Get started
2 minute read
DigiCert® ONE offers a family of RESTful APIs that automate certificate lifecycle management, code signing, device identity, and more. All APIs share the same authentication model, error semantics, and URL patterns.
Authentication
| Method | Best for | How it works |
|---|---|---|
| API key (default) | CI/CD pipelines, backend services | Add the service user API token in the x-api-key request header. |
| Mutual TLS (mTLS) | High-assurance, network-restricted, or key-rotation-averse environments | Present a client TLS certificate and call the clientauth. hostname. |
Tip
Need help generating keys or client certificates? See Authentication.URL pattern
All product APIs share a predictable structure.
https://{hostname}/{product}/api/v{n}/{resource}
| Segment | Description | Examples |
|---|---|---|
{hostname} | DigiCert ONE hostname | one.digicert.comdemo.one.digicert.comone.digicert.co.jp |
{product} | DigiCert ONE product-specific path segment | account (Account Manager)certificate-authority (DigiCert Private CA)mpki (Trust Lifecycle Manager)signingmanager (Software Trust Manager)devicetrustmanager (Device Trust Manager) |
api/v{n} | API version; most products are v1 and follow this convention. Device Trust Manager uses nested versioning for some endpoints, for example /{resource}/api/v{n}. | api/v1api/v3/{resource}/api/v{n}* |
{resource} | Specific endpoint path | usersdivision/enrollment/{enrollment_id}/status/certificate-configuration-service/api/v2/certificate-policy* |
* Examples specific to API endpoints.
Example request
List all service users in Account Manager. Replace SERVICE_API_KEY with your service user API key.
curl -X GET \
-H "x-api-key: SERVICE_API_KEY" \
"https://demo.one.digicert.com/account/api/v1/user?user_type=service"
Successful response:
[
{
"id": "783a6a45-b74b-4635-bb4b-69855910ccd3",
"email": "jane@example.com",
"status": "ACTIVE",
"access_scope": "account",
"primary_account_id": "130deba5-3ebb-43b2-8183-1a9940d460f5",
"created_at": "2021-06-23T08:55:19Z",
"created_by": "8f7f8b1f-63c1-4580-af7d-ea4cd890e8f7",
"user_type": "service",
"friendly_name": "Example service user",
"description": "",
"locale": "en_US",
"applications": [
{
"id": "2d3a72fd-ad44-4a9b-952a-2bcadb14a741",
"name": "Trust Lifecycle",
"permissions": [
"VIEW_EM_SEAT",
"VIEW_EM_AUDIT_LOG",
"VIEW_EM_CERTIFICATE",
"VIEW_EM_PROFILE"
]
},
{
"id": "1a05282a-ec70-4da9-b921-933c070fcf80",
"name": "IoT Trust",
"permissions": [
"VIEW_IOT_CERTIFICATE",
"VIEW_IOT_ENROLLMENT_PROFILE"
]
},
{
"id": "97b97f1b-8d1d-4203-a62c-0a209a1bea0a",
"name": "Document Trust",
"permissions": [
"MANAGE_DSM_VIEW_CERTIFICATE_PROFILES",
"MANAGE_DSM_ADD_VALIDATIONS",
"MANAGE_DSM_VIEW_CERTIFICATE_TEMPLATES",
"MANAGE_DSM_VIEW_VALIDATIONS"
]
},
{
"id": "78c0355a-e1ca-4978-b60c-e9d66b9e1f30",
"name": "Account Manager",
"permissions": [
"MANAGE_AM_ACCOUNT",
"VIEW_AM_AUDIT_LOG"
]
},
{
"id": "fd2b688d-43bd-4b4a-9fd6-f883ad9e813d",
"name": "CA Manager",
"permissions": [
"VIEW_CM_LICENSE"
]
},
{
"id": "7660bdb3-66e7-46e6-928f-dcae4d64ee91",
"name": "Software Trust",
"permissions": [
"MANAGE_SM_CERTIFICATE_PROFILE",
"VIEW_SM_CERTIFICATE",
"SIGN_SM_HASH"
]
}
],
"accounts": [
{
"id": "4b13f12d-c8b2-4c49-a21f-9b399364f2ce",
"name": "Example account",
"active": true,
"service_period": {
"from": "2021-05-06",
"to": "2030-05-06"
},
"friendly_identifier": "1234567",
"locale": "en_US"
}
]
}
]
Was this page helpful?
Provide feedback