Order AATL Natural Person Certificate
8 minute read
POST
https://certcentral.digicert.eu/services/v2/order/certificate/aatl_np
Use this endpoint to order a Adobe Approved Trust List (AATL) natural person certificate. AATL natural person certificate is issued to you to apply electronic signatures. This assures the recipients that the document is from you and that the document’s integrity has not been compromised or altered.
AATL is a program that allows users worldwide to create trusted digital signatures in Adobe® Acrobat® or Reader®, and DigiCert® is a vetted member whose certificates are automatically trusted because they chain to an approved root.
Example requests and responses
curl -X POST \
'https://certcentral.digicert.eu/services/v2/order/certificate/aatl_np' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"certificate": {
"signature_hash": "sha256",
"usage_designation": {
"primary_usage": "signing",
"additional_usages": [
"ms_document_signing",
"document_signing"
]
}
},
"cs_provisioning_method": "ship_token",
"ship_info": {
"name": "John Doe",
"addr1": "360 Taylor Street",
"addr2": "Floor 74",
"city": "Amsterdam",
"state": "Amsterdam",
"zip": "1013 AA",
"country": "NL",
"method": "STANDARD"
},
"additional_emails": [
"jill.valentine@example.com",
"leon.kennedy@example.com"
],
"order_validity": {
"years": 1
},
"common_name_indicator": "given_name_surname",
"individual": {
"first_name": "John",
"last_name": "Doe",
"email": "john.doe@example.com",
"telephone": "+31202547999",
"country": "NL",
"city": "Amsterdam",
"state": "Amsterdam",
"zip": "1013 AA"
},
"csa_agreed_to": true,
"payment_method": "balance"
}curl -X POST \
'https://certcentral.digicert.eu/services/v2/order/certificate/aatl_np' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"certificate": {
"signature_hash": "sha256",
"usage_designation": {
"primary_usage": "signing",
"additional_usages": [
"ms_document_signing",
"document_signing"
]
}
},
"cs_provisioning_method": "client_app",
"additional_emails": [
"jill.valentine@example.com",
"leon.kennedy@example.com"
],
"order_validity": {
"years": 1
},
"common_name_indicator": "pseudonym",
"individual": {
"first_name": "John",
"last_name": "Doe",
"pseudonym": "John Doe",
"email": "john.doe@example.com",
"telephone": "+31202547999",
"country": "NL",
"city": "Amsterdam",
"state": "Amsterdam",
"zip": "1013 AA"
},
"csa_agreed_to": true,
"payment_method": "balance"
}curl -X POST \
'https://certcentral.digicert.eu/services/v2/order/certificate/aatl_np' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"certificate": {
"csr": "<csr>",
"key_size": 2048,
"csr_key_type": "rsa",
"signature_hash": "sha256",
"usage_designation": {
"primary_usage": "signing",
"additional_usages": [
"ms_document_signing",
"document_signing"
]
}
},
"cs_provisioning_method": "email",
"additional_emails": [
"jill.valentine@example.com",
"leon.kennedy@example.com"
],
"order_validity": {
"years": 1
},
"individual": {
"id": 21
},
"common_name_indicator": "given_name_surname",
"csa_agreed_to": true,
"payment_method": "balance"
}{
"id": 112233,
"requests": [
{
"id": 113,
"status": "pending"
}
]
}{
"id": 112233,
"requests": [
{
"id": 113,
"status": "submitted"
}
]
}{
"id": 112233,
"requests": [
{
"id": 113,
"status": "approved"
}
],
"certificate_id": 113
}{
"id": 112233,
"certificate_id": 845166333113
}Request parameters
| Name | Req/Opt | Type | Description |
|---|---|---|---|
| certificate | required | object | Certificate details. |
| .. usage_designation | required | object | Object that determines the primary use (KU) and additional uses (EKU) for the certificate. |
| .. .. primary_usage | required | string | Primary use for the certificate. Allowed values: signing |
| .. .. additional_usages | optional | array | List of additional certificate uses. Default: document_signing Allowed values: ms_document_signing or document_signing. |
| cs_provisioning_method | required | string | Specify how you want to receive the token. Default: email Allowed values: email, ship_token, or client_app.For more information about the provisioning methods, see Glossary – Provisioning methods |
| ship_info | optional | object | For orders with the cs_provisioning_method of ship_token, specify the shipping address for the hardware token. |
| .. name | required | string | First and last name of the recipient of the order. |
| .. addr1 | required | string | Shipping address for the token. |
| .. addr2 | required | string | Continuation of street address. |
| .. city | required | string | Shipping city. |
| .. state | required | string | Shipping state. |
| .. zip | required | string | Shipping postal code. |
| .. country | required | string | Shipping country. |
| .. method | required | string | Shipping priority for the token. Allowed values: STANDARD or EXPEDITED (incurs additional cost). |
| .. csr | conditional | string | Certificate signing request (CSR) or public key in PEM format. Format the CSR/public key as a base64-encoded string without line breaks or escape characters. Include the PEM headers and footers (such as -----BEGIN CERTIFICATE REQUEST-----... and ...-----END CERTIFICATE REQUEST-----). For more information about generating a CSR, see Create a CSR.Required if the cs_provisioning_method is email.After placing the order, if the status of the order is pending, you can use the Update CSR endpoint to update the CSR. To check the status of the order, use the [Order validation status](https://dev.digicert.com/certcentral-apis/services-api/orders/validation-status.html) endpoint.Note: The Services API does not extract information from the CSR to fill in the details of a certificate request. |
| .. key_size | optional | int | Number of bits used in the key. Default: 2048 Allowed values for RSA key type: 2048, 3072, or 4096. Allowed values for ECC key type: p-256 or p-354. |
| .. csr_key_type | optional | string | Key type for the CSR. Default: RSA Allowed values: rsa or ecc. |
| .. signature_hash | optional | string | Hash algorithm used for signing the certificate. Default: sha-256Allowed values:: sha256, sha384, sha512. |
