github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 15:38:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

Docs improvements

Browse Source
This commit is contained in:
Carlos Monastyrski
2025-09-22 14:21:14 -03:00
parent 3587fbf98b
commit 53176784b3
16 changed files with 12 additions and 1223 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
docs/api-reference/endpoints/pki/syncs/azure-key-vault/create.mdx
View File

@@ -2,150 +2,3 @@
title: "Create Azure Key Vault PKI Sync"
openapi: "POST /api/v1/pki/syncs/azure-key-vault"
---
<Info>
This endpoint creates a new Azure Key Vault PKI sync for a specified project.
</Info>
## Request
<ParamField body="name" type="string" required>
Name of the PKI sync (1-64 characters)
</ParamField>
<ParamField body="description" type="string" optional>
Description of the PKI sync
</ParamField>
<ParamField body="isAutoSyncEnabled" type="boolean" default="true">
Whether automatic synchronization is enabled when certificates are issued
</ParamField>
<ParamField body="destinationConfig" type="object" required>
Azure Key Vault specific configuration
<Expandable title="properties">
<ParamField body="vaultBaseUrl" type="string" required>
Base URL of the Azure Key Vault (e.g., "https://my-vault.vault.azure.net/")
</ParamField>
</Expandable>
</ParamField>
<ParamField body="syncOptions" type="object" default="{}">
Sync-specific options and settings
</ParamField>
<ParamField body="subscriberId" type="string" optional>
ID of the PKI subscriber to connect this sync to. If provided, certificates issued by this subscriber will be automatically synced to Azure Key Vault.
</ParamField>
<ParamField body="connectionId" type="string" required>
ID of the Azure Key Vault app connection to use for this sync
</ParamField>
<ParamField body="projectId" type="string" required>
ID of the project to create the PKI sync in
</ParamField>
## Response
Returns the created Azure Key Vault PKI sync object with the same structure as the list endpoint response.
<ResponseField name="id" type="string">
Unique identifier for the created PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
Always "azure-key-vault"
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization is enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Azure Key Vault specific configuration
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the Azure Key Vault app connection used for this sync
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
<RequestExample>
```bash cURL
curl -X POST "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault" \
-H "Authorization: Bearer <your-api-key>" \
-H "Content-Type: application/json" \
-d '{
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultBaseUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"projectId": "proj_12345"
}'
```
</RequestExample>
<ResponseExample>
```json Response
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultBaseUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": null,
"lastSyncedAt": null,
"lastSyncMessage": null,
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-11-01T10:00:00Z"
}
```
</ResponseExample>

109
docs/api-reference/endpoints/pki/syncs/azure-key-vault/delete.mdx
View File

@@ -2,112 +2,3 @@
title: "Delete Azure Key Vault PKI Sync"
openapi: "DELETE /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}"
---
<Warning>
This action is irreversible. Deleting a PKI sync will stop all automatic certificate synchronization to the Azure Key Vault, but it will not remove certificates that have already been synced.
</Warning>
<Info>
This endpoint deletes an existing Azure Key Vault PKI sync.
</Info>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the Azure Key Vault PKI sync to delete
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
## Response
Returns the deleted Azure Key Vault PKI sync object.
<ResponseField name="id" type="string">
Unique identifier for the deleted PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the deleted PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the deleted PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
Always "azure-key-vault"
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization was enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Azure Key Vault specific configuration
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belonged to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync was connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the Azure Key Vault app connection that was used for this sync
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
<RequestExample>
```bash cURL
curl -X DELETE "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault/ps_12345" \
-H "Authorization: Bearer <your-api-key>"
```
</RequestExample>
<ResponseExample>
```json Response
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultBaseUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T10:00:00Z"
}
```
</ResponseExample>

136
docs/api-reference/endpoints/pki/syncs/azure-key-vault/get-by-id.mdx
View File

