AttestationAdministrationClient class
Attestation Client class.
The AttestationClient class enables access to the Attestation related APIs:
- getPolicy
- setPolicy
- resetPolicy
- getPolicyManagementCertificates
- addPolicyManagementCertificate
- removePolicyManagementCertificate
Constructors
| Attestation |
Creates an instance of AttestationAdministrationClient. Example usage: |
Methods
Constructor Details
AttestationAdministrationClient(string, TokenCredential, AttestationAdministrationClientOptions)
Creates an instance of AttestationAdministrationClient.
Example usage:
import { AttestationAdministrationClient } from "@azure/attestation";
const client = new AttestationAdministrationClient(
"<service endpoint>",
new TokenCredential("<>")
);
new AttestationAdministrationClient(endpoint: string, credentials: TokenCredential, options?: AttestationAdministrationClientOptions)Parameters
- endpoint
-
string
The attestation instance endpoint, for example https://mytenant.attest.azure.net.
- credentials
- TokenCredential
Used to configure the Form Recognizer client.
Method Details
addPolicyManagementCertificate(string, string, string, AttestationAdministrationClientPolicyCertificateOperationOptions)
Add a new certificate chain to the set of policy management certificates.
function addPolicyManagementCertificate(pemCertificate: string, privateKey: string, certificate: string, options?: AttestationAdministrationClientPolicyCertificateOperationOptions): Promise<AttestationResponse<PolicyCertificatesModificationResult>>Parameters
- pemCertificate
-
string
PEM encoded certificate to add to the set of policy management certificates.
- privateKey
-
string
Existing attestation private key used to sign the incoming request.
- certificate
-
string
Existing attestation certificate used to verify the incoming request.
Options used in the call to the service.
Returns
An attestation response including a PolicyCertificatesModificationResult
Remarks
This API is only supported on isolated attestation instances.
The signing key MUST be one of the existing attestation signing certificates. The new pemCertificate is signed using the signingKey and the service will validate the signature before allowing the addition.
getPolicy(string, AttestationAdministrationClientPolicyOperationOptions)
Retrieves the attestation policy document from the server, and returns it to the caller.
function getPolicy(attestationType: string, options?: AttestationAdministrationClientPolicyOperationOptions): Promise<AttestationResponse<string>>Parameters
- attestationType
-
string
AttestationType for which to retrieve policy.
Pipeline and client options for the getPolicy call.
Returns
Promise<AttestationResponse<string>>
AttestationResponse<string> - the value property is the
attestation policy, the token property will be the actual token
returned by the attestation service.
getPolicyManagementCertificates(AttestationAdministrationClientPolicyCertificateOperationOptions)
Returns the set of policy management certificates for this attestation instance.
function getPolicyManagementCertificates(options?: AttestationAdministrationClientPolicyCertificateOperationOptions): Promise<AttestationResponse<AttestationSigner[]>>Parameters
Options for the call to the attestation service.
Returns
Promise<AttestationResponse<AttestationSigner[]>>
AttestationResponse wrapping a list of Attestation Signers.
Remarks
If the attestation instance is not in Isolated mode, this list will
always be empty.
removePolicyManagementCertificate(string, string, string, AttestationAdministrationClientPolicyCertificateOperationOptions)
Add a new certificate chain to the set of policy management certificates.
function removePolicyManagementCertificate(pemCertificate: string, privateKey: string, certificate: string, options?: AttestationAdministrationClientPolicyCertificateOperationOptions): Promise<AttestationResponse<PolicyCertificatesModificationResult>>Parameters
- pemCertificate
-
string
PEM encoded certificate to add to the set of policy management certificates.
- privateKey
-
string
Existing attestation private key used to sign the incoming request.
- certificate
-
string
Existing attestation certificate used to verify the incoming request.
Options used in the call to the service.
Returns
An attestation response including a PolicyCertificatesModificationResult
Remarks
This API is only supported on isolated attestation instances.
The signing key MUST be one of the existing attestation signing certificates. The new pemCertificate is signed using the signingKey and the service will validate the signature before allowing the addition.
resetPolicy(string, AttestationAdministrationClientPolicyOperationOptions)
Resets the attestation policy for the specified attestationType to the default value.
function resetPolicy(attestationType: string, options?: AttestationAdministrationClientPolicyOperationOptions): Promise<AttestationResponse<PolicyResult>>Parameters
- attestationType
-
string
Attestation Type for which to set policy.
call options.
Returns
Promise<AttestationResponse<PolicyResult>>
An AttestationResponse wrapping a PolicyResult. Clients can use the PolicyResult to validate that the policy was actually reset by the attestation service.
Remarks
Please note that if the attestation service instance is running in "Isolated" mode, the <xref:signingKey> must be one of the signing keys configured for the service instance.
setPolicy(string, string, AttestationAdministrationClientPolicyOperationOptions)
Sets the attestation policy for the specified attestationType.
function setPolicy(attestationType: string, newPolicyDocument: string, options?: AttestationAdministrationClientPolicyOperationOptions): Promise<AttestationResponse<PolicyResult>>Parameters
- attestationType
-
string
Attestation Type for which to set policy.
- newPolicyDocument
-
string
Policy document to be set.
call options.
Returns
Promise<AttestationResponse<PolicyResult>>
An AttestationResponse wrapping a PolicyResult. Clients can use the PolicyResult to validate that the policy was actually set by the attestation service.
Remarks
Please note that if the attestation service instance is running in "Isolated" mode, the <xref:signingKey> must be one of the signing keys configured for the service instance.