HackerGuardian and CodeGuard

Endpoint: !AutoApplyOrder

https://secure.trust-provider.com/products/!AutoApplyOrder

Use the POST method for this endpoint.

Submit parameters in the x-www-form-urlencoded format.

Request parameters

The following table displays the parameters available for ordering HackerGuardian and CodeGuard using AutoApplyOrder.

Parameter Requirement Type Max.Length Description

loginName

required

string

64 chars

Your account username.

This value is case sensitive.

loginPassword

required

string

128 chars

Your account password.

This value is case sensitive.

product

required

string

64 chars

Specifies a comma-separated string of integers for a product code.

There must be exactly one of the following integers specified:

  • HackerGuardian products (pairs):

    • 341 — HackerGuardian Free PCI Scanning Service (45 days)

    • 586,587 — HackerGuardian Lite (Retail Only)

    • 346,329 — HackerGuardian Standard

    • 349,259 — HackerGuardian Enterprise

    • 357 — HackerGuardian HackerProof

  • HackerGuardian additional IP pack for all HG packages:

    • 356 — HackerGuardian Additional IP Addresses Pack

  • CodeGuard products:

    • 700 — CodeGuard (Personal)

    • 701 — CodeGuard (Professional)

    • 702 — CodeGuard (Company)

    • 703 — CodeGuard (Small Business)

days

required

integer

The validity period, in days.

The years parameter has been deprecated in favor of days.

appRepLoginName

required

string

50 chars

Specifies the applicant representative’s login name.

isAppRepValidated

optional

char

1 char

Specifies who will verify the applicant representative’s contact details before the callback is performed.

The allowed values are:

  • Y — The Partner Reseller has verified that the applicant representative’s contact details are legitimate, using a data source other than the applicant. Only Partner Resellers with sufficient RA privileges may specify Y.

  • N — Sectigo will verify the applicant representative’s contact details before performing the callback using the method specified by callbackMethod.

IP Addresses

optional

integer

Specifies the number of additional IP addresses for the HackerGuardian package.

The allowed values for HackerGuardian additional IP addresses pack are:

  • 1

  • 5

  • 10

  • 50

  • 100

  • 500

  • 1000

organizationName

conditional

string

50 chars

Specifies the organization name.

If an organization name is specified here and prioritiseCSRValues is set to N, this value will be used instead of the organization name in the CSR.

This parameter is not required if there is an organization name in the CSR. Otherwise, organizationName is a required parameter.

streetAddress1

optional

string

128 chars

The street address where the organization operates.

streetAddress2

optional

string

128 chars

The second part of the company’s street address (if necessary).

If the second part of the street address is specified here and in the CSR, prioritiseCSRValues indicates which value will be used.

streetAddress3

optional

string

128 chars

The third part of the company’s street address (if necessary).

If the third part of the street address is specified here and in the CSR, prioritiseCSRValues indicates which value will be used.

localityName

required

string

128 chars

The city in which the organization operates.

countryName

optional

string

2 chars

An ISO 3166 two-character country code.

appRepForename

required

string

50 chars

The applicant representative’s name which is used for the organizational callback by Sectigo.

appRepSurname

required

string

50 chars

The applicant representative’s last name which is used for the organizational callback by Sectigo.

appRepEmailAddress

required

string

128 chars

The applicant representative’s email address which is used for the organizational callback by Sectigo.

Used for critical customer communications:

  • Communicating account setup instructions for HackerGuardian products.

  • Communicating any warnings regarding platform alerts, malware alerts and blacklist monitoring.

appRepCountryName

optional

char

2 chars

The applicant representative’s country code. It must be an ISO 3166 two-character country code.

responseFormat

optional

char

1 char

Specifies the response format.

The allowed values are:

  • 0 — Newline-delimited parameters.

  • 1 — URL-encoded parameters.

If omitted, the value defaults to 0.

test

optional

char

1 char

Specifies whether this is a test order.

The allowed values are:

  • Y — The account will not be charged and the order will be processed as a test order.

  • N — The order will be processed as a live order.

If omitted, the value defaults to N.

uniqueValue

optional

string

20 chars

An alphanumeric value used to ensure the Request Token is unique for HTTP_CSR_HASH and CNAME_CSR_HASH dcvMethods.

The request tokens are as defined in the CA/B Forum Baseline requirements (version 1.4.1 or later) and used in the manner described in Sectigo’s Domain Control Validation.

domainName

required

string

64 chars

(CodeGuard only) The domain name product is ordered for.

previousOrderNumber

optional

integer

The order number of the previous license.