| comments | optional | string | Comments about the order for the administrator or approver reviewing the order request. The comments value is stored on the order request. If the order skips the approval step (skip_approval is set to true), any provided comments value is ignored since CertCentral creates the order directly without creating a corresponding request. |
| additional_emails | optional | array | Additional email addresses to receive certificate notification emails (for example, certificate issuance, duplicate certificate, and certificate renewals). |
| user_id_assignments | optional | array | List of User IDs that can manage the order. |
| csa_agreed_to | required | boolean | Specify if the Certificate Subscriber Agreement (CSA) has been agreed to. Set this parameter to true to indicate agreement and false for disagreement.Default: true Allowed values: true or false. |
| promo_code | optional | string | Promotional code for the order. |
| order_validity | required | object | Defines the validity period of the order. |
| .. years | required* | int | Number of years the order is valid. *Can be replaced by order_validity.days or order_validity.custom_expiration_date. Range: 1 |
| .. days | optional | int | Number of days the order is valid. Overrides order_validity.years. Max value: 397 |
| .. custom_expiration_date | optional | string | Custom expiration date for the order. Overrides order_validity.days and order_validity.years. Format: dd MMM YYYY (for example, "09 JUN 2025") Range: Must be within 397 days of the date you request the order. |
| common_name_indicator | conditional | string | Specifies how the common name value is derived for the certificate. Allowed values: given_name_surname or pseudonym.In most cases, given_name_surname is used, and the common name is constructed from individual.first_name and individual.last_name.Use pseudonym only when the certificate should display an alternate name instead of the individual’s legal name. |
| individual | required | object | Information about the individual who is the intended certificate holder. |
| .. first_name | required | string | Individual's first name (given name). This can include middle names or initials, but do not include titles or prefixes such as "Dr.". |
| .. last_name | required | string | Individual's last name (surname). This can include middle names or initials, but do not include titles or prefixes such as "Dr.". |
| .. pseudonym | conditional | string | Individual's pseudonym or alternate name to be used as the certificate’s common name when common_name_indicator is set to pseudonym. This value replaces the individual’s first and last name in the certificate subject. Use only in specific cases where a non-legal display name is required.Required when common_name_indicator = pseudonym.Adding an assumed name requires additional validation and may delay certificate issuance. |
| required | string | Individual's email address. This email address is used for processing the order request and receiving order approval notifications. This email address does not appear on the certificate. | |
| .. telephone | required | string | Individual’s phone number with the country code (for example, +1-555-555-5555). |
| .. country | required | string | Individual's country, represented by a two-letter country code. |
| .. state | required | string | Individual's state or province. |
| .. city | optional | string | Iindividual's city. |
| .. zip | optional | string | Individual's postal code. |
| .. id | conditional | integer | Unique identifier for the individual. Note: Use this parameter only if you are ordering the certificate for an existing individual, whose details are already stored in the CertCentral database. If you are adding a new individual, omit this parameter and provide the full details instead. |
| payment_method | required | string | Payment method for the order. Allowed values:
|
| credit_card | required (if payment_method is card) | object | Object with information about the credit card charged for the order. Required if payment_method is card. |
| .. number | required | string | Credit card number. |
| .. expiration_month | required | string | Credit card expiration month. Format as a two-digit number between 01 (Jan) and 12 (Dec). |
| .. expiration_year | required | string | Credit card expiration year. Format as a four-digit number. For example: 2026 |
| .. cvv | required | string | Card verification value (CVV). Format as a three- or four-digit number. For example: 333 or 4444 |
| .. cardholder_name | required | string | Cardholder’s first and last name. |
| .. save_credit_card | optional | null | Specify whether to save the credit card details. true for saving the details, false for not saving the details, and null for not indicating the preference.Allowed Values: true, false, or null. |
| .. set_as_default | required | string | Set the card as the default payment option or method. To set this card as your default payment method, use 1. To keep your default payment method, use 0.Allowed Values: 1 or 0. |
| billing_address | conditional | object | Object with information about the billing address. Required if payment_method is card. |
| .. address | required | string | Billing street address. |
| .. address2 | optional | string | Continuation of street address. |
| .. city | required | string | Billing city. |
| .. state | conditional | string | Billing state or province. Optional for some countries. |
| .. country | required | string | Billing country. |
| .. zip | conditional | string | Billing zip or postal code. Optional for some countries. |
Response parameters
| Name | Type | Description |
|---|---|---|
| id | int | Order ID. |
| requests | array | Contains information about the request. |
| .. id | int | Request ID. |
| .. status | string | Request status. Possible values:pending, submitted, approved, rejected |
| certificate_id | int | Certificate ID. Returned if request status is approved. |
Was this page helpful?
Provide feedback