List keys

POST https://daas.digicert.com/apicontroller/v1/key/list

Use this endpoint to get a list with details about your SSH keys.

Example requests and responses

Example 1. cURL

curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/key/list' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw 
'{
    "accountId": 5153184,
    "searchCriteriaList": [{
        "key": "keyName",
        "operation": "EQUALS",
        "value": ["f83d1b65a899a602c5c026beb32f21fd119b5976b34c16fb27496b5d68f3405a"]
    }, {
        "key": "keyIp",
        "operation": "EQUALS",
        "value": ""
    }, {
        "key": "keyPath",
        "operation": "EQUALS",
        "value": "C:\\Certbotold1\\archive\\17feb202001.cert-testing.com\\privkey10.pem"
    }],
    "divisionIds": [],
    "isDuplicateKeyList": true,
    "startIndex": 1,
    "pageSize": 50,
    "filterSelected": "keyName",
    "sortedColumnId": "ip",
    "sortOrder": "ASC"
}'

Example 2. 200 OK

{
    "error": null,
    "data": {
        "totalCount": 1,
        "currentCount": 1,
        "totalKeys": 0,
        "keyDetailsList": [{
            "keyName": null,
            "securityLevel": "Not secure",
            "ip": "",
            "port": null,
            "type": "RSA",
            "firstDiscovered": 1650259868203,
            "duplicateCount": null,
            "scanName": "",
            "protocol": null,
            "filePath": "C:\\Certbotold1\\keys\\0049_key-certbot.pem",
            "isRootKey": null,
            "isOrphanKey": null,
            "source": null,
            "serverHost": "Box64",
            "isProtectedKey": null
        }]
    }
}

Request parameters

Name	Req/Opt	Type	Description
accountId	required	string	Account ID.
searchCriteriaList	optional	array	Filter results by specified values. The array includes key, operation and value. For definitions, see the Filter options for searchCriteriaList table below. Example: searchCriteriaList:[ { "key":"userName", "operation":"EQUALS", "value":["CertCentral Admin"] } ]
divisionIds	required	array	User's division IDs.
startIndex	optional	integer	Index of the first result. Default: `1`
pageSize	optional	integer	Number of records per page. Allowed values: `0` to `512` Default: `50`
filterSelected	required	string	The value to show in the results for each sensor that meets the search criteria. Allowed values: `name`, `ip`, `port`, `type`, `scanName`, `authenticationMethods`, `keyAlgorithm`, `protocol`, `duplicateKeys`,`userName`, `source`, `filePath`, `serverHost`, `orphanKeys`
isDuplicateKeyList	required	boolean	Whether any duplicate key exist. Default: `true`
sortedColumnId	optional	string	Sort results by specified parameter. Allowed values: `serialNumber`, `ip`, `port`, `scanName`, `serverSecurity`, `isCertPresent`, `cn` Default: `ip`
sortOrder	optional	string	Sort direction. Allowed values: `DESC` (descending: 9-0, Z-A), `ASC` (ascending: 0-9, A-Z) Default: `DESC`

Response parameters

Name	Type	Description
error	object	Includes error codes, if any.
data	object	Object with information about the filter results.
.. totalCount	integer	Total number of keys based on the filter criteria.
.. currentCount	integer	Number of records on current page.
.. keydetailList	array	Container for key details.
.. .. keyName	string	Key name. Max length: 80 characters.
.. .. securityLevel	string	Security status of the key. Possible values: `Secure`, `Not secure`
.. .. ip	string	IP address related to the key.
.. .. port	integer	Default SSH enabled port.
.. .. type	string	Type of the key. Possible values: `SSH`
.. .. firstDiscovered	integer	Timestamp for when the key was first discovered. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1596781119000`
.. .. duplicateCount	integer	Number of duplicates detected for the key.
.. .. scanName	string	Scan associated with the key.
.. .. protocol	string	Protocol used to set up an encrypted connection between the systems to communicate over the internet. Possible values: `SSH1`, `SSH2`.
.. .. filepath	string	The file path from where the key is discovered.
.. .. isRootKey	boolean	Whether it is a type of root key.
.. .. isOrphanKey	boolean	Whether it is an orphan key. A key is orphaned when it cannot be used further because the pair is no longer on the server.
.. .. source	string	The source used to identify the key. Possible values: `Agent`, `Sensor`.
.. .. serverHost	string	The server host associated with the key.
.. .. isProtectedKey	boolean	Whether it is a protected key.

Filter options for searchCriteriaList

The array includes key, operation and value.

Key	Operation	Value
`userName`	EQUALS	`Cert Central Admin`, `system`
`keyName`	EQUALS	`Key name`
`ip`	EQUALS	`IP address`
`keyPath`	EQUALS	`Path to the key`
`port`	EQUALS	`22`
`authenticationMethods`	EQUALS	`gssapi-keyex`, `gssapi-with-mic`, `hostbased`., `keyboard-interactive`, `password`, `publickey`, `unavailable`
`duplicateKeys`	EQUALS	`No`, `Yes`
`type`	EQUALS	`SSH`
`rotationLimit`	EQUALS	`6 months`, `9 months1 year`, `2 years`.
`keyAlgorithm`	EQUALS	`ECDSA SHA2 NISTP256 256`, `RSA1 1024`, `RSA1 2048`, `SSH DSS 1024`, `SSH RSA 1024`, `SSH ED25519 256`, `SSH RSA 2048`, `SSH RSA 3072`, `SSH RSA 4096`.
`protocol`	EQUALS	`SSH1`, `SSH2`
`scanName`	EQUALS	`Scan name`

In this section:

List keys

Related topic

Example requests and responses

Request parameters

Response parameters

Filter options for searchCriteriaList