Get scan details

GET https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details

Use this endpoint to get details about the vulnerability scan for an order.

Replace {{order_id}} in the URL with the ID of the order. To get the ID values for orders in your account, use the List orders endpoint.

Example requests & responses

Example 1. cURL

curl -X GET \
https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}'

Example 2. Python

import requests

url = "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"

payload = {}
headers = {
  'Content-Type': 'application/json',
  'X-DC-DEVKEY': '{{api_key}}'
}

response = requests.request("GET", url, headers=headers, data = payload)

print(response.text.encode('utf8'))

Example 3. Go

package main

import (
  "fmt"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("X-DC-DEVKEY", "{{api_key}}")

  res, err := client.Do(req)
  defer res.Body.Close()
  body, err := ioutil.ReadAll(res.Body)

  fmt.Println(string(body))
}

Example 4. NodeJS

var request = require('request');
var options = {
  'method': 'GET',
  'url': 'https://www.digicert.com/services/v2/vulnerability-assessment/{{order_id}}/details',
  'headers': {
    'Content-Type': 'application/json',
    'X-DC-DEVKEY': '{{api_key}}'
  }
};
request(options, function (error, response) { 
  if (error) throw new Error(error);
  console.log(response.body);
});

Example 5. 200 OK

{
    "domains_scan_details": [
        {
            "host_name": "wssqa.net",
            "scan_start_date": "2020-06-08 00:19:34.0",
            "scan_end_date": "2020-06-09 00:00:00.0",
            "vulnerability_status": "SECURE",
            "notification_status": "ALWAYS_NOTIFY",
            "critical_vulnerabilities_count": 0,
            "severe_vulnerabilities_count": 0,
            "moderate_vulnerabilities_count": 0,
            "is_download_available": true,
            "is_rescan_available": false,
            "is_site_enabled": true
        }
    ],
    "page": {
        "total": 1,
        "limit": 1000,
        "offset": 0
    }
}

Example 6. 404 Not Found

{
  "errors": [
    {
      "code": "not_found|route",
      "message": "The specified route was not found."
    }
  ]
}

Example 7. 403 Forbidden (Access permission)

{
  "errors": [
    {
      "code": "access_denied",
      "message": "You do not have permission to manage this request."
    }
  ]
}

Example 8. 400 Bad Request (Invalid format)

{
  "errors": [
    {
      "code": "va_bad_request",
      "message": "API request invalid. Validate allowed parameters and try again."
    }
  ]
}

Example 9. 400 Bad Request (Invalid order status)

{
  "errors": [
    {
      "code": "va_not_eligible_order",
      "message": "Invalid order status. Order must be issued, not revoked, expired, or pending."
    }
  ]
}

Example 10. 400 Bad Request (Invalid product type)

{
  "errors": [
    {
      "code": "va_not_eligible_product",
      "message": "Invalid certificate type. Vulnerability assessment is only available for Secure Site EV and Secure Site Pro certificates."
    }
  ]
}

Filters and URL query parameters

This endpoint supports filters, sorting, and pagination. For general information and examples of the syntax to use when applying filters and sorting results, see Services API - Filters, sorting, and pagination parameters.

Name	Req/Opt	Type	Description
filters[`{{property_name}}`]	optional	string	Filters results by the specified property. Replace `{{property_name}}` in your request with the property to use for filtering. This endpoint supports filtering by the following properties: `filters[domain]` `filters[status]`: Use `secure`, `vulnerable`, `in_progress`, `not_started`, `unreachable`, or `unavailable`.
sort	optional	string	Sorts results by the value of one or more properties. By default, sorts results in ascending alphabetical order (0-9, A-Z). To sort in descending alphabetical order (9-0, Z-A), prefix the property name with a minus (`-`). To sort by multiple properties, separate the name of each property with a comma. Sort hierarchy matches the order of properties in this list. This endpoint supports sorting by the following properties: `status` `domain`
offset	required	int	Index of the first result to include in the response. Default: `0`
limit	required	int	Total number of results to include in the response. Max: `1000`

Response parameters

Name	Type	Description
domains_scan_details	array	List of objects with vulnerability assessment details for domains on the scanned order.
.. host_name	string	The scanned domain.
.. scan_start_date	string	Timestamp indicating when the scan started. Format: `YYYY-MM-DD hh:mm:ss.s` Example: `2020-06-08 00:19:34.0`
.. scan_end_date	string	Timestamp indicating when the scan finished. Format: `YYYY-MM-DD hh:mm:ss.s` Example: `2020-06-09 00:19:34.0`
.. vulnerability_status	string	Vulnerability status of the domain. Possible values: `SECURE`: No vulnerabilities detected. `VULNERABLE`: Vulnerabilities detected. `IN_PROGRESS`: Scanning is in progress. `NOT_STARTED`: The domain is queued for scanning. `UNREACHABLE`: The scanning service failed to reach your server. `UNAVAILABLE`: The scanning service is unavailable.
.. notification_status	string	Notification settings for vulnerability assessments that you request for this order. Possible values: `disabled`: Never send email notifications. `always_notify`: Send notification emails after every completed scan. `notify_only_alerts`: Only send email notifications when a scan finds vulnerabilities.
.. critical_vulnerabilities_count	int	Number of critical vulnerabilities found.
.. severe_vulnerabilities_count	int	Number of severe vulnerabilities found.
.. moderate_vulnerabilities_count	int	Number of moderate vulnerabilities found.
.. is_download_available	bool	Whether a PDF report with assessment results is available for download. To download the assessment results, use the Download results endpoint.
.. is_rescan_available	bool	Whether you can queue the domain to be rescanned.
.. is_site_enabled	bool	Whether scans are enabled for this domain.
page	object	Details about results. Modified using URL query strings.

In this section: