Get scan details

GET
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details

Use this endpoint to get details about the vulnerability scan for an order.

Replace {{order_id}} in the URL with the ID of the order. To get the ID values for orders in your account, use the List orders endpoint.

Example requests & responses

cURL
curl -X GET \
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'
Python
import requests

url = "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"

payload = {}
headers = {
  'Content-Type': 'application/json',
  'X-DC-DEVKEY': '{{api_key}}'
}

response = requests.request("GET", url, headers=headers, data = payload)

print(response.text.encode('utf8'))
Go
package main

import (
  "fmt"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("X-DC-DEVKEY", "{{api_key}}")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}
NodeJS
var request = require('request');
var options = {
  'method': 'GET',
  'url': 'https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details',
  'headers': {
    'Content-Type': 'application/json',
    'X-DC-DEVKEY': '{{api_key}}'
  }
};
request(options, function (error, response) { 
  if (error) throw new Error(error);
  console.log(response.body);
});
200 OK
{
    "domains_scan_details": [
        {
            "host_name": "wssqa.net",
            "scan_start_date": "2020-06-08 00:19:34.0",
            "scan_end_date": "2020-06-09 00:00:00.0",
            "vulnerability_status": "SECURE",
            "notification_status": "ALWAYS_NOTIFY",
            "critical_vulnerabilities_count": 0,
            "severe_vulnerabilities_count": 0,
            "moderate_vulnerabilities_count": 0,
            "is_download_available": true,
            "is_rescan_available": false,
            "is_site_enabled": true
        }
    ],
    "page": {
        "total": 1,
        "limit": 1000,
        "offset": 0
    }
}
404 Not Found
{
  "errors": [
    {
      "code": "not_found|route",
      "message": "The specified route was not found."
    }
  ]
}
403 Access permission
{
  "errors": [
    {
      "code": "access_denied",
      "message": "You do not have permission to manage this request."
    }
  ]
}
400 Invalid format
{
  "errors": [
    {
      "code": "va_bad_request",
      "message": "API request invalid. Validate allowed parameters and try again."
    }
  ]
}
400 Invalid order status
{
  "errors": [
    {
      "code": "va_not_eligible_order",
      "message": "Invalid order status. Order must be issued, not revoked, expired, or pending."
    }
  ]
}
400 Invalid product type
{
  "errors": [
    {
      "code": "va_not_eligible_product",
      "message": "Invalid certificate type. Vulnerability assessment is only available for Secure Site EV and Secure Site Pro certificates."
    }
  ]
}

Filters and URL query parameters

This endpoint supports filters, sorting, and pagination. For general information and examples of the syntax to use when applying filters and sorting results, see Services API - Filters, sorting, and pagination parameters.

Name Req/Opt Type Description
filters[{{property_name}}] optional string Filters results by the specified property.

Replace {{property_name}} in your request with the property to use for filtering. This endpoint supports filtering by the following properties:
  • filters[domain]
  • filters[status] - Use secure, vulnerable, in_progress, not_started, unreachable, or unavailable.
sort optional string Sorts results by the value of one or more properties.

By default, sorts results in ascending alphabetical order (0-9, A-Z). To sort in descending alphabetical order (9-0, Z-A), prefix the property name with a minus (-).

To sort by multiple properties, separate the name of each property with a comma. Sort hierarchy matches the order of properties in this list.

This endpoint supports sorting by the following properties:
  • status
  • domain
offset required int Index of the first result to include in the response.
Default0
limit required int Total number of results to include in the response.
Max1000

Response parameters

Name Type Description
domains_scan_details array List of objects with vulnerability assessment details for domains on the scanned order.
.. host_name string The scanned domain.
.. scan_start_date string Timestamp indicating when the scan started.
Format: YYYY-MM-DD hh:mm:ss.s
Example: 2020-06-08 00:19:34.0
.. scan_end_date string Timestamp indicating when the scan finished.
Format: YYYY-MM-DD hh:mm:ss.s
Example: 2020-06-09 00:19:34.0
.. vulnerability_status string Vulnerability status of the domain.
Possible values:
  • SECURE - No vulnerabilities detected.
  • VULNERABLE - Vulnerabilities detected.
  • IN_PROGRESS - Scanning is in progress.
  • NOT_STARTED - The domain is queued for scanning.
  • UNREACHABLE - The scanning service failed to reach your server.
  • UNAVAILABLE - The scanning service is unavailable.
.. notification_status string Notification settings for vulnerability assessments that you request for this order.
Possible values:
  • disabled - Never send email notifications.
  • always_notify - Send notification emails after every completed scan.
  • notify_only_alerts - Only send email notifications when a scan finds vulnerabilities.
.. critical_vulnerabilities_count int Number of critical vulnerabilities found.
.. severe_vulnerabilities_count int Number of severe vulnerabilities found.
.. moderate_vulnerabilities_count int Number of moderate vulnerabilities found.
.. is_download_available bool Whether a PDF report with assessment results is available for download.
To download the assessment results, use the Download results endpoint.
.. is_rescan_available bool Whether you can queue the domain to be rescanned.
.. is_site_enabled bool Whether scans are enabled for this domain.
page object Details about results.
Modified using URL query strings.