Endpoint: !GetDCVEmailAddressList

https://secure.trust-provider.com/products/download/!GetDCVEmailAddressList

The GetDCVEmailAddressList API endpoint performs a real-time DNS TXT lookup for the specified domain and product, then returns a list of eligible DCV email addresses. This list includes both extracted addresses and alternative addresses allowed by Sectigo for domain control validation (DCV), such as [email protected] and [email protected].

After calling GetDCVEmailAddressList, you must call AutoApplyOrder, AutoApplySSL, or AutoReplaceSSL within 24 hours, otherwise, the dcvEmailAddress parameter will not be accepted. Only call this API when you intend to place an order.

Use the POST method for this endpoint.

Submit parameters in the x-www-form-urlencoded format.

Request parameters

The following table displays the required, optional, and conditional parameters.

Parameter Type Requirement Max. Length Description

loginName

string

required

64 chars

Your account username.

This value is case sensitive.

loginPassword

string

required

128 chars

Your account password.

This value is case sensitive.

domainName

string

required

255 chars

Specifies the fully qualified domain name (FQDN).

product

required

integer

Specifies which product to retrieve the DCV email addresses for.

The allowed values are:

  • 801 — VMC.

  • 803 — CMC.

responseFormat

integer

optional

1 digit

Specifies the response format. If omitted, the default value is 1.

The possible values are:

  • 1 — Text/plain formatted.

  • 2 — JSON.

If omitted, the value defaults to 1.

To fetch the DNS TXT contact email address, set this parameter to 2.

Sample request

curl --location --request POST 'https://secure.trust-provider.com/products/!GetDCVEmailAddressList' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'loginName=yourLoginName' \
--data-urlencode 'loginPassword=yourPassword' \
--data-urlencode 'product=801' \
--data-urlencode 'domainName=yourdomain.com' \
--data-urlencode 'responseFormat=2'

Response

The request is successful when the server returns a response with the status code equals 0.

Any status code less than 0 indicates an error condition.

The MIME type will be text/plain.

If the status code is less than 0, the response consists of the error code in the first line and the error message in the second line.

If the status code equals 0, the rest of the response consists of tab-separated name/value pairs, one pair per line.

Response parameters

The following table outlines the name/parameter pairs returned in a successful response.

Parameter Occurrence Description

levelN_email<TAB>alternative_email_address

multiple occurrences

Alternative email addresses that Sectigo will accept for domain control validation.

N is the domain "level". For example, sectigo.com is level 2, secure.sectigo.com is level 3 and devel.secure.sectigo.com is level 4.

Alternative email addresses will be given for all levels from level 2 up to however many components there are in the domainName parameter.

The acceptable email address options are:

  • admin@

  • administrator@

  • hostmaster@

  • postmaster@

  • webmaster@

An email address is also acceptable if it appears in the domain’s DNS TXT record and is visible to the CA system. If a contact email is obtained from a DNS TXT record, it will be returned in the response in the same field where other acceptable contact emails are provided. This applies only when the DNS TXT record is accessible to the CA system.

Sample success response

Success response with the code 0.

0

Sample error response

-16
Incorrect login details, account is locked, password has expired or your source IP is blocked.

Error codes

The following table outlines error responses returned by the GetDCVEmailAddressList API endpoint. Each error response consists of an errorCode and an errorMessage indicating why the request failed.

Error Code Error Message Description

-1

Request was not made over https!

The request must use HTTPS protocol.

-2

Unrecognised argument!

The provided argument is not recognized.

-3

The 'xxxx' argument is missing!

The required argument is missing from the request.

-4

The value of the 'xxxx' argument is invalid!

The argument value does not meet validation requirements.

-14

An unknown error occurred!

An unknown error occurred.

-16

Incorrect login details, account is locked, password has expired or your source IP is blocked.

Authentication failed due to incorrect login details, a locked account, an expired password, or a blocked source IP address.

Verify your login credentials or check account restrictions.

-17

Request used GET rather than POST!

The request method should be POST.

-19

The Domain Name may not be an Internet-accessible IP Address!

The provided domain name cannot be an intranet server name or intranet IP address.

-37

The Domain Name is an Intranet Server Name or Intranet IP Address!

Domain names must not be intranet server names or intranet IP addresses.

-91

Permission Denied. Not allowed to use the AUTO-Apply service.

The user is not permitted to use the AUTO-Apply service.

-160

The request for the DCV email address list was unsuccessful.

The request for the DCV email address list could not be completed.