# Get User Certificates

Retrieves a list of active and usable digital certificates associated with the authenticated user.

Endpoint: GET /certificates
Version: 1.1.0
Security: user_bearer_auth

## Response 200 fields (application/json):

  - `certificate_id` (string, required)
    Unique identifier for the certificate (e.g., thumbprint or internal ID).
    Example: "cert_thmb_abc123def456"

  - `name` (string, required)
    A user-friendly name or label for the certificate.
    Example: "Personal Qualified Certificate"

  - `type` (string, required)
    The type or level of the certificate.
    Enum: "QualifiedESignature", "AdvancedESignature", "Seal"

  - `status` (string, required)
    Current status of the certificate.
    Enum: "Active", "Expired", "Revoked"

  - `expiry_date` (string, required)
    The date and time when the certificate expires.
    Example: "2026-10-20T15:00:00Z"

## Response 401 fields (application/json):

  - `code` (string, required)
    An application-specific error code string.
    Example: "INVALID_OTP"

  - `message` (string, required)
    A human-readable explanation specific to this occurrence of the problem.
    Example: "The OTP provided is invalid or has expired."

## Response 500 fields (application/json):

  - `code` (string, required)
    An application-specific error code string.
    Example: "INVALID_OTP"

  - `message` (string, required)
    A human-readable explanation specific to this occurrence of the problem.
    Example: "The OTP provided is invalid or has expired."