Get scan details

GET
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details

Use this endpoint to get details about the vulnerability scan for an order.

Replace {{order_id}} in the URL with the ID of the order. To get the ID values for orders in your account, use the List orders endpoint.

Example requests & responses

cURL
curl -X GET \
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'
Python
import requests

url = "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"

payload = {}
headers = {
  'Content-Type': 'application/json',
  'X-DC-DEVKEY': '{{api_key}}'
}

response = requests.request("GET", url, headers=headers, data = payload)

print(response.text.encode('utf8'))
Go
package main

import (
  "fmt"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("X-DC-DEVKEY", "{{api_key}}")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}
NodeJS
var request = require('request');
var options = {
  'method': 'GET',
  'url': 'https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details',
  'headers': {
    'Content-Type': 'application/json',
    'X-DC-DEVKEY': '{{api_key}}'
  }
};
request(options, function (error, response) { 
  if (error) throw new Error(error);
  console.log(response.body);
});
200 OK
{
    "domains_scan_details": [
        {
            "host_name": "wssqa.net",
            "scan_start_date": "2020-06-08 00:19:34.0",
            "scan_end_date": "2020-06-09 00:00:00.0",
            "vulnerability_status": "SECURE",
            "notification_status": "ALWAYS_NOTIFY",
            "critical_vulnerabilities_count": 0,
            "severe_vulnerabilities_count": 0,
            "moderate_vulnerabilities_count": 0,
            "is_download_available": true,
            "is_rescan_available": false,
            "is_site_enabled": true
        }
    ],
    "page": {
        "total": 1,
        "limit": 1000,
        "offset": 0
    }
}
404 Not Found
{
  "errors": [
    {
      "code": "not_found|route",
      "message": "The specified route was not found."
    }
  ]
}
403 Access permission
{
  "errors": [
    {
      "code": "access_denied",
      "message": "You do not have permission to manage this request."
    }
  ]
}
400 Invalid format
{
  "errors": [
    {
      "code": "va_bad_request",
      "message": "API request invalid. Validate allowed parameters and try again."
    }
  ]
}
400 Invalid order status
{
  "errors": [
    {
      "code": "va_not_eligible_order",
      "message": "Invalid order status. Order must be issued, not revoked, expired, or pending."
    }
  ]
}
400 Invalid product type
{
  "errors": [
    {
      "code": "va_not_eligible_product",
      "message": "Invalid certificate type. Vulnerability assessment is only available for Secure Site EV and Secure Site Pro certificates."
    }
  ]
}

Request filters and URL query strings

To use filters and other query strings in your request, append them to the request URL with ?. To append multiple filters and URL query strings, use &.

Example URL with filters and URL query strings
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details?filters[domain]={{name_of_domain}}&filters[status]={{status}}&sort=-domain&offset=0&limit=1000
Name Req/Opt Type Description
filters[domain] optional string Filters results by domain.
Example: filters[domain]={{your_domain}}
filters[status] optional string Filters results by assessment status.
Possible values: secure, vulnerable, in_progress, not_started, unreachable, or unavailable.
Example: filters[status]=secure
sort optional string Sorts results by the specified parameters.
Possible values: +status (ascending by status), -status (descending by status), +domain (ascending by domain), or -domain (descending by domain).
Example: sort=+status
offset required int Start list at the specified number for pagination.
Default0
limit required int Truncate list to the specified number for pagination.
Max1000

Response parameters

Name Type Description
domains_scan_details array List of objects with vulnerability assessment details for domains on the scanned order.
.. host_name string The scanned domain.
.. scan_start_date string Timestamp indicating when the scan started.
Format: YYYY-MM-DD hh:mm:ss.s
Example: 2020-06-08 00:19:34.0
.. scan_end_date string Timestamp indicating when the scan finished.
Format: YYYY-MM-DD hh:mm:ss.s
Example: 2020-06-09 00:19:34.0
.. vulnerability_status string Vulnerability status of the domain.
Possible values:
  • SECURE - No vulnerabilities detected.
  • VULNERABLE - Vulnerabilities detected.
  • IN_PROGRESS - Scanning is in progress.
  • NOT_STARTED - The domain is queued for scanning.
  • UNREACHABLE - The scanning service failed to reach your server.
  • UNAVAILABLE - The scanning service is unavailable.
.. notification_status string Notification settings for vulnerability assessments that you request for this order.
Possible values:
  • disabled - Never send email notifications.
  • always_notify - Send notification emails after every completed scan.
  • notify_only_alerts - Only send email notifications when a scan finds vulnerabilities.
.. critical_vulnerabilities_count int Number of critical vulnerabilities found.
.. severe_vulnerabilities_count int Number of severe vulnerabilities found.
.. moderate_vulnerabilities_count int Number of moderate vulnerabilities found.
.. is_download_available bool Whether a PDF report with assessment results is available for download.
To download the assessment results, use the Download results endpoint.
.. is_rescan_available bool Whether you can queue the domain to be rescanned.
.. is_site_enabled bool Whether scans are enabled for this domain.
page object Details about results.
Modified using URL query strings.