Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID.
limit
string
No
—
Constrains the number of results in the dataset. See the API Overview for details.
filter
string
No
—
A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as id, metadata, created_at, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "before_id": { "type": "string", "description": "Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID." }, "limit": { "type": "string", "description": "Constrains the number of results in the dataset. See the [API Overview](https://ngrok.com/docs/api/index#pagination) for details." }, "filter": { "type": "string", "description": "A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as `id`, `metadata`, `created_at`, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering." } }, "required": [ "PCID" ]}
human-readable description of this SSH Certificate Authority. optional, max 255 bytes.
elliptic_curve
string
No
—
the type of elliptic curve to use when creating an ECDSA key
key_size
integer
No
—
the key size to use when creating an RSA key. one of 2048 or 4096
metadata
string
No
—
arbitrary user-defined machine-readable data of this SSH Certificate Authority. optional, max 4096 bytes.
private_key_type
string
No
—
the type of private key to generate. one of rsa, ecdsa, ed25519
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "description": { "type": "string", "description": "human-readable description of this SSH Certificate Authority. optional, max 255 bytes." }, "elliptic_curve": { "type": "string", "description": "the type of elliptic curve to use when creating an ECDSA key" }, "key_size": { "type": "integer", "description": "the key size to use when creating an RSA key. one of `2048` or `4096`" }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this SSH Certificate Authority. optional, max 4096 bytes." }, "private_key_type": { "type": "string", "description": "the type of private key to generate. one of `rsa`, `ecdsa`, `ed25519`" } }, "required": [ "PCID" ]}
Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID.
limit
string
No
—
Constrains the number of results in the dataset. See the API Overview for details.
filter
string
No
—
A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as id, metadata, created_at, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "before_id": { "type": "string", "description": "Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID." }, "limit": { "type": "string", "description": "Constrains the number of results in the dataset. See the [API Overview](https://ngrok.com/docs/api/index#pagination) for details." }, "filter": { "type": "string", "description": "A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as `id`, `metadata`, `created_at`, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering." } }, "required": [ "PCID" ]}
optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the bind rule. The bind rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule bind:example.ngrok.io. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of bind:*.example.com which will allow x.example.com, y.example.com, *.example.com, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of bind:*=example which will allow x=example, y=example, etc. A rule of '*' is equivalent to no acl at all and will explicitly permit all actions.
description
string
No
—
human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes.
metadata
string
No
—
arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes.
owner_id
string
No
—
If supplied at credential creation, ownership will be assigned to the specified User or Bot. Only admins may specify an owner other than themselves. Defaults to the authenticated User or Bot.
public_key
string
Yes
—
the PEM-encoded public key of the SSH keypair that will be used to authenticate
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "acl": { "type": "array", "items": { "type": "string" }, "description": "optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the `bind` rule. The `bind` rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule `bind:example.ngrok.io`. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of `bind:*.example.com` which will allow `x.example.com`, `y.example.com`, `*.example.com`, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of `bind:*=example` which will allow `x=example`, `y=example`, etc. A rule of `'*'` is equivalent to no acl at all and will explicitly permit all actions." }, "description": { "type": "string", "description": "human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes." }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes." }, "owner_id": { "type": "string", "description": "If supplied at credential creation, ownership will be assigned to the specified User or Bot. Only admins may specify an owner other than themselves. Defaults to the authenticated User or Bot." }, "public_key": { "type": "string", "description": "the PEM-encoded public key of the SSH keypair that will be used to authenticate" } }, "required": [ "PCID", "public_key" ]}
Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID.
limit
string
No
—
Constrains the number of results in the dataset. See the API Overview for details.
filter
string
No
—
A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as id, metadata, created_at, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "before_id": { "type": "string", "description": "Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID." }, "limit": { "type": "string", "description": "Constrains the number of results in the dataset. See the [API Overview](https://ngrok.com/docs/api/index#pagination) for details." }, "filter": { "type": "string", "description": "A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as `id`, `metadata`, `created_at`, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering." } }, "required": [ "PCID" ]}
optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the bind rule. The bind rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule bind:example.ngrok.io. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of bind:*.example.com which will allow x.example.com, y.example.com, *.example.com, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of bind:*=example which will allow x=example, y=example, etc. A rule of '*' is equivalent to no acl at all and will explicitly permit all actions.
description
string
No
—
human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes.
metadata
string
No
—
arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "id": { "type": "string", "description": "The id value" }, "acl": { "type": "array", "items": { "type": "string" }, "description": "optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the `bind` rule. The `bind` rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule `bind:example.ngrok.io`. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of `bind:*.example.com` which will allow `x.example.com`, `y.example.com`, `*.example.com`, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of `bind:*=example` which will allow `x=example`, `y=example`, etc. A rule of `'*'` is equivalent to no acl at all and will explicitly permit all actions." }, "description": { "type": "string", "description": "human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes." }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes." } }, "required": [ "PCID", "id" ]}
human-readable description of this SSH Host Certificate. optional, max 255 bytes.
metadata
string
No
—
arbitrary user-defined machine-readable data of this SSH Host Certificate. optional, max 4096 bytes.
principals
string[]
No
—
the list of principals included in the ssh host certificate. This is the list of hostnames and/or IP addresses that are authorized to serve SSH traffic with this certificate. Dangerously, if no principals are specified, this certificate is considered valid for all hosts.
public_key
string
Yes
—
a public key in OpenSSH Authorized Keys format that this certificate signs
ssh_certificate_authority_id
string
Yes
—
the ssh certificate authority that is used to sign this ssh host certificate
valid_after
string
No
—
The time when the host certificate becomes valid, in RFC 3339 format. Defaults to the current time if unspecified.
