Help Center/ IAM Identity Center/ API Reference/ API/ Service Provider (SP) Management/ Listing Service Provider Certificates
Updated on 2025-11-27 GMT+08:00
View PDF

Listing Service Provider Certificates

Function

This API is used to query the SAML signing certificate of a service provider.

URI

GET /v1/identity-stores/{identity_store_id}/saml-certificates

Table 1 Path parameters

Parameter

Mandatory

Type

Description

identity_store_id

Yes

String

Globally unique ID of an identity source.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Response Parameters

Status code: 200

Table 3 Parameters in the response body

Parameter

Type

Description

[Array elements]

Array of SpCertificateDto objects

Details of a service provider certificate.
Table 4 SpCertificateDto

Parameter

Type

Description

certificate_id

String

Certificate ID.

x509certificate

String

X.509 certificate.

algorithm

String

Signature algorithm.

expiry_date

Long

Certificate expiration timestamp.

state

String

Certificate activation status.

Status code: 400

Table 5 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

Status code: 403

Table 6 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

encoded_authorization_message

String

Encrypted error message.

Example Request

Querying the SAML signing certificate of a service provider

GET https://{hostname}/v1/identity-stores/{identity_store_id}/saml-certificates

Example Response

Status code: 200

Successful

[ {
  "certificate_id" : "cer-6bea67d1-a875-4e63-b91f-c8081axxxx",
  "x509certificate" : "-----BEGIN CERTIFICATE-----\r\nMIIEzDCCAzSgAwIBAgICAdQwDQYJKoZIhv*********O8=\r\n-----END CERTIFICATE-----",
  "algorithm" : "SHA256withRSA",
  "expiry_date" : 2069798400000,
  "state" : "INACTIVE"
}, {
  "certificate_id" : "cer-89a0723d-fdfd-40cb-9fb6-148xxxxxx",
  "x509certificate" : "-----BEGIN CERTIFICATE-----\r\nMIIEzDCCAzSg********ODA0\r\nMDAwMDAwWjCBqDEhMB8GA1UEAwwYaWRjZW50ZXIuaHVhd2VpY2xvdWQuY29tMSgwJgYDVQQLDB9T\r\nZXJ2aWNlIFByb3ZpZGVyIE9wZXJhdGlvbiBEZXB0MSUwIwYDVQQKDBxIdWF3ZWkgVGVjaG5vbG9n\r\naWVzIENvLiwgTHRkMREwDwYDVQQHDAhTaGVuWmhlbjESMBAGA1UECAwJR3VhbmdEb25nMQswCQYD\r\nVQQGEwJDTjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALFkWYIQXCYtJFQC+BpnaFwg\r\nT+zH7E9cnplccR5Sk66zHYRIJdqITW7ZLhEDeVMy5whHxJ+gL+Fv4E0z82kH8nXa1QERdWYvbu54\r\nnyOZopnQ0YhlIYLW6s7X3pDvxo1WMm7JlqEGuQoY7XF9+AdBeLv/kv2Jsb5g/F/pTZWc+a2ToX7k\r\nqErPdNtbLSueDwpWacmOa/TDCXmrDM1DihX6Bw3/d/BsQnDglDCvYBlscgxv8IEDTqtL0Z7fpaGh\r\nwGlia6wVqsl2C1nMeNijNzau3U9tvzzs0TyJ+I657yq2KD60cWBnjUaVAwrawf741Q9qZjfYFojP\r\nFBoCkdLozNmlDZOFKHWuk81j/Z6JIZ4qEPkeFS+mjk/wBRVHYM5Tzj38XbMVvebQgykf3HKGlCwN\r\nu5HzIftK8T9QVrF2OKYQNGplGt82aMA1fMhTMSW0pB6ab2byOdCOGrD7HoiThD8D680G4sPT+KkE\r\nFsE3YkQRHNdSKb3efRULSqZpNGE44iOKzQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBgQALh5RknXV1\r\nTEEXwVxF+6vMZ/+e9a54IS61vSwXHPf8rPA0e9vhhpONOxRb2nKQKygcwYAW98BVyjZ1v5INfFPo\r\nTe5Zje8iM9sSNAxD6kUJifWzGhemu9Dv4tCnZUSlzPnffZkbxbUsyX5JngryQXZUiNMbRTV6IEt7\r\niDQ8HaNaVXuGbQtZFA0kia78kkQd8p19C/TEIfI0YX6p+Kvhu13oq9TIBs+r9tfUoYsKsHYwF4gb\r\nKKK3oNxq9VbNuZkLbLP20CNrcywMvnq81RklhA2kTkkgtb8IvoakLfnfCg6FbFrNfaqHOQ9lyrEh\r\nZ5XzQFsqhCfR8eIYFPQ6rLDGPtrUVi/t27OTquAUjoCRHtuy44y+OKATKismvFvl+/LAb5wtNuWB\r\nmpzYUFEBE7vVOdJfez9Sd5ujTtr1BDoVNfQ76eMo/p/EHtQjB0cfYnFv8SR9N9q4et0Oj15w4gZp\r\n4XwzOATBm1A0G5blbbJjKGFU/RSVlNPA8UxkJudibOrPhEc=\r\n-----END CERTIFICATE-----",
  "algorithm" : "SHA256withRSA",
  "expiry_date" : 2069798400000,
  "state" : "INACTIVE"
} ]

Status Codes

Status Code

Description

200

Successful.

400

Bad request.

403

Forbidden.

Error Codes

For details, see Error Codes.