Sample request for HackerGuardian

curl --location 'https://secure.trust-provider.com/products/!AutoApplyOrder' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'loginName=login_name' \
--data-urlencode 'loginPassword=login_password' \
--data-urlencode 'days=365' \
--data-urlencode 'product=346,329' \
--data-urlencode 'responseFormat=1' \
--data-urlencode 'organizationName=John Doe Company 2280295' \
--data-urlencode '[email protected]' \
--data-urlencode 'appRepLoginName=app_login_name' \
--data-urlencode 'streetAddress1=Elm Street 12' \
--data-urlencode 'localityName=Newtown' \
--data-urlencode 'appRepForename=John' \
--data-urlencode 'appRepSurname=Joe'
--data-urlencode 'IP%20Addresses=10'

Response

The request is successful when the server returns a response with the error code 0.

Any error code less than 0 indicates an error condition, and the error message provides additional details.

Error responses are returned in application/x-www-form-urlencoded format.

Response format 0 (Plain text)

The MIME type will be text/plain for responseFormat=0 (by default).

The first line of the response contains a status code.

Whether 0 or 1 is returned for successful orders depends on how your account is configured with Sectigo. Usually, you will take payment from your customer and Sectigo will debit your account funds when you place the order. However, in special circumstances it can be arranged for Sectigo to take payment from your customer on your behalf.

If the status code is less than 0, the second line of the response contains an error message, describing the error.

If the status code is greater than or equal to 0, the response can contain the following lines which provide:

Line Possible Value Description

Line 1

The status of the order. For more information, see Error codes.

The status code.

Line 2

An integer.

The second line contains an order number.

Line 3

  • If the status code = 0, it contains the debited amount.

  • If the status code = 1, it contains the required amount, not including UK VAT (if required).

The amount in your account’s native currency, without a currency symbol.

Line 4

The expected delivery time.

This value can be ignored and has been deprecated for Document Signing.

Line 5, 6 or 7 (if applicable)

A unique alphanumeric value up to 20 characters long.

The unique value. Returned if the uniqueValue parameter was passed in to this API, or if uniqueValue has been generated by Sectigo for this order.

Response format 1 (URL-encoded)

Most of Sectigo’s API endpoints use URL-encoded responses. AutoApplyOrder can return responses in the same format by specifying responseFormat=1 in the request.

The MIME type will be application/x-www-form-urlencoded for responseFormat=1.

The following table displays the various parameters that can appear for responseFormat=1.

Parameter Description

errorCode

A numeric code that identifies the type of error and is always present in the response.

For more information, see Error codes.

errorMessage

A description of the error.

errorMessage is not present when the status code = 0.

orderNumber

An integer. This parameter is only present when errorCode=0.

totalCost

The amount in your account’s native currency, without a currency symbol. This parameter is only present when errorCode=0.

expectedDeliveryTime

This value can be ignored and has been deprecated for HackerGuardian. This parameter is only present when errorCode=0.

uniqueValue

A unique alphanumeric value up to 20 characters long. Only returned if the uniqueValue parameter was passed in to this API, or if uniqueValue has been generated by Sectigo for this order.

Sample success response

0
987654321
210.00
Output Details

0

The successful response.

987654321

The Sectigo order number.

210.00

The amount debited to the account — $210.00.

Displayed price is for sample purposes only.

Sample error response

errorCode=-16&errorMessage=Incorrect+login+details%2C+account+is+locked%2C+password+has+expired+or+your+source+IP+is+blocked.

CodeGuard license renewal

The users can renew their license up to 30 days before the current license expires.

The value of the product and days parameters must be the same as in the previous order.

Sample request for CodeGuard license renewal

The following is a sample request for renewing a CodeGuard license using AutoApplyOrder:

curl --location 'https://secure.trust-provider.com/products/!AutoApplyOrder' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'product=700' \
--data-urlencode 'days=30' \
--data-urlencode 'isCustomerValidated=N' \
--data-urlencode 'showCertificateID=Y' \
--data-urlencode 'loginName=login_name' \
--data-urlencode 'loginPassword=login_password' \
--data-urlencode '[email protected]' \
--data-urlencode 'appRepTitle=Social research officer' \
--data-urlencode 'appRepForename=Mark' \
--data-urlencode 'appRepSurname=Dean' \
--data-urlencode 'responseFormat=0' \
--data-urlencode 'previousOrderNumber=9550417' \
--data-urlencode 'domainName=test.domain'

Sample success response for CodeGuard license renewal

0
4164784
2.00
Output Details

0

The successful response.

4164784

The Sectigo order number.

2.00

The amount debited to the account — $2.00.

Displayed price is for sample purposes only.

Error codes

Error Code Error Message Description

-1

Request was not made over HTTPS!

The request must use HTTPS protocol.

