# Create Company Certificate

## POST /v2/companycert/create

> Create a company trusted or untrusted certificate. Different from V1 in that we reject expired certificates.

```json
{"openapi":"3.1.1","info":{"title":"Pod API","version":"20.17.1"},"servers":[{"url":"http://yourpodURL.symphony.com/pod"}],"paths":{"/v2/companycert/create":{"post":{"summary":"Create a company trusted or untrusted certificate. Different from V1 in that we reject expired certificates.","parameters":[{"schema":{"type":"string"},"name":"sessionToken","description":"Session authentication token.","in":"header","required":true}],"tags":["Security"],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CompanyCertDetail"}}}},"400":{"description":"Client error, see response body for further details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"401":{"description":"Unauthorized: Invalid session token.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"403":{"description":"Forbidden: Caller lacks necessary entitlement.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"500":{"description":"Server error, see response body for further details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/CompanyCert"}}},"required":true}}}},"components":{"schemas":{"CompanyCertDetail":{"type":"object","properties":{"companyCertAttributes":{"$ref":"#/components/schemas/CompanyCertAttributes"},"companyCertInfo":{"$ref":"#/components/schemas/CompanyCertInfo"},"certInfo":{"$ref":"#/components/schemas/CertInfo"}}},"CompanyCertAttributes":{"type":"object","properties":{"name":{"type":"string","description":"Friendly name assigned by administrator"},"type":{"$ref":"#/components/schemas/CompanyCertType"},"status":{"$ref":"#/components/schemas/CompanyCertStatus"}}},"CompanyCertType":{"type":"object","properties":{"type":{"type":"string","enum":["USERSIGNING","USER","OPERATIONSSIGNING","OPERATIONSUSER"]}}},"CompanyCertStatus":{"type":"object","properties":{"type":{"type":"string","enum":["TRUSTED","KNOWN","REVOKED","DISABLED"]}}},"CompanyCertInfo":{"type":"object","properties":{"fingerPrint":{"type":"string","description":"Unique identifier"},"issuerFingerPrint":{"type":"string","description":"Unique identifier of issuer cert if known"},"lastSeen":{"type":"integer","format":"int64","description":"Date when we last saw this certificate presented"},"updatedAt":{"type":"integer","format":"int64","description":"Date when this cert was last updated by administrator"},"updatedBy":{"type":"integer","format":"int64","description":"User ID of administrator who last updated this cert"},"commonName":{"type":"string","description":"The Symphony account name which this certificate authenticates"},"expiryDate":{"type":"integer","format":"int64","description":"Expiry date of this cert"}}},"CertInfo":{"type":"array","items":{"$ref":"#/components/schemas/CertInfoItem"}},"CertInfoItem":{"type":"object","properties":{"name":{"type":"string"},"attributes":{"type":"array","items":{"$ref":"#/components/schemas/NameValuePair"}}}},"NameValuePair":{"type":"object","properties":{"name":{"type":"string"},"value":{"type":"string"}}},"Error":{"type":"object","properties":{"code":{"type":"integer","format":"int32"},"message":{"type":"string"}}},"CompanyCert":{"type":"object","properties":{"pem":{"type":"string","description":"An X509 certificate in PEM format"},"attributes":{"$ref":"#/components/schemas/CompanyCertAttributes"}}}}}}
```

> #### 📘 Note
>
> This v2 endpoint rejects expired certificates. When creating company certificates, make sure that you are calling the v2 version of this endpoint, and not v1.

> #### 🚧 Roles and privileges
>
> Calling this endpoint requires the USER\_PROVISIONING or the SUPER\_ADMINISTRATOR role.\
> See [Bot Permissions](https://docs.developers.symphony.com/building-bots-on-symphony/configuration/bot-permissions) for a list of roles and associated privileges.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://rest-api.symphony.com/main/certificates/create-company-certificate.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.