Identity Hub API, gRPC: SshCertificateService.Generate
Members of an organization can generate certificates for themselves
Signing certificates for other users requires a special permission
gRPC request
rpc Generate (GenerateSshCertificateRequest) returns (GenerateSshCertificateResponse)
GenerateSshCertificateRequest
{
// Includes only one of the fields `cloud_id`, `organization_id`
"cloud_id": "string",
"organization_id": "string",
// end of the list of possible fields
// Includes only one of the fields `subject_id`, `os_login`
"subject_id": "string",
"os_login": "string",
// end of the list of possible fields
"public_key": "string"
}
|
Field |
Description |
|
cloud_id |
string the cloud must be attached to an organization The maximum string length in characters is 50. Includes only one of the fields |
|
organization_id |
string The maximum string length in characters is 50. Includes only one of the fields |
|
subject_id |
string specify subject to generate certificate for default login The maximum string length in characters is 50. Includes only one of the fields |
|
os_login |
string specify os_login for a specific login The maximum string length in characters is 32. Includes only one of the fields |
|
public_key |
string Required field. The maximum string length in characters is 15000. |
GenerateSshCertificateResponse
{
"signed_certificate": "string"
}
|
Field |
Description |
|
signed_certificate |
string as per specification https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD |