Discovery API

Discovery API is a powerful API that allows you to scan your network using sensors and find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA).

Discovery cloud-scan is a free cloud service so there is nothing to install or manage. You can start scanning immediately to find your public SSL/TLS certificates. There is no limit to the number of cloud-based scans you can run.

To learn more, see Discovery Cloud-scan service.

Why use it?

  • Access all the features available in CertCentral without needing to log in to the platform.
  • Customize and automate virtually any workflow within the certificate management platform.
  • Create your own version of the platform with your organization's branding.
  • Seamlessly integrate with your existing tools.

Base URL

Use this base URL when constructing API requests:



All API requests are submitted via RESTful URLs using REST features, including header-based authentication and JSON/XML request types.

The data character set encoding for requests is UTF-8. A well-formed request uses port 443 and has the user-agent and content-length headers specified.


DigiCert Discovery API uses these standard HTTP methods:

  • GET
  • POST


Most requests require passing either JSON or XML formatted data. If an endpoint supports or requires a different format, it will be noted for that endpoint.

Supported content-type values include:

  • application/json
  • application/xml
  • image/jpeg
  • image/png


Responses consist of headers and a body. The body is formatted based on the content-type specified in the request.

See Glossary – Headers for information about HTTP header response codes.