Identity Hub API, REST: SshCertificate.Generate

Written by

Updated at October 30, 2025

HTTP request
Body parameters
Response

Members of an organization can generate certificates for themselves
Signing certificates for other users requires a special permission

HTTP request

POST https://organization-manager.api.cloud.yandex.net/organization-manager/v1/sshCertificates:generate

Body parameters

{
  // Includes only one of the fields `cloudId`, `organizationId`
  "cloudId": "string",
  "organizationId": "string",
  // end of the list of possible fields
  // Includes only one of the fields `subjectId`, `osLogin`
  "subjectId": "string",
  "osLogin": "string",
  // end of the list of possible fields
  "publicKey": "string"
}

Field	Description
cloudId	string the cloud must be attached to an organization Includes only one of the fields `cloudId`, `organizationId`.
organizationId	string Includes only one of the fields `cloudId`, `organizationId`.
subjectId	string specify subject to generate certificate for default login Includes only one of the fields `subjectId`, `osLogin`.
osLogin	string specify os_login for a specific login Includes only one of the fields `subjectId`, `osLogin`.
publicKey	string Required field.

Response

HTTP Code: 200 - OK

{
  "signedCertificate": "string"
}

Field

Description

signedCertificate

string

as per specification https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD

Identity Hub API, REST: SshCertificate.Generate

HTTP requestHTTP request

Body parametersBody parameters

ResponseResponse

Was the article helpful?

HTTP request

Body parameters

Response