API Reference

The REST enrollment endpoint API allows for the issuance and management of SSL, client, code signing or device certificates. The certificate type is set when the enrollment endpoint account is created in Sectigo Certificate Manager so the API is consistent for all.

Authorization

All API methods require a Bearer Token to be provided in the Authorization header for each HTTP request. The Bearer Token can be obtained from the authentication server using OAuth 2.0 Client Credentials flow. When the enrollment endpoint account is created in Sectigo Certificate Manager it will return a Client ID and a Client Secret. These can be provided to the authentication server to obtain an access token that is provided as the Bearer Token in the Authorization header.

The authentication server does not have a constant URL and may change for each customer. The authentication server to use will be returned in the authorization_uri field of the WWW-Authenticate header in any 401 Unauthorized response.