Order validation status
6 minute read
GET
Use this endpoint to get the validation status of an order. Response data varies depending on the type of certificate and the status of the validation components.https://www.digicert.com/services/v2/order/certificate/{{order_id}}/validation
Example requests and responses
curl -X GET \
'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/validation' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'import requests
url = "https://www.digicert.com/services/v2/order/certificate/{{order_id}}/validation"
payload = ""
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json"
}
response = requests.request("GET", url, data=payload, headers=headers)
print(response.text)package main
import (
"fmt"
"net/http"
"io/ioutil"
)
func main() {
url := "https://www.digicert.com/services/v2/order/certificate/{{order_id}}/validation"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}var request = require("request");
var options = { method: 'GET',
url: 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/validation',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' } };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});200 OK
{
"order_id": "112211",
"order_status": "pending",
"order_name_scope": "base_domain",
"order_dcv_method": "email",
"organization_id": "12345",
"organization_name": "Example Organization",
"organization_validations": [
{
"type": "ov",
"name": "OV",
"description": "Normal Organization Validation",
"date_created": "2018-04-25T21:52:33+00:00",
"validated_until": "2019-04-25T21:52:33+00:00",
"status": "pending",
"verification_details": {
"organization_type": "pending",
"organization_status": "pending",
"address_verification": "pending",
"blacklist_fraud": "pending",
"request_authenticity": "pending"
}
}
],
"dns_name_validations": [
{
"domain_id": "1234",
"status": "unapproved",
"dns_names": [
"sub.example.com"
],
"base_domain": "example.com"
}
]
}
URL query parameters
| Name | Type | Description |
|---|---|---|
| include_risk_check | boolean | If true, the response includes the risk_status in the dns_name_validations array with details about the domain risk for the order. If false (default), the response omits the risk_status in the dns_name_validations array.For DV TLS certificate orders, we always return the risk_status. You only need to include ?include_risk_check=true on non-DV TLS orders. |
Path parameters
| Name | Req/Opt | Type | Description |
|---|---|---|---|
| order_id | required | string | Order ID. |
Response parameters
| Name | Type | Description |
|---|---|---|
| order_id | string | Order ID. |
| order_status | string | Status of the order. See Glossary – Order status |
| order_name_scope | string | Domain validation scope for the order. Domain validation scope determines the specific domains that you must validate before DigiCert can issue your certificate. Possible values: |
| order_dcv_method | string | Domain control validation (DCV) method for the order. |
| organization_id | string | Organization ID. |
| organization_name | string | Organization name. |
| organization_validations | array | List of objects with details about organization validations that must be complete before DigiCert can issue the certificate. Note: The organization_validations array is not returned for DV certificate orders. |
| .. type | string | Validation type ID. See Glossary – Validation types. |
| .. name | string | Friendly name of the validation type. |
| .. description | string | Description of the validation type. |
| .. date_created | string | Timestamp when validation was completed. UTC timezone and ISO 8601 date. |
| .. validated_until | string | Timestamp when validation will expire. UTC timezone and ISO 8601 date. |
| .. status | string | Validation status. Possible values: pending, active |
| .. verified_contacts | array | List of objects with details about verified contacts for the organization. |
| .. .. user_id | string | Contact user ID. Returns "0" if the verified contact is not a user in your CertCentral account. |
| .. .. name | string | Contact name. |
| .. .. first_name | string | Contact first name. |
| .. .. last_name | string | Contact last name. |
| .. .. job_title | string | Contact job title. |
| .. .. telephone | string | Contact telephone number. |
| string | Contact email address. | |
| .. .. status | string | Contact approval status. Possible values: pending, active |
| .. verification_details | object | Object containing the status of each component involved in verifying your certificate request. |
| .. .. organization_type | string | Status of verification of organization type. Only returned for OV certificate orders. Possible values: pending, complete |
| .. .. organization_status | string | Status of verification that the business is still active. Returned for OV, code signing, and doc signing certificate orders. Possible values: pending, complete |
| .. .. address_verification | string | Status of verification of the legal physical address for the organization. Returned for OV, code signing, and doc signing certificate orders. Possible values: pending, complete |
| .. .. blacklist_fraud | string | Status of verification that the organization doesn’t appear on “do not issue” lists or “bad actor” lists. Returned for EV, OV, doc signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. blacklist_fraud_malware | string | Status of verification that the organization is not a known malware signer. Returned for code signing and EV code signing certificate orders. Possible values: pending, complete |
| .. .. request_authenticity | string | Status of verification that the certificate requestor has authority to order a certificate for the organization. Only returned for OV certificate orders. Possible values: pending, complete |
| .. .. operational_existence | string | Status of verification that the organization exists and is operational. Returned for EV, EV code signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. place_of_business_verification | string | Status of verification of the organization’s place of business. Returned for EV, EV code signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. phone_number_verification | string | Status of verification that the phone number given is valid and tied to the organization. Returned for EV, code signing, EV code signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. approver_verification | string | Status of verification that the approver is valid for this organization. Returned for EV, code signing, EV code signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. approver_blacklist | string | Status of verification that the approver doesn’t appear on “do not issue” or “bad actor” lists. Returned for EV, code signing, EV code signing, and VMC certificate orders. Possible values: pending, complete |
| .. .. logo_trademark | string | Status of verification that the logo is a registered trademark for the organization on the order. Only returned for VMC certificate orders. Possible values: pending, complete |
| dns_name_validations | array | List of objects with validation details for each domain on the order. Returned for EV, OV, DV, and VMC certificate orders. |
| .. domain_id | string | ID of the domain in your account that must be validated to prove control over the domain on the order (the domain in the dns_names array). Omitted for DV orders.Note: Multiple domains on an order can be validated under the scope of the same higher-level domain. This means that multiple objects in the dns_name_validations array may return the same domain_id value. |
| .. status | string | Validation status. Possible values: approved, unapproved |
| .. risk_status | string | Domain risk status. Possible values: under_review, failed, and pass |
| .. method | string | DCV method for the domain. Only returned if the validation status for the domain is unapproved.Note: For OV and EV orders, this parameter is omitted unless the order specifies a domain-level DCV method for the domain. For domains without a method, validate the domain using the DCV method set for the order (order_dcv_method). |
| .. name_scope | string | Domain you must validate to prove you control the domain on the order. Only returned if the validation status for the domain is unapproved.The name_scope value is useful when you need to validate a domain on the order by completing a DCV check for either the base domain or for a subdomain between the FQDN and base domain.Note: For OV and EV orders, this parameter is omitted unless the order specifies a domain-level validation scope for the domain. For domains without a name_scope, validate the domain using the validation scope set for the order (order_name_scope). |
| .. dns_names | array | List containing the SAN from the certificate order associated with the validation details in the dns_name_validations object. |
| .. base_domain | string | Base domain of the hostname in the dns_names array. |
Was this page helpful?
Provide feedback