Skip to main content

Discovery API

The CertCentral Discovery API is a powerful REST API that allows you to scan your network using sensors and find all your internal and public facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA).

Discovery cloud-scan is a free cloud service so there is nothing to install or manage. You can start scanning immediately to find your public SSL/TLS certificates. There is no limit to the number of cloud-based scans you can run.

To learn more, see Discovery cloud scan service.

Why use it?

  • Access all the features available in CertCentral without needing to log in to the platform.

  • Customize and automate virtually any workflow within the certificate management platform.

  • Create your own version of the platform with your organization's branding.

  • Seamlessly integrate with your existing tools.

Base URL

Use this base URL when constructing API requests:


All API requests are submitted via RESTful URLs using REST features, including header-based authentication and JSON/XML request types.

The data character set encoding for requests is UTF-8. A well-formed request uses port 443 and has the user-agent and content-length headers specified.


DigiCert Discovery API uses these standard HTTP methods:

  • GET

  • POST


Most requests require passing either JSON or XML formatted data. If an endpoint supports or requires a different format, it will be noted for that endpoint.

Supported content-type values include:

  • application/json

  • application/xml

  • image/jpeg

  • image/png


Responses consist of headers and a body. The body is formatted based on the content-type specified in the request.

See Glossary – Headers for information about HTTP header response codes.