@@ -2,139 +2,3 @@
title: "Get Azure Key Vault PKI Sync by ID"
openapi: "GET /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}"
---
<Info>
This endpoint retrieves a specific Azure Key Vault PKI sync by its ID.
</Info>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the Azure Key Vault PKI sync to retrieve
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
## Response
<ResponseField name="id" type="string">
Unique identifier for the PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
Always "azure-key-vault"
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization is enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Azure Key Vault specific configuration
<Expandable title="properties">
<ResponseField name="vaultBaseUrl" type="string">
Base URL of the Azure Key Vault
</ResponseField>
</Expandable>
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the Azure Key Vault app connection used for this sync
</ResponseField>
<ResponseField name="syncStatus" type="string" optional>
Current status of the last sync operation
</ResponseField>
<ResponseField name="lastSyncedAt" type="string" optional>
Timestamp of the last successful sync
</ResponseField>
<ResponseField name="lastSyncMessage" type="string" optional>
Message from the last sync operation
</ResponseField>
<ResponseField name="removeStatus" type="string" optional>
Current status of the last remove operation
</ResponseField>
<ResponseField name="lastRemovedAt" type="string" optional>
Timestamp of the last certificate removal
</ResponseField>
<ResponseField name="lastRemoveMessage" type="string" optional>
Message from the last remove operation
</ResponseField>
<ResponseField name="connection" type="object">
Details about the associated Azure Key Vault app connection
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
<RequestExample>
```bash cURL
curl -X GET "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault/ps_12345" \
-H "Authorization: Bearer <your-api-key>"
```
</RequestExample>
<ResponseExample>
```json Response
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultBaseUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T10:00:00Z"
}
```
</ResponseExample>

134
docs/api-reference/endpoints/pki/syncs/azure-key-vault/list.mdx
View File

@@ -2,137 +2,3 @@
title: "List Azure Key Vault PKI Syncs"
openapi: "GET /api/v1/pki/syncs/azure-key-vault"
---
<Info>
This endpoint lists all Azure Key Vault PKI syncs for a specified project.
</Info>
## Request
<ParamField query="projectId" type="string" required>
The ID of the project to list Azure Key Vault PKI syncs for
</ParamField>
## Response
<ResponseField name="pkiSyncs" type="array">
Array of Azure Key Vault PKI syncs for the project
<Expandable title="properties">
<ResponseField name="id" type="string">
Unique identifier for the PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
Always "azure-key-vault" for this endpoint
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization is enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Azure Key Vault specific configuration
<Expandable title="properties">
<ResponseField name="vaultBaseUrl" type="string">
Base URL of the Azure Key Vault (e.g., "https://my-vault.vault.azure.net/")
</ResponseField>
</Expandable>
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the Azure Key Vault app connection used for this sync
</ResponseField>
<ResponseField name="syncStatus" type="string" optional>
Current status of the last sync operation ("pending", "running", "succeeded", "failed")
</ResponseField>
<ResponseField name="lastSyncedAt" type="string" optional>
Timestamp of the last successful sync
</ResponseField>
<ResponseField name="lastSyncMessage" type="string" optional>
Message from the last sync operation
</ResponseField>
<ResponseField name="removeStatus" type="string" optional>
Current status of the last remove operation
</ResponseField>
<ResponseField name="lastRemovedAt" type="string" optional>
Timestamp of the last certificate removal
</ResponseField>
<ResponseField name="lastRemoveMessage" type="string" optional>
Message from the last remove operation
</ResponseField>
<ResponseField name="connection" type="object">
Details about the associated Azure Key Vault app connection
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
</Expandable>
</ResponseField>
<ResponseExample>
```json Response
{
"pkiSyncs": [
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultBaseUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T10:00:00Z"
}
]
}
```
</ResponseExample>

61
docs/api-reference/endpoints/pki/syncs/azure-key-vault/remove-certificates.mdx
View File

