cURL
curl --request POST \
--url https://us.infisical.com/api/v1/auth/tls-cert-auth/login \
--header 'Content-Type: application/json' \
--data '
{
"identityId": "<string>",
"organizationSlug": "<string>"
}
'import requests
url = "https://us.infisical.com/api/v1/auth/tls-cert-auth/login"
payload = {
"identityId": "<string>",
"organizationSlug": "<string>"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({identityId: '<string>', organizationSlug: '<string>'})
};
fetch('https://us.infisical.com/api/v1/auth/tls-cert-auth/login', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://us.infisical.com/api/v1/auth/tls-cert-auth/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'identityId' => '<string>',
'organizationSlug' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://us.infisical.com/api/v1/auth/tls-cert-auth/login"
payload := strings.NewReader("{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://us.infisical.com/api/v1/auth/tls-cert-auth/login")
.header("Content-Type", "application/json")
.body("{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://us.infisical.com/api/v1/auth/tls-cert-auth/login")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"accessToken": "<string>",
"expiresIn": 123,
"accessTokenMaxTTL": 123,
"tokenType": "Bearer"
}{
"reqId": "<string>",
"statusCode": 400,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 401,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 403,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 404,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 422,
"error": "<string>",
"message": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 500,
"message": "<string>",
"error": "<string>"
}TLS Certificate Auth
Login
Login with TLS Certificate Auth for machine identity
POST
/
api
/
v1
/
auth
/
tls-cert-auth
/
login
cURL
curl --request POST \
--url https://us.infisical.com/api/v1/auth/tls-cert-auth/login \
--header 'Content-Type: application/json' \
--data '
{
"identityId": "<string>",
"organizationSlug": "<string>"
}
'import requests
url = "https://us.infisical.com/api/v1/auth/tls-cert-auth/login"
payload = {
"identityId": "<string>",
"organizationSlug": "<string>"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({identityId: '<string>', organizationSlug: '<string>'})
};
fetch('https://us.infisical.com/api/v1/auth/tls-cert-auth/login', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://us.infisical.com/api/v1/auth/tls-cert-auth/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'identityId' => '<string>',
'organizationSlug' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://us.infisical.com/api/v1/auth/tls-cert-auth/login"
payload := strings.NewReader("{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://us.infisical.com/api/v1/auth/tls-cert-auth/login")
.header("Content-Type", "application/json")
.body("{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://us.infisical.com/api/v1/auth/tls-cert-auth/login")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n \"identityId\": \"<string>\",\n \"organizationSlug\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"accessToken": "<string>",
"expiresIn": 123,
"accessTokenMaxTTL": 123,
"tokenType": "Bearer"
}{
"reqId": "<string>",
"statusCode": 400,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 401,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 403,
"message": "<string>",
"error": "<string>",
"details": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 404,
"message": "<string>",
"error": "<string>"
}{
"reqId": "<string>",
"statusCode": 422,
"error": "<string>",
"message": "<unknown>"
}{
"reqId": "<string>",
"statusCode": 500,
"message": "<string>",
"error": "<string>"
}Infisical US/EU and dedicated instances are deployed with AWS ALB. TLS Certificate Auth must flow through our ALB mTLS pass-through in order to authenticate.
When you are authenticating with TLS Certificate Auth, you must use the port
8443 instead of the default 443. Example: https://app.infisical.com:8443/api/v1/auth/tls-cert-auth/loginBody
application/json
The ID of the machine identity to login.
When set, this will scope the login session to the specified organization the machine identity has access to. If omitted, the session defaults to the organization where the machine identity was created in.
Required string length:
1 - 64Was this page helpful?
⌘I