Dps Certificate - Verify Certificate

Verify certificate's private key possession.
Verifies the certificate's private key possession by providing the leaf cert issued by the verifying pre uploaded certificate.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Devices/provisioningServices/{provisioningServiceName}/certificates/{certificateName}/verify?api-version=2022-12-12
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Devices/provisioningServices/{provisioningServiceName}/certificates/{certificateName}/verify?certificate.name={certificate.name}&certificate.rawBytes={certificate.rawBytes}&certificate.isVerified={certificate.isVerified}&certificate.purpose={certificate.purpose}&certificate.created={certificate.created}&certificate.lastUpdated={certificate.lastUpdated}&certificate.hasPrivateKey={certificate.hasPrivateKey}&certificate.nonce={certificate.nonce}&api-version=2022-12-12

URI Parameters

Name In Required Type Description
certificateName
path True

string

The mandatory logical name of the certificate, that the provisioning service uses to access.

provisioningServiceName
path True

string

Provisioning service name.

resourceGroupName
path True

string

Resource group name.

subscriptionId
path True

string

The subscription identifier.

api-version
query True

string

The version of the API.

certificate.created
query

string

date-time

Certificate creation time.

certificate.hasPrivateKey
query

boolean

Indicates if the certificate contains private key.

certificate.isVerified
query

boolean

Indicates if the certificate has been verified by owner of the private key.

certificate.lastUpdated
query

string

date-time

Certificate last updated time.

certificate.name
query

string

Common Name for the certificate.

certificate.nonce
query

string

Random number generated to indicate Proof of Possession.

certificate.purpose
query

CertificatePurpose

Describe the purpose of the certificate.

certificate.rawBytes
query

string

byte

Raw data of certificate.

Request Header

Name Required Type Description
If-Match True

string

ETag of the certificate.

Request Body

Name Type Description
certificate

string

base-64 representation of X509 certificate .cer file or just .pem file content.

Responses

Name Type Description
200 OK

CertificateResponse

OK

Other Status Codes

ErrorDetails

Default error response.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

DPSVerifyCertificate

Sample request

POST https://management.azure.com/subscriptions/91d12660-3dec-467a-be2a-213b5544ddc0/resourceGroups/myResourceGroup/providers/Microsoft.Devices/provisioningServices/myFirstProvisioningService/certificates/cert/verify?certificate.name={certificate.name}&certificate.rawBytes={certificate.rawBytes}&certificate.isVerified={certificate.isVerified}&certificate.purpose={certificate.purpose}&certificate.created={certificate.created}&certificate.lastUpdated={certificate.lastUpdated}&certificate.hasPrivateKey={certificate.hasPrivateKey}&certificate.nonce={certificate.nonce}&api-version=2022-12-12


{
  "certificate": "#####################################"
}

Sample response

{
  "properties": {
    "subject": "CN=andbucdevice1",
    "expiry": "Sat, 31 Dec 2039 23:59:59 GMT",
    "certificate": "MA==",
    "thumbprint": "97388663832D0393C9246CAB4FBA2C8677185A25",
    "isVerified": true,
    "created": "Thu, 12 Oct 2017 19:23:50 GMT",
    "updated": "Thu, 12 Oct 2017 19:26:56 GMT"
  },
  "id": "/subscriptions/91d12660-3dec-467a-be2a-213b5544ddc0/resourceGroups/myResourceGroup/providers/Microsoft.Devices/ProvisioningServices/myFirstProvisioningService/certificates/cert",
  "name": "cert",
  "type": "Microsoft.Devices/ProvisioningServices/Certificates",
  "etag": "AAAAAAExpTQ="
}

Definitions

Name Description
CertificateProperties

The description of an X509 CA Certificate.

CertificatePurpose

Describe the purpose of the certificate.

CertificateResponse

The X509 Certificate.

createdByType

The type of identity that created the resource.

ErrorDetails

Error details.

systemData

Metadata pertaining to creation and last modification of the resource.

VerificationCodeRequest

The JSON-serialized leaf certificate

CertificateProperties

The description of an X509 CA Certificate.

Name Type Description
certificate

string

base-64 representation of X509 certificate .cer file or just .pem file content.

created

string

The certificate's creation date and time.

expiry

string

The certificate's expiration date and time.

isVerified

boolean

Determines whether certificate has been verified.

subject

string

The certificate's subject name.

thumbprint

string

The certificate's thumbprint.

updated

string

The certificate's last update date and time.

CertificatePurpose

Describe the purpose of the certificate.

Name Type Description
clientAuthentication

string

serverAuthentication

string

CertificateResponse

The X509 Certificate.

Name Type Description
etag

string

The entity tag.

id

string

The resource identifier.

name

string

The name of the certificate.

properties

CertificateProperties

properties of a certificate

systemData

systemData

Metadata pertaining to creation and last modification of the resource.

type

string

The resource type.

createdByType

The type of identity that created the resource.

Name Type Description
Application

string

Key

string

ManagedIdentity

string

User

string

ErrorDetails

Error details.

Name Type Description
code

integer

The error code.

details

string

The error details.

httpStatusCode

string

The HTTP status code.

message

string

The error message.

systemData

Metadata pertaining to creation and last modification of the resource.

Name Type Description
createdAt

string

The timestamp of resource creation (UTC).

createdBy

string

The identity that created the resource.

createdByType

createdByType

The type of identity that created the resource.

lastModifiedAt

string

The timestamp of resource last modification (UTC)

lastModifiedBy

string

The identity that last modified the resource.

lastModifiedByType

createdByType

The type of identity that last modified the resource.

VerificationCodeRequest

The JSON-serialized leaf certificate

Name Type Description
certificate

string

base-64 representation of X509 certificate .cer file or just .pem file content.