@@ -2,64 +2,3 @@
title: "Remove Certificates from Azure Key Vault"
openapi: "POST /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}/remove-certificates"
---
<Warning>
This endpoint permanently removes certificates from Azure Key Vault. Only certificates managed by Infisical (prefixed with "Infisical-") will be removed. This action cannot be undone.
</Warning>
<Info>
This endpoint removes certificates from the specified Azure Key Vault that are no longer active in Infisical or are expired. It helps clean up outdated certificates and maintain security hygiene.
</Info>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the Azure Key Vault PKI sync to remove certificates from
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
## Response
<ResponseField name="message" type="string">
Success message confirming the remove operation has been triggered
</ResponseField>
<RequestExample>
```bash cURL
curl -X POST "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault/ps_12345/remove-certificates" \
-H "Authorization: Bearer <your-api-key>"
```
</RequestExample>
<ResponseExample>
```json Response
{
"message": "Remove operation has been triggered successfully"
}
```
</ResponseExample>
## Behavior
When this endpoint is called:
1. **Certificate Identification**: Identifies certificates in Azure Key Vault that are managed by Infisical (prefixed with "Infisical-")
2. **Status Check**: Compares against active certificates in the connected PKI subscriber
3. **Selective Removal**: Removes only certificates that are:
- Expired or revoked in Infisical
- No longer present in the PKI subscriber
- Managed by Infisical (prefixed with "Infisical-")
4. **Status Tracking**: The remove status is updated and can be monitored through the PKI sync object
<Note>
- Only certificates with the "Infisical-" prefix are considered for removal
- Certificates not managed by Infisical remain untouched
- Disabled certificates in Azure Key Vault are skipped during the removal process
</Note>
<Warning>
This operation requires appropriate permissions in the Azure Key Vault. Ensure your Azure Key Vault app connection has sufficient permissions to delete certificates.
</Warning>

53
docs/api-reference/endpoints/pki/syncs/azure-key-vault/sync-certificates.mdx
View File

@@ -2,56 +2,3 @@
title: "Sync Certificates to Azure Key Vault"
openapi: "POST /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}/sync"
---
<Info>
This endpoint triggers a manual synchronization of certificates from Infisical to the specified Azure Key Vault. It will upload all active certificates from the connected PKI subscriber to the Azure Key Vault, creating or updating certificates as needed.
</Info>
<Note>
Certificates are uploaded to Azure Key Vault with their certificate and private key combined in PEM format. The certificate key properties (RSA/ECDSA type and key size) are automatically detected and configured appropriately.
</Note>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the Azure Key Vault PKI sync to trigger synchronization for
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
## Response
<ResponseField name="message" type="string">
Success message confirming the sync operation has been triggered
</ResponseField>
<RequestExample>
```bash cURL
curl -X POST "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault/ps_12345/sync" \
-H "Authorization: Bearer <your-api-key>"
```
</RequestExample>
<ResponseExample>
```json Response
{
"message": "Sync operation has been triggered successfully"
}
```
</ResponseExample>
## Behavior
When this endpoint is called:
1. **Certificate Collection**: All active (non-expired) certificates from the connected PKI subscriber are collected
2. **Key Property Detection**: Each certificate's key properties (RSA/ECDSA type, key size, curve) are automatically detected
3. **Azure Key Vault Upload**: Certificates are uploaded to Azure Key Vault with the correct key properties
4. **Certificate Naming**: Certificates are prefixed with "Infisical-" in Azure Key Vault for identification
5. **Status Tracking**: The sync status is updated and can be monitored through the PKI sync object
<Warning>
This operation requires appropriate permissions in the Azure Key Vault. Ensure your Azure Key Vault app connection has sufficient permissions to create and update certificates.
</Warning>

