POST SecretStore/LookupByAssociation

Returns the vault IDs that contain the specified name/value pair.

This API call only returns the following certificate association attributes: 'Store Archived', 'Store Added', 'Hash', 'Serial', 'Key Algorithm', 'Label', 'Template Major Version', 'Template Minor Version', 'Template Name', and 'Template Oid'. To obtain comprehensive details and validation information for a certificate, please use the Certificates API.

Requirements

  • The caller must have Read permission to the owner for the VaultID to appear in the results.
  • Token scope:  Restricted

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Specify one Name, a corresponding Secret Store attribute, and its corresponding data type. For example, "Name":"Serial", "StringValue":"5932C68AC336321AC18952C2F0E4CC9C".

Input parameters Input parameters

Name

Description

Name (use with the IntValueparameter)

Specify one of the following search parameters and a corresponding IntValue:

  • Template Major Version: The template version used to issue a certificate.

Name (use with the StringValue parameter)

Specify one of the following search parameters and a corresponding StringValue:

  • Hash: The hash of the certificate.
  • Serial: The serial number of the certificate.
  • Key Algorithm: The key algorithm of the certificate.
  • Template Major Version: The template version used to issue a certificate.
  • Template Oid: The object ID (OID) of the template used to issue a certificate.

IntValue

A numeric value to search.

StringValue

The string value to search.

DateValue

Specify the Universal Time Coordinated (UTC) in the ISO 8601 format, for example YYYY-MM-DDTHH:MM:SS.mmmmmmmZ.

Returns

Response description

Name

Description

Result

A number indicating the status:

VaultIDs

An array containing the associated Vault IDs.

The value parameters are optional, but if a value is specified it can be only one of the three for a single query. If no value is specified then all vault items that have a value under the associated name are returned.

Example 1: Find Vault IDs that contain certificates for a key algorithm

Request for Example 1

POST https://tpp.venafi.example/vedsdk/SecretStore/LookupByAssociation
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "Name":"Key Algorithm",
   "StringValue":"RSA"
}

Response for Example 1

HTTP/1.1 200 OK
{
   "Result":0,
   "VaultIDs":[
      469,
      468,
      467,
      466
   ]
}

Example 2: Locate the vault that holds a certificate

Request for Example 2

POST https://tpp.venafi.example/vedsdk/SecretStore/LookupByAssociation
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "Name":"Serial",
   "StringValue":"5932C68AC336321AC18952C2F0E4CC9C"
}

Response for Example 2

HTTP/1.1 200 OK
{
   "Result":0,
   "VaultIDs":[
      9061
   ]
}