valid_until
string
No
—
The time when this host certificate becomes invalid, in RFC 3339 format. If unspecified, a default value of one year in the future will be used. The OpenSSH certificates RFC calls this valid_before.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "description": { "type": "string", "description": "human-readable description of this SSH Host Certificate. optional, max 255 bytes." }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this SSH Host Certificate. optional, max 4096 bytes." }, "principals": { "type": "array", "items": { "type": "string" }, "description": "the list of principals included in the ssh host certificate. This is the list of hostnames and/or IP addresses that are authorized to serve SSH traffic with this certificate. Dangerously, if no principals are specified, this certificate is considered valid for all hosts." }, "public_key": { "type": "string", "description": "a public key in OpenSSH Authorized Keys format that this certificate signs" }, "ssh_certificate_authority_id": { "type": "string", "description": "the ssh certificate authority that is used to sign this ssh host certificate" }, "valid_after": { "type": "string", "description": "The time when the host certificate becomes valid, in RFC 3339 format. Defaults to the current time if unspecified." }, "valid_until": { "type": "string", "description": "The time when this host certificate becomes invalid, in RFC 3339 format. If unspecified, a default value of one year in the future will be used. The OpenSSH certificates RFC calls this `valid_before`." } }, "required": [ "PCID", "public_key", "ssh_certificate_authority_id" ]}
A map of critical options included in the certificate. Only two critical options are currently defined by OpenSSH: force-command and source-address. See the OpenSSH certificate protocol spec for additional details.
description
string
No
—
human-readable description of this SSH User Certificate. optional, max 255 bytes.
extensions
object
No
—
A map of extensions included in the certificate. Extensions are additional metadata that can be interpreted by the SSH server for any purpose. These can be used to permit or deny the ability to open a terminal, do port forwarding, x11 forwarding, and more. If unspecified, the certificate will include limited permissions with the following extension map: {"permit-pty": "", "permit-user-rc": ""} OpenSSH understands a number of predefined extensions. See the OpenSSH certificate protocol spec for additional details.
metadata
string
No
—
arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes.
principals
string[]
No
—
the list of principals included in the ssh user certificate. This is the list of usernames that the certificate holder may sign in as on a machine authorizing the signing certificate authority. Dangerously, if no principals are specified, this certificate may be used to log in as any user.
public_key
string
Yes
—
a public key in OpenSSH Authorized Keys format that this certificate signs
ssh_certificate_authority_id
string
Yes
—
the ssh certificate authority that is used to sign this ssh user certificate
valid_after
string
No
—
The time when the user certificate becomes valid, in RFC 3339 format. Defaults to the current time if unspecified.
valid_until
string
No
—
The time when this host certificate becomes invalid, in RFC 3339 format. If unspecified, a default value of 24 hours will be used. The OpenSSH certificates RFC calls this valid_before.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "critical_options": { "type": "object", "description": "A map of critical options included in the certificate. Only two critical options are currently defined by OpenSSH: `force-command` and `source-address`. See [the OpenSSH certificate protocol spec](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys) for additional details." }, "description": { "type": "string", "description": "human-readable description of this SSH User Certificate. optional, max 255 bytes." }, "extensions": { "type": "object", "description": "A map of extensions included in the certificate. Extensions are additional metadata that can be interpreted by the SSH server for any purpose. These can be used to permit or deny the ability to open a terminal, do port forwarding, x11 forwarding, and more. If unspecified, the certificate will include limited permissions with the following extension map: `{\"permit-pty\": \"\", \"permit-user-rc\": \"\"}` OpenSSH understands a number of predefined extensions. See [the OpenSSH certificate protocol spec](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys) for additional details." }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes." }, "principals": { "type": "array", "items": { "type": "string" }, "description": "the list of principals included in the ssh user certificate. This is the list of usernames that the certificate holder may sign in as on a machine authorizing the signing certificate authority. Dangerously, if no principals are specified, this certificate may be used to log in as any user." }, "public_key": { "type": "string", "description": "a public key in OpenSSH Authorized Keys format that this certificate signs" }, "ssh_certificate_authority_id": { "type": "string", "description": "the ssh certificate authority that is used to sign this ssh user certificate" }, "valid_after": { "type": "string", "description": "The time when the user certificate becomes valid, in RFC 3339 format. Defaults to the current time if unspecified." }, "valid_until": { "type": "string", "description": "The time when this host certificate becomes invalid, in RFC 3339 format. If unspecified, a default value of 24 hours will be used. The OpenSSH certificates RFC calls this `valid_before`." } }, "required": [ "PCID", "public_key", "ssh_certificate_authority_id" ]}
human-readable description of this SSH User Certificate. optional, max 255 bytes.
metadata
string
No
—
arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "id": { "type": "string", "description": "The id value" }, "description": { "type": "string", "description": "human-readable description of this SSH User Certificate. optional, max 255 bytes." }, "metadata": { "type": "string", "description": "arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes." } }, "required": [ "PCID", "id" ]}
Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID.
limit
string
No
—
Constrains the number of results in the dataset. See the API Overview for details.
filter
string
No
—
A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as id, metadata, created_at, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering.
Show inputSchema
{ "type": "object", "properties": { "PCID": { "type": "string", "description": "Pink Connect ID for the authenticated connection" }, "before_id": { "type": "string", "description": "Expects a resource ID as its input. Returns earlier entries in the result set, sorted by ID." }, "limit": { "type": "string", "description": "Constrains the number of results in the dataset. See the [API Overview](https://ngrok.com/docs/api/index#pagination) for details." }, "filter": { "type": "string", "description": "A CEL expression to filter the list results. Supports logical and comparison operators to match on fields such as `id`, `metadata`, `created_at`, and more. See ngrok API Filtering for syntax and field details: https://ngrok.com/docs/api/api-filtering." } }, "required": [ "PCID" ]}
