Create Client Certificate
POST {{baseUrl}}/organizations/:organizationId/clientcertificates
Generate a new client certificate for the organization. There is a maximum limit of 10 active certificates at a time.
To call this endpoint, you must create a client certificate request using a tool like openssl:
shell
openssl req -new -keyout myPrivateKey.pem -out myCSR.csr
The above call will ask you for a password and several other key parameters. When the command completes, you will have a .csr file. The contents of that file are what you will use as the certificate while calling this endpoint.
When this call returns successfully, the reponse will contain a key for use when making calls that require a client certificate.
500 Error
For this call to work, you must turn the certificate into a string that will work in a JSON object. It is easy to get this incorrect. If you receive a 500 error, double check your certificate string. Use a JSON object filled out as below to make this work. The value of the certification string will be long, but should contain no line breaks, and should start and end as shown below.
{ "certificateRequest": "-----BEGIN CERTIFICATE REQUEST-----<long key string>-----END CERTIFICATE REQUEST-----" }
Administrator Request
To use this call you must be a Qualtrics brand administrator
Create the Client Certificate Before Setting Up mTLS
If you are creating a client certificate to set up mTLS, make sure you create the client certificate before turning on mTLS.
Request Body
{"certificateRequest"=>"-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----\n"}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | string | ||
Accept | string |
RESPONSES
status: OK
{"result":{"certificate":"veniam exercitation in","id":"d"},"meta":{"httpStatus":"voluptate amet enim esse magna","requestId":"reprehenderit ad Duis ","notice":"cillum id rep"}}