Create Client Certificate

POST {{baseUrl}}/organizations/:organizationId/clientcertificates

Generate a new client certificate for the organization. There is a maximum limit of 10 active certificates at a time.

To call this endpoint, you must create a client certificate request using a tool like openssl: shell openssl req -new -keyout myPrivateKey.pem -out myCSR.csr

The above call will ask you for a password and several other key parameters. When the command completes, you will have a .csr file. The contents of that file are what you will use as the certificate while calling this endpoint.

When this call returns successfully, the reponse will contain a key for use when making calls that require a client certificate.

500 Error

For this call to work, you must turn the certificate into a string that will work in a JSON object. It is easy to get this incorrect. If you receive a 500 error, double check your certificate string. Use a JSON object filled out as below to make this work. The value of the certification string will be long, but should contain no line breaks, and should start and end as shown below.

{
 "certificateRequest": "-----BEGIN CERTIFICATE REQUEST-----<long key string>-----END CERTIFICATE REQUEST-----"
}

Administrator Request

To use this call you must be a Qualtrics brand administrator

Create the Client Certificate Before Setting Up mTLS

If you are creating a client certificate to set up mTLS, make sure you create the client certificate before turning on mTLS.

Request Body

{"certificateRequest"=>"-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----\n"}

HEADERS

KeyDatatypeRequiredDescription
Content-Typestring
Acceptstring

RESPONSES

status: OK

{&quot;result&quot;:{&quot;certificate&quot;:&quot;veniam exercitation in&quot;,&quot;id&quot;:&quot;d&quot;},&quot;meta&quot;:{&quot;httpStatus&quot;:&quot;voluptate amet enim esse magna&quot;,&quot;requestId&quot;:&quot;reprehenderit ad Duis &quot;,&quot;notice&quot;:&quot;cillum id rep&quot;}}