Citrix Secure Private Access API
REST API for managing zero trust network access policies, applications, application domains, and certificates in Citrix Secure Private Access, providing secure access to internal web and SaaS applications.
OpenAPI Specification
openapi: 3.1.0
info:
title: Citrix Secure Private Access API
description: >-
REST API for managing zero trust network access policies, applications,
application domains, and certificates in Citrix Secure Private Access,
providing secure access to internal web and SaaS applications.
version: '1.0'
contact:
name: Citrix Support
url: https://support.citrix.com/
termsOfService: https://developer.cloud.com/citrix-developer-terms-of-use
externalDocs:
description: Secure Private Access API Documentation
url: https://developer-docs.citrix.com/en-us/secure-private-access/access-security/overview.html
servers:
- url: https://api.cloud.com/accessSecurity
description: Citrix Cloud Production
tags:
- name: Access Policies
description: Manage zero trust access policies
- name: Application Domains
description: Manage application domain configurations
- name: Applications
description: Manage SaaS and web applications
- name: Certificates
description: Manage application certificates
security:
- bearerAuth: []
paths:
/applications:
get:
operationId: listApplications
summary: Citrix List applications
description: >-
Retrieve all applications configured in Secure Private Access.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
responses:
'200':
description: List of applications
content:
application/json:
schema:
type: object
properties:
items:
type: array
items:
$ref: '#/components/schemas/Application'
'401':
description: Unauthorized
post:
operationId: createApplication
summary: Citrix Create an application
description: >-
Create a new application configuration for secure private access.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateApplicationRequest'
responses:
'201':
description: Application created
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
'400':
description: Invalid request
'401':
description: Unauthorized
/applications/{applicationId}:
get:
operationId: getApplication
summary: Citrix Get an application
description: >-
Retrieve details of a specific application.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
- $ref: '#/components/parameters/applicationId'
responses:
'200':
description: Application details
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
'401':
description: Unauthorized
'404':
description: Application not found
put:
operationId: updateApplication
summary: Citrix Update an application
description: >-
Update an existing application configuration.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
- $ref: '#/components/parameters/applicationId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateApplicationRequest'
responses:
'200':
description: Application updated
'400':
description: Invalid request
'401':
description: Unauthorized
'404':
description: Application not found
delete:
operationId: deleteApplication
summary: Citrix Delete an application
description: >-
Delete an application configuration.
tags:
- Applications
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
- $ref: '#/components/parameters/applicationId'
responses:
'204':
description: Application deleted
'401':
description: Unauthorized
'404':
description: Application not found
/policies:
get:
operationId: listAccessPolicies
summary: Citrix List access policies
description: >-
Retrieve all access policies configured for secure private access.
tags:
- Access Policies
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
responses:
'200':
description: List of access policies
content:
application/json:
schema:
type: object
properties:
items:
type: array
items:
$ref: '#/components/schemas/AccessPolicy'
'401':
description: Unauthorized
post:
operationId: createAccessPolicy
summary: Citrix Create an access policy
description: >-
Create a new zero trust access policy.
tags:
- Access Policies
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateAccessPolicyRequest'
responses:
'201':
description: Access policy created
content:
application/json:
schema:
$ref: '#/components/schemas/AccessPolicy'
'400':
description: Invalid request
'401':
description: Unauthorized
/certificate:
post:
operationId: createCertificate
summary: Citrix Upload a certificate
description: >-
Upload a new SSL certificate for use with applications.
tags:
- Certificates
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateCertificateRequest'
responses:
'201':
description: Certificate uploaded
content:
application/json:
schema:
$ref: '#/components/schemas/Certificate'
'400':
description: Invalid request
'401':
description: Unauthorized
/application/{applicationId}/domain/{encodedURL}:
get:
operationId: getApplicationDomainCertificate
summary: Citrix Get domain certificate for an application
description: >-
Retrieve the certificate associated with a specific application domain.
tags:
- Application Domains
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
- $ref: '#/components/parameters/applicationId'
- name: encodedURL
in: path
required: true
description: URL-encoded domain name
schema:
type: string
responses:
'200':
description: Certificate details for the domain
content:
application/json:
schema:
$ref: '#/components/schemas/Certificate'
'401':
description: Unauthorized
'404':
description: Domain or certificate not found
put:
operationId: associateDomainCertificate
summary: Citrix Associate certificate with application domain
description: >-
Associate an SSL certificate with a specific application domain.
tags:
- Application Domains
parameters:
- $ref: '#/components/parameters/CitrixCustomerId'
- $ref: '#/components/parameters/applicationId'
- name: encodedURL
in: path
required: true
description: URL-encoded domain name
schema:
type: string
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
certificateId:
type: string
description: ID of the certificate to associate
responses:
'200':
description: Certificate associated
'400':
description: Invalid request
'401':
description: Unauthorized
'404':
description: Application or domain not found
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: OAuth 2.0 bearer token from Citrix Cloud authentication
parameters:
CitrixCustomerId:
name: Citrix-CustomerId
in: header
required: true
description: Citrix Cloud customer ID
schema:
type: string
applicationId:
name: applicationId
in: path
required: true
description: Application unique identifier
schema:
type: string
format: uuid
schemas:
Application:
type: object
properties:
id:
type: string
format: uuid
description: Unique identifier for the application
name:
type: string
description: Application name
description:
type: string
description: Application description
url:
type: string
format: uri
description: Application URL
appType:
type: string
enum:
- SaaS
- Web
description: Type of application
enabled:
type: boolean
description: Whether the application is enabled
domains:
type: array
items:
type: string
description: Associated domains
CreateApplicationRequest:
type: object
required:
- name
- url
- appType
properties:
name:
type: string
description: Application name
description:
type: string
description: Application description
url:
type: string
format: uri
description: Application URL
appType:
type: string
enum:
- SaaS
- Web
description: Type of application
UpdateApplicationRequest:
type: object
properties:
name:
type: string
description: Updated application name
description:
type: string
description: Updated description
url:
type: string
format: uri
description: Updated URL
enabled:
type: boolean
description: Whether the application is enabled
AccessPolicy:
type: object
properties:
id:
type: string
format: uuid
description: Policy unique identifier
name:
type: string
description: Policy name
description:
type: string
description: Policy description
enabled:
type: boolean
description: Whether the policy is active
priority:
type: integer
description: Policy evaluation priority
conditions:
type: object
description: Policy conditions for matching
actions:
type: object
description: Actions to apply when policy matches
CreateAccessPolicyRequest:
type: object
required:
- name
properties:
name:
type: string
description: Policy name
description:
type: string
description: Policy description
conditions:
type: object
description: Policy conditions
actions:
type: object
description: Policy actions
Certificate:
type: object
properties:
id:
type: string
format: uuid
description: Certificate unique identifier
name:
type: string
description: Certificate name
subject:
type: string
description: Certificate subject
issuer:
type: string
description: Certificate issuer
expirationDate:
type: string
format: date-time
description: Certificate expiration date
CreateCertificateRequest:
type: object
required:
- name
- certificate
- privateKey
properties:
name:
type: string
description: Certificate name
certificate:
type: string
description: PEM-encoded certificate
privateKey:
type: string
description: PEM-encoded private key