-2

'xxxx' is an unrecognized argument!

The provided argument is not recognized.

-3

The 'xxxx' argument is missing!

A required argument is missing from the request.

-4

The value of the 'xxxx' argument is invalid!

The argument value does not meet validation requirements.

-7

'xx' is not a valid ISO-3166 country!

The specified country code is not valid according to the ISO-3166 standard.

-14

An unknown error occurred!

An unknown error occurred.

-15

Not enough credit!

The account does not have sufficient credit.

-16

Permission denied! Contact Sectigo Support to have your account enabled for the !AutoApplyOrder API.

The user does not have permission to access the AutoApplyOrder API.

-17

Request used GET rather than POST!

The request method should be POST.

-45

You can not renew trial license!

Trial licenses cannot be renewed.

-47

'domainName' is already validated!

The specified domain name has already been validated.

-53

Incorrect duration for main HG license or/and Additional IP addresses pack!

The duration specified for the main HackerGuardian license or additional IP address pack is incorrect.

-54

The order can have one main license only!

The order can include only one main license.

-56

Your current license expires on <EXPIRATION_DATE> . Licenses can only be renewed up to 30 days prior to the expiry of your existing license. <EXPIRATION_DATE> in format 'YYYY-MM-DD'

Your current license cannot be renewed more than 30 days before its expiration date.

-57

The company name already exists in the service Qualys!

The specified company name is already registered in the Qualys service.

-58

Additional IP Addresses pack is not available for trial license!

Additional IP address packs cannot be purchased for trial licenses.

-59

Additional IP Address Packs may only be purchased for an existing HackerGuardian account!

Additional IP address packs can only be purchased for existing HackerGuardian accounts.

-60

To renew your access to the PCI portal you must purchase enough IP Addresses to support those currently setup. Previously you have purchased <NUM_IPS_PURCHASED> IP addresses.

To renew access to the PCI portal, you must purchase enough IP addresses to cover those already set up.

-63

The e-mail already exists in the service CodeGuard

The specified email address is already registered in the CodeGuard service.

-64

Unknown partner for the service CodeGuard

The specified partner is not recognized by the CodeGuard service.

-65

PlanID for this product not found.

The specified PlanID for the product could not be found.

-66

CodeGuard partner is not activated.

The CodeGuard partner account is not activated.

-67

The order can have one CodeGuard license only!

The order can include only one CodeGuard license.

-68

Argument 'xxxx' can be used just with License products!

The specified parameter can only be used with license products.

-69

CodeGuard sync service disabled!

The CodeGuard synchronization service is disabled.

-70

Invalid Email Address!

The provided email address is not valid.

-71

The previous order must have a license of the same type!

The previous order must include a license of the same type.

-72

You can not renew trial licence!

Trial licenses cannot be renewed.

-82

The order must have only one Web Package product!

The order can include only one Web Package product.

-83

'xxxx' is not applicable to this order!

The specified argument is not applicable for the current order.

-84

The order should include 'xxxx'!

The order must include the specified item.

-90

Permission denied 'Context'

The user does not have permission for the specified context.

-91

Permission denied 'Context'

The user does not have permission for the specified context.

-111

Tier1 Credit/Debit internal Error

The Tier1 credit/debit processing encountered an internal error.

-112

Tier1 Credit/Debit internal Error

The Tier1 credit/debit processing encountered an internal error.

-113

Tier1 Credit/Debit internal Error

The Tier1 credit/debit processing encountered an internal error.

-114

Unknown autoApply Type

The specified autoApply type is not recognized.

-115

No price found for 'xxx'! Contact Support!

No price information available for the specified item.

-116

Wrong Item Cost! Contact Support!

The provided item cost is incorrect.

-117

Wrong Item Cost! Contact Support!

The provided item cost is incorrect.

-118

Wrong product Identifier!

The specified product identifier is incorrect.

-119

Internal error occured!

An internal error occurred.

-121

"TAX" value is deprecated. The value "TIN" should be used instead'

Semantic error.

TAX is no longer a valid value.

Use TIN instead.

-121

Wrong format of 'xxxx' identifier.

Semantic error.

The format of the provided identifier is incorrect.

-121

Wrong country code value in 'xxxx' identifier.

Semantic error.

The country code in the provided identifier is incorrect.

-129

Error in key attestation verification 'Context'

An error occurred during key attestation verification for the specified context.

-150

Insufficient privileges to order this type of product

The user does not have sufficient privileges to order the specified product type.

-161

Parameter 'xxxx' is not applicable to this type of product!

The specified parameter is not valid for this product type.

-162

The CSR must not contain domain names that are not in the "domainNames" parameter!

The CSR contains domain names not listed in the domainNames parameter.