146
docs/api-reference/endpoints/pki/syncs/azure-key-vault/update.mdx
View File

@@ -2,149 +2,3 @@
title: "Update Azure Key Vault PKI Sync"
openapi: "PATCH /api/v1/pki/syncs/azure-key-vault/{pkiSyncId}"
---
<Info>
This endpoint updates an existing Azure Key Vault PKI sync.
</Info>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the Azure Key Vault PKI sync to update
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
<ParamField body="name" type="string" optional>
Name of the PKI sync (1-64 characters)
</ParamField>
<ParamField body="description" type="string" optional>
Description of the PKI sync
</ParamField>
<ParamField body="isAutoSyncEnabled" type="boolean" optional>
Whether automatic synchronization is enabled when certificates are issued
</ParamField>
<ParamField body="destinationConfig" type="object" optional>
Azure Key Vault specific configuration
<Expandable title="properties">
<ParamField body="vaultBaseUrl" type="string">
Base URL of the Azure Key Vault (e.g., "https://my-vault.vault.azure.net/")
</ParamField>
</Expandable>
</ParamField>
<ParamField body="syncOptions" type="object" optional>
Sync-specific options and settings
</ParamField>
<ParamField body="subscriberId" type="string" optional>
ID of the PKI subscriber to connect this sync to. If provided, certificates issued by this subscriber will be automatically synced to Azure Key Vault.
</ParamField>
<ParamField body="connectionId" type="string" optional>
ID of the Azure Key Vault app connection to use for this sync
</ParamField>
## Response
Returns the updated Azure Key Vault PKI sync object.
<ResponseField name="id" type="string">
Unique identifier for the PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Updated name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Updated description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
Always "azure-key-vault"
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Updated automatic synchronization setting
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Updated Azure Key Vault specific configuration
</ResponseField>
<ResponseField name="syncOptions" type="object">
Updated sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
Updated PKI subscriber ID this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
Updated Azure Key Vault app connection ID
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
<RequestExample>
```bash cURL
curl -X PATCH "https://app.infisical.com/api/v1/pki/syncs/azure-key-vault/ps_12345" \
-H "Authorization: Bearer <your-api-key>" \
-H "Content-Type: application/json" \
-d '{
"name": "Updated Production Azure Key Vault Sync",
"isAutoSyncEnabled": false,
"destinationConfig": {
"vaultBaseUrl": "https://my-new-vault.vault.azure.net/"
}
}'
```
</RequestExample>
<ResponseExample>
```json Response
{
"id": "ps_12345",
"name": "Updated Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": false,
"destinationConfig": {
"vaultBaseUrl": "https://my-new-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T11:30:00Z"
}
```
</ResponseExample>

135
docs/api-reference/endpoints/pki/syncs/get-by-id.mdx
View File

@@ -2,138 +2,3 @@
title: "Get PKI Sync by ID"
openapi: "GET /api/v1/pki/syncs/{pkiSyncId}"
---
<Info>
This endpoint retrieves a specific PKI sync by its ID.
</Info>
## Request
<ParamField path="pkiSyncId" type="string" required>
The ID of the PKI sync to retrieve
</ParamField>
<ParamField query="projectId" type="string" optional>
Project ID for additional authorization (will be inferred if not provided)
</ParamField>
## Response
<ResponseField name="id" type="string">
Unique identifier for the PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
PKI sync destination type (e.g., "azure-key-vault")
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization is enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Configuration specific to the destination
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the app connection used for this sync
</ResponseField>
<ResponseField name="syncStatus" type="string" optional>
Current status of the last sync operation
</ResponseField>
<ResponseField name="lastSyncedAt" type="string" optional>
Timestamp of the last successful sync
</ResponseField>
<ResponseField name="lastSyncMessage" type="string" optional>
Message from the last sync operation
</ResponseField>
<ResponseField name="removeStatus" type="string" optional>
Current status of the last remove operation
</ResponseField>
<ResponseField name="lastRemovedAt" type="string" optional>
Timestamp of the last certificate removal
</ResponseField>
<ResponseField name="lastRemoveMessage" type="string" optional>
Message from the last remove operation
</ResponseField>
<ResponseField name="connection" type="object">
Details about the associated app connection
<Expandable title="properties">
<ResponseField name="id" type="string">
Connection ID
</ResponseField>
<ResponseField name="name" type="string">
Connection name
</ResponseField>
<ResponseField name="app" type="string">
App type
</ResponseField>
</Expandable>
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
<ResponseExample>
```json Response
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T10:00:00Z"
}
```
</ResponseExample>

