> ## Documentation Index > Fetch the complete documentation index at: https://docs.primeintellect.ai/llms.txt > Use this file to discover all available pages before exploring further. # Request Certificate > Sign the requesting admin's SSH public key via Vault. If a ``publicKey`` is provided in the body, it is signed directly. Otherwise the admin's DB-stored SSH public key is used. ## OpenAPI ````yaml https://api.primeintellect.ai/openapi.json post /api/admin/clusters/{cluster_id}/authorizations/certificate openapi: 3.1.0 info: title: PI API version: 0.1.0 servers: - url: https://api.primeintellect.ai security: [] paths: /api/admin/clusters/{cluster_id}/authorizations/certificate: post: tags: - admin-clusters summary: Request Certificate description: |- Sign the requesting admin's SSH public key via Vault. If a ``publicKey`` is provided in the body, it is signed directly. Otherwise the admin's DB-stored SSH public key is used. operationId: >- request_certificate_api_admin_clusters__cluster_id__authorizations_certificate_post parameters: - name: cluster_id in: path required: true schema: type: string title: Cluster Id requestBody: content: application/json: schema: anyOf: - $ref: '#/components/schemas/CertificateRequest' - type: 'null' title: Request responses: '200': description: Successful Response content: application/json: schema: $ref: '#/components/schemas/GenericResponse_CertificateResponse_' '401': description: Authorization failed '403': description: Insufficient permissions '422': description: Invalid request data content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' security: - HTTPBearer: [] components: schemas: CertificateRequest: properties: publicKey: anyOf: - type: string - type: 'null' title: Publickey ttl: anyOf: - type: string - type: 'null' title: Ttl description: >- Requested certificate TTL as a Vault-style duration (e.g. '30m', '2h'). Capped at 8h; omit to use the server default. type: object title: CertificateRequest description: >- Optional request body for the admin certificate endpoint. If ``public_key`` is provided the backend will sign it directly; otherwise it falls back to the admin's DB-stored SSH public key. GenericResponse_CertificateResponse_: properties: data: anyOf: - $ref: '#/components/schemas/CertificateResponse' - type: 'null' description: Response data status: anyOf: - type: string - type: 'null' title: Status description: Response status type: object title: GenericResponse[CertificateResponse] ErrorResponse: properties: errors: items: $ref: '#/components/schemas/ErrorDetail' type: array title: Errors type: object required: - errors title: ErrorResponse CertificateResponse: properties: signedKey: type: string title: Signedkey validPrincipals: items: type: string type: array title: Validprincipals ttl: type: string title: Ttl nodes: items: $ref: '#/components/schemas/ClusterNodeConnection' type: array title: Nodes description: All connectable SSH endpoints for the cluster. type: object required: - signedKey - validPrincipals - ttl title: CertificateResponse ErrorDetail: properties: param: type: string title: Param details: type: string title: Details type: object required: - param - details title: ErrorDetail ClusterNodeConnection: properties: podId: type: string title: Podid podName: anyOf: - type: string - type: 'null' title: Podname host: type: string title: Host port: type: integer title: Port default: 22 user: type: string title: User role: anyOf: - type: string - type: 'null' title: Role isControlNode: type: boolean title: Iscontrolnode default: false type: object required: - podId - host - user title: ClusterNodeConnection description: Connection details for a single cluster pod/node. securitySchemes: HTTPBearer: type: http scheme: bearer ````