How Does Accessing the CertCenter RESTful API Work?

The CertCenter RESTful API was developed to grant easier access to CertCenter resources. It’s simpler than the CertCenter XML/SOAP API, and also grants third party developers access to CertCenter resources. To do this, we exclusively use authentication via OAuth2 in our CertCenter RESTful API. This may sound complicated; but here’s how it works:

Access to your CertCenter resources

To access your data via CertCenter RESTful API with authentication via OAuth2 couldn’t be easier:

  1. Log in to your CertCenter Account
  2. Click on “Account” -> “Settings”-> “Your Apps & API Keys” ( See Illustration 1 below)

    Illustration 1

    Illustration 1

  3. Under your “Your Apps & API Keys“ you will find the “CertCenter Default App”. Please choose this option. In the right hand column is the addition sign. Clicking here allows you to create a new OAuth2-Token. (See Illustration 2 below)

    Illustration 2

    Illustration 2

  4. Click on the Token and take the complete OAuth2-Token from the Field “token”. A complete OAuth2 Token would be in the Format (you need to include ““). Optional: you can adjust the Token settings in this column, activate/deactivate the Token, and give the required rights. By default a new Token has the read-only option to the account, and additional rights need to be added.

Now that you have created a valid Token [Attention: Token are valid for 86400 seconds (24 hours) – this can be manually adjusted to your liking via the Token settings e.g. to 999999999 seconds] you can access the CertCenter RESTful API and gain current Information about the individual limits. (Example below via curl on a Linux/UNIX-Shell)


curl -H 'Authorization: Bearer' ''


{"LimitInfo": {"Used": 2182.5, "Limit": 50000.0}, "success": true}

The Result (LimitInfo) will be in the JSON format, which is easily processed with all major programming languages. The online documentation for the CertCenter RESTful API is interactive, and will allow inline queries for all methods. Therefore, it is required to authenticate against the API via the toggle switch. Afterwards you can test all methods on this page.

Access to a User’s Data

As a developer of your own applications (e.g. iOS, Android Apps to go with other web-based applications) that are partially based on the services of CertCenter, you have individual access via OAuth2 granted and authorized by your customer who is also a CertCenter customer. This way you you can see the full range of services of the OAuth2 (complete OAuth2 framework documentation).

As a first step, we would recommend the Google OAuth2 Playground. On this page you can test the OAuth2 implementation and become accustomed to the application’s reaction. On the CertCenter Extranet [“Account“ -> “Settings“ -> “Your Apps & API Keys“ (please see Screenshot 1) you can find a button, which will lead you to the Client-ID belonging to the App and the associated code that will lead you to the OAuth2 Playground from Google.

Authorization Endpoint:
Token Endpoint:

We are happy to assist you with the integration of your application.
Please contact us via phone, LiveChat, or E-Mail.