OV/EV SSL: Generate DCV token

POST
https://www.digicert.com/services/v2/domain/{{domain_id}}/dcv/token

Use this endpoint to generate a new random value to use for domain control validation (DCV) for an OV or EV domain.

Replace {{domain_id}} in the request URL with the ID of the domain to validate. You can use the returned token to validate the domain using the DCV method selected when you requested a certificate or created the domain. For more information, see Add domain.

If you don't need to generate a new token, you can use the Domain info endpoint to get the DCV token that already exists for the domain. To submit a domain in your account for validation, use the Submit for validation endpoint.

This endpoint only generates DCV tokens for OV and EV domains. To generate a DCV token for a DV domain, use the DV SSL: Generate DCV token endpoint.

Example requests and responses

cURL
curl -X POST \
https://www.digicert.com/services/v2/domain/{{domain_id}}/dcv/token \
-H 'X-DC-DEVKEY: {{api_key}}' \
-H 'Content-Type: application/json' \
-d '{
	"validations": [
		{
			"type": "ov"
		},
		{
			"type": "ev"
		}
		]
}'
Python
import requests

url = "https://www.digicert.com/services/v2/domain/{{domain_id}}/dcv/token"

payload = "{\n\t\"validations\": [\n\t\t{\n\t\t\t\"type\": \"ov\"\n\t\t},\n\t\t{\n\t\t\t\"type\": \"ev\"\n\t\t}\n\t\t]\n}"
headers = {
  'X-DC-DEVKEY': '{{api_key}}',
  'Content-Type': 'application/json'
}

response = requests.request("POST", url, headers=headers, data = payload)

print(response.text.encode('utf8'))
Go
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://www.digicert.com/services/v2/domain/{{domain_id}}/dcv/token"
  method := "POST"

  payload := strings.NewReader("{\n	\"validations\": [\n		{\n			\"type\": \"ov\"\n		},\n		{\n			\"type\": \"ev\"\n		}\n		]\n}")

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
  req.Header.Add("Content-Type", "application/json")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}
NodeJS
var request = require('request');
var options = {
  'method': 'POST',
  'url': 'https://localhost.digicert.com/services/v2/domain/{{domain_id}}/dcv/token',
  'headers': {
    'X-DC-DEVKEY': '{{api_key}}',
    'Content-Type': 'application/json'
  },
  body: "{\n\t\"validations\": [\n\t\t{\n\t\t\t\"type\": \"ov\"\n\t\t},\n\t\t{\n\t\t\t\"type\": \"ev\"\n\t\t}\n\t\t]\n}"

};
request(options, function (error, response) { 
  if (error) throw new Error(error);
  console.log(response.body);
});
200 (dns-txt-token)
{
    "token": "fdy6m0wy5lq063sz4h0r6qmdt722gyfc",
    "expiration_date": "2020-08-22T20:21:10+00:00"
}
200 (http-token)
{
    "token": "47xj51xh3776thgjgtgq99qw7gy6sx8d",
    "expiration_date": "2020-08-22T19:48:22+00:00",
    "http_token_url": "http://example.com/.well-known/pki-validation/fileauth.txt",
    "verification_value": "http://example.com/.well-known/pki-validation/fileauth.txt"
}
200 (dns-cname-token)
{
    "token": "vq4k16kwn69rjxgfw4hf2xn8b36ht119",
    "expiration_date": "2020-08-22T20:22:26+00:00",
    "verification_value": "dcv.digicert.com"
}

Request parameters

Name Opt/Req Type Description
validations required array List of validation types for the domain.
.. type required string Validation type identifier.
See Glossary – Validation types.

Response parameters

Name Type Description
token string Random value used to validate domain control for domains using the dns-txt-token, http-token, or dns-cname-token DCV methods.
expiration_date string Date and time when the token expires.
Format: UTC timezone and ISO 8601 date
http_token_url string For domains using the http-token DCV method, the URL path where the fileauth.txt file should be placed on the web server.
Not returned for domains using other DCV methods.
verification_value string For domains using the dns-cname-token DCV method, the domain to use in your CNAME record. For more information, see Use the DNS CNAME validation method to verify domain control.

For domains using the http-token DCV method, the URL path where the fileauth.txt file should be placed on the web server.

Not returned for domains using the dns-txt-token DCV method.