diff --git a/api/authorizer/client.go b/api/authorizer/client.go
index 25673e0..5b1ce26 100644
--- a/api/authorizer/client.go
+++ b/api/authorizer/client.go
@@ -71,8 +71,8 @@ func (auth *Client) CertificateRevocationList(caID, filename string) error {
 }
 
 // TargetHostCredentials get target host credentials for the user
-func (auth *Client) TargetHostCredentials(authorizer *AuthorizationRequest) (*Principal, error) {
-	principal := &Principal{}
+func (auth *Client) TargetHostCredentials(authorizer *AuthorizationRequest) (*ApiIdentitiesResponse, error) {
+	principal := &ApiIdentitiesResponse{}
 
 	_, err := auth.api.
 		URL("/authorizer/api/v1/ca/authorize").
diff --git a/api/authorizer/model.go b/api/authorizer/model.go
index a7a87d9..b9dc136 100644
--- a/api/authorizer/model.go
+++ b/api/authorizer/model.go
@@ -116,6 +116,20 @@ type Principal struct {
 	Size            int    `json:"size,omitempty"`
 }
 
+type ApiSshCertificate struct {
+	Type       string   `json:"type"`
+	Data       string   `json:"data"`
+	DataString string   `json:"data_string"`
+	Chain      []string `json:"chain"`
+}
+type ApiIdentitiesResponse struct {
+	Certificates  []ApiSshCertificate `json:"certificates"`
+	PrincipalKeys []Principal         `json:"principal_keys"`
+	Passphrase    string              `json:"passphrase,omitempty"`
+	ResponseCode  int                 `json:"response_code"`
+	Message       string              `json:"message"`
+}
+
 // CA is root certificate representation
 type CA struct {
 	ID        string `json:"id"`