140
docs/api-reference/endpoints/pki/syncs/list.mdx
View File

@@ -2,143 +2,3 @@
title: "List PKI Syncs"
openapi: "GET /api/v1/pki/syncs"
---
<Info>
This endpoint lists all PKI syncs across all destinations for a specified project.
</Info>
## Request
<ParamField query="projectId" type="string" required>
The ID of the project to list PKI syncs for
</ParamField>
## Response
<ResponseField name="pkiSyncs" type="array">
Array of PKI syncs for the project
<Expandable title="properties">
<ResponseField name="id" type="string">
Unique identifier for the PKI sync
</ResponseField>
<ResponseField name="name" type="string">
Name of the PKI sync
</ResponseField>
<ResponseField name="description" type="string" optional>
Description of the PKI sync
</ResponseField>
<ResponseField name="destination" type="string">
PKI sync destination type (e.g., "azure-key-vault")
</ResponseField>
<ResponseField name="isAutoSyncEnabled" type="boolean">
Whether automatic synchronization is enabled
</ResponseField>
<ResponseField name="destinationConfig" type="object">
Configuration specific to the destination
</ResponseField>
<ResponseField name="syncOptions" type="object">
Sync-specific options and settings
</ResponseField>
<ResponseField name="projectId" type="string">
ID of the project this sync belongs to
</ResponseField>
<ResponseField name="subscriberId" type="string" optional>
ID of the PKI subscriber this sync is connected to
</ResponseField>
<ResponseField name="connectionId" type="string">
ID of the app connection used for this sync
</ResponseField>
<ResponseField name="syncStatus" type="string" optional>
Current status of the last sync operation
</ResponseField>
<ResponseField name="lastSyncedAt" type="string" optional>
Timestamp of the last successful sync
</ResponseField>
<ResponseField name="lastSyncMessage" type="string" optional>
Message from the last sync operation
</ResponseField>
<ResponseField name="removeStatus" type="string" optional>
Current status of the last remove operation
</ResponseField>
<ResponseField name="lastRemovedAt" type="string" optional>
Timestamp of the last certificate removal
</ResponseField>
<ResponseField name="lastRemoveMessage" type="string" optional>
Message from the last remove operation
</ResponseField>
<ResponseField name="connection" type="object">
Details about the associated app connection
<Expandable title="properties">
<ResponseField name="id" type="string">
Connection ID
</ResponseField>
<ResponseField name="name" type="string">
Connection name
</ResponseField>
<ResponseField name="app" type="string">
App type
</ResponseField>
</Expandable>
</ResponseField>
<ResponseField name="createdAt" type="string">
Timestamp when the PKI sync was created
</ResponseField>
<ResponseField name="updatedAt" type="string">
Timestamp when the PKI sync was last updated
</ResponseField>
</Expandable>
</ResponseField>
<ResponseExample>
```json Response
{
"pkiSyncs": [
{
"id": "ps_12345",
"name": "Production Azure Key Vault Sync",
"description": "Sync certificates to production Key Vault",
"destination": "azure-key-vault",
"isAutoSyncEnabled": true,
"destinationConfig": {
"vaultUrl": "https://my-vault.vault.azure.net/"
},
"syncOptions": {},
"projectId": "proj_12345",
"subscriberId": "sub_12345",
"connectionId": "conn_12345",
"syncStatus": "succeeded",
"lastSyncedAt": "2023-12-01T10:00:00Z",
"lastSyncMessage": "Successfully synced 3 certificates",
"removeStatus": null,
"lastRemovedAt": null,
"lastRemoveMessage": null,
"connection": {
"id": "conn_12345",
"name": "Azure Production Connection",
"app": "azure-key-vault"
},
"createdAt": "2023-11-01T10:00:00Z",
"updatedAt": "2023-12-01T10:00:00Z"
}
]
}
```
</ResponseExample>

53
docs/api-reference/endpoints/pki/syncs/options.mdx
View File

@@ -2,56 +2,3 @@
title: "List PKI Sync Options"
openapi: "GET /api/v1/pki/syncs/options"
---
<Info>
This endpoint lists all available PKI sync destination options and their capabilities.
</Info>
## Request
<ParamField query="projectId" type="string" optional>
Project ID
</ParamField>
## Response
<ResponseField name="pkiSyncOptions" type="array">
Array of available PKI sync options
<Expandable title="properties">
<ResponseField name="name" type="string">
Display name of the PKI sync destination
</ResponseField>
<ResponseField name="connection" type="string">
App connection type required for this destination
</ResponseField>
<ResponseField name="destination" type="string">
PKI sync destination identifier
</ResponseField>
<ResponseField name="canImportCertificates" type="boolean">
Whether this destination supports importing certificates from the destination to Infisical
</ResponseField>
<ResponseField name="canRemoveCertificates" type="boolean">
Whether this destination supports removing certificates from the destination
</ResponseField>
</Expandable>
</ResponseField>
<ResponseExample>
```json Response
{
"pkiSyncOptions": [
{
"name": "Azure Key Vault",
"connection": "azure-key-vault",
"destination": "azure-key-vault",
"canImportCertificates": false,
"canRemoveCertificates": true
}
]
}
```
</ResponseExample>