{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "#/components/schemas/PostClientCredentialRequestContent", "title": "PostClientCredentialRequestContent", "type": "object", "additionalProperties": false, "required": [ "credential_type" ], "properties": { "credential_type": { "$ref": "#/components/schemas/ClientCredentialTypeEnum" }, "name": { "type": "string", "description": "Friendly name for a credential.", "default": "", "maxLength": 128 }, "subject_dn": { "type": "string", "description": "Subject Distinguished Name. Mutually exclusive with `pem` property. Applies to `cert_subject_dn` credential type.", "minLength": 1, "maxLength": 256 }, "pem": { "type": "string", "description": "PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.", "default": "-----BEGIN PUBLIC KEY-----\r\nMIIBIjANBg...\r\n-----END PUBLIC KEY-----\r\n" }, "alg": { "$ref": "#/components/schemas/PublicKeyCredentialAlgorithmEnum" }, "parse_expiry_from_cert": { "type": "boolean", "description": "Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. Applies to `public_key` credential type.", "default": false }, "expires_at": { "type": "string", "description": "The ISO 8601 formatted date representing the expiration of the credential. If not specified (not recommended), the credential never expires. Applies to `public_key` credential type.", "default": "2023-02-07T12:40:17.807Z", "format": "date-time" }, "kid": { "type": "string", "description": "Optional kid (Key ID), used to uniquely identify the credential. If not specified, a kid value will be auto-generated. The kid header parameter in JWTs sent by your client should match this value. Valid format is [0-9a-zA-Z-_]{10,64}", "minLength": 10, "maxLength": 64, "pattern": "^([0-9a-zA-Z-_]{10,64})$" } } }