Skip to content

Add a SAN to a certificate

POST
/api/organizations/{organizationId}/certificates/{certificateId}/sans

Registers a new Subject Alternative Name on the certificate. The name is lower-cased and validated: it must be a valid ASCII/punycode DNS host name (max 253 characters), may be a wildcard (e.g. "*.example.com"), must belong to the certificate's domain, must be unique within the certificate, and must not be redundant with an existing entry. A DNS recheck is scheduled immediately after creation, so the SAN starts with dnsStatus "unknown".

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Parameters

Path Parameters

organizationId*

Organization identifier

Type
string
Required
certificateId*

Certificate identifier

Type
string
Required

Request Body

JSON
{
  
"name": "www.example.com"
}

Responses

certificate-san resource created

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "9d1e8a4c-6b2f-4d3e-8a1b-2c3d4e5f6a7b",
  
"name": "www.example.com",
  
"dnsStatus": "valid",
  
"dnsLastCheckedAt": "2026-07-01T12:00:00+00:00",
  
"dnsNextCheckAt": "2026-07-02T12:00:00+00:00",
  
"sslStatus": "covered",
  
"createdAt": "2026-07-01T12:00:00+00:00",
  
"updatedAt": "2026-07-01T12:00:00+00:00"
}

Playground

Authorization
Variables
Key
Value
Body

Samples

Powered by VitePress OpenAPI