Administrator.
  • Token scope:  Codesign:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

Dn

The Distinguished Name (DN) of the environment template. Use the appropriate syntax. For example, in Postman: \\VED\\Code Signing\\Environment Templates\\[YourTemplateName]. To get this value, call POST Codesign/EnumerateTemplates.

CertificateTemplate

Pass one of the following objects with the changes the changes you want: 

ObjectNamingPattern

Only valid if the template PerUser attribute is already set to true. The pattern that stores signing Certificate objects in the Policy Tree by a user's identity. Each signer has a unique Policy folder. The default is $Sign.Project$\$Sign.Environment$\$Sign.User$.

  • (Optional Sub-folders) Specify text or macros for the Policy Distinguished name (DN). Delimit each sub-folder with backslashes. Use the appropriate syntax. For example, in Postman: $Sign.Project$\\$Sign.Environment$\\$Identity[$Sign.User$]$.

    • $Sign.Project$: A folder that contains the code signing project name.
    • $Sign.Environment$: A folder that contains the signing environment name.
    • $Sign.EnvironmentType$: A folder that contains the environment type.
  • (Requires one Key). Specify one Key, which also identifies the intended user, as a sub-folder:

    • $Identity[$Sign.User$]$: The certificate name ends with the Key User who has the authority to code sign.
    • $Identity[$Sign.User$,Given Name]$: The certificate name ends with the identity's name. Cannot be a group.
    • $Identity[$Sign.User$,Surname]$: The certificate name ends with the identity's last name.
    • $IdentityEmail[$Sign.User$]$: The certificate name ends with the person's email address.
    •  $Sign.User$: The Prefixed name and Universally Unique Identifier (UUID). For example, AD+JHTEST:{20711110-ffff-4813-a6fa-d5930fa37ac8}.

Example: ObjectNamingPattern: $Sign.Environment$\\$Sign.Project$\\$Identity[$Sign.User$]$ stores certificates in \VED\Policy\Code Signing\Certificates\[ProjectEnvThatUsesThisTemplate]\[Environment]\[user].

Returns

Response description

Name

Description

HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • Error: Appears only when Success is false. An error message that accompanies the Result. Check your payload input values.

  • Result: The Result code of this API call. For more information, see Sign Result Codes.

  • Success: The result of this API call: A value of false indicates the request failed due to an Error. Otherwise, true.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • error: The reason for the error.
  • error_description: If available, additional information about how to retry the request.

Example: Apply macros to the template for object naming

Request

POST https://codesign.venafi.example/vedsdk/Codesign/UpdateTemplate
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "Dn":"\\VED\\Code Signing\\Environment Templates\\MyTemplate2",
   "ObjectNamingPattern":"$Sign.Project$\\$Sign.Environment$\\$Identity[$Sign.User$]$",
   "CertificateTemplate":{
      "Dn":"\\VED\\Code Signing\\Environment Templates\\MyTemplate2",
      ...
   }
}
  

Response

HTTP/1.1 200 OK
{
   "Result": 1,
   "Success": true
}