Skip to main content

Product limits

GET https://www.digicert.com/services/v2/container/{{container-id}}/product-limits

Use this endpoint to get information about the limits and settings for a container's enabled products.

Replace {{container_id}} in the URL with the ID of a container in your account. To get a list of container IDs, use the List containers endpoint.

Example requests and responses

Response parameters

Name

Type

Description

is_limited

boolean

Returns true if an administrator has set custom limits for the container's enabled products. Otherwise, false.

limited_container_ids

array

List of IDs for child containers with product limits. Only returned if the queried container is the parent of other containers that have product limits.

product_limits

array

List of objects with information about the limits for the container's enabled products. Only returned if is_limited is true.

.. container_id

integer

ID of the container to which the limits apply.

.. role_id

integer

ID of the access role to which the limits apply.

Possible values: See Glossary - Access roles. If 0, the limits apply to all users in the account, regardless of their access role.

.. product_name_id

string

Product identifier for the type of certificate to which the limits apply.

Possible values: See Glossary - Product identifiers.

.. allowed_hashes

array

List of IDs for each hash type allowed for the product.

Possible values: See Glossary - Hash types. Only returned if an administrator has customized the allowed hash types for the product.

.. allowed_intermediates

array

List of IDs for the issuing intermediate certificate authority (ICA) certificates that users with the given container_id and role_id assignment can select when ordering the product. To see which ICA an ID corresponds to, use the Product list endpoint (see allowed_ca_certs).

If the Product limits endpoint does not return a list of allowed_intermediates for a product that supports ICA selection, and if ICA selection is enabled for the account, then certificate requesters can select any ICA from the list of allowed_ca_certs that we return for the product in the Product list response.

Learn more about ICA certificate chain selection feature for public TLS certificates.

.. allowed_lifetimes

array

List of numbers. Each number is a certificate validity period (in years) that users with the corresponding container and user role assignment can request for the product.

This array is only returned if an administrator has customized the allowed validity periods for the product.

.. allowed_order_lifetimes

array

List of numbers. Each number is an order validity period (in years) that users with the corresponding container and role assignment can request for the product.

This list is only returned if an administrator has customized the order validity periods that users with the corresponding container and role assignment can request for the product. If there are no custom limits, users can request certificates using any order validity period the product supports. To see the full range of order validity years each product supports, see the allowed_order_validity_years array in the Product list response.

.. allow_auto_renew

boolean

If true, automatic certificate renewal requests (auto-renew) can be enabled for the product. Otherwise, false.

.. allow_auto_reissue

boolean

If true, automatic certificate reissue requests (auto-reissue) can be enabled for the product. Otherwise, false.

.. default_intermediate

string

ID of the default issuing ICA for the product.

Not returned for all product types.

.. allowed_wildcards

boolean

If true, wildcard SANs are allowed for the product. Not returned for all product types.

.. ct_log_option

string

The default certificate transparency (CT) logging option for the product. Only returned for public TLS products.

Possible values:

  • per_cert (default) – Allow certificate requesters to select public CT logging preferences.Note: To disable CT logging for certificates that you order through the through the API, pass a value of true for the disable_ct parameter when you submit the order request.

  • always – Always log certificates to CT logs.

  • never – Never log certificates to CT logs.

Note: This parameter is only returned if an administrator in your account has customized the CT logging options for a public TLS product.