The Forefront Identity Manager Certificate Management (FIM CM) SQL API enables you to submit external requests to the FIM CM environment. The user account that submits the requests must be assigned the CLMExternalAPI role. In mixed authentication, this means the CLMExternal SQL account. In integrated authentication, this means any Active Directory Domain Services user account. For more information about how to configure mixed authentication or integrated authentication, see Scheduled Processing. Also, the FIM CM Service account must be assigned the necessary FIM CM permissions to process requests at all permission assignment locations.
Calls through the SQL API do not create requests in FIM CM. Instead the SQL API includes the request creation information in an intermediate External Requests table and the requests are created on a scheduled basis by the FIM CM service. A success return code does not guarantee that the request was successfully created. It only indicates that the request has been successfully saved for creation. You can obtain the status of the request by using the externalGetStatus method. For more information, see Monitoring the Status of an Existing Request.