Trustpoint APIs Overview¶
Trustpoint provides two distinct REST API interfaces for different purposes:
1. Certificate Management APIs (PKI Protocols)¶
Certificate enrollment and lifecycle management using industry-standard PKI protocols and a simplified REST interface.
Available Protocols¶
Protocol |
Base URL |
Purpose |
Standard |
|---|---|---|---|
CMP |
|
Full-featured PKI protocol |
RFC 4210, RFC 9480 |
EST |
|
Simple enrollment over TLS |
RFC 7030 |
REST PKI |
|
JSON-based enrollment (Trustpoint-specific) |
Custom |
2. Trustpoint Management API¶
RESTful API for managing Trustpoint resources, configuration, and administration.
Base URL¶
https://<trustpoint-host>/api/
Features¶
Certificate Authority Management: Manage CAs, domains, and certificate profiles
Device Management: Device registration, onboarding, and monitoring
User Management: User accounts, authentication, and authorization
Workflow Management: Approval workflows and automation
System Configuration: Security settings, logging, and system health
Authentication¶
The Management API uses JWT (JSON Web Tokens) for authentication:
# Obtain access token
curl -X POST https://trustpoint.example.com/api/token/ \
-H "Content-Type: application/json" \
-d '{"username": "admin", "password": "password"}'
# Use token in requests
curl -X GET https://trustpoint.example.com/api/domains/ \
-H "Authorization: Bearer <access_token>"
OpenAPI Documentation¶
The complete API specification is available in OpenAPI (Swagger) format:
Swagger UI:
https://<trustpoint-host>/api/schema/swagger-ui/