Skip to main content

Enrollment passcodes

Enrollment passcodes allow you to control how often a device or manufacture can use an enrollment profile when requesting certificates (new and renewals) using the Request a certificate and Renew a certificate endpoints.

The following endpoints in the DigiCert​​®​​ IoT Trust Manager API support the option to authenticate with an enrollment passcode instead of an API key:

  • Request certificate

  • Renew certificate

To authenticate with an enrollment passcode, use the custom HTTP header x-passcode. The value of the x-passcode header is the passcode associated with the enrollment profile you specify in the body of the request. Requests that use enrollment passcode authentication do not include the x-api-key header.

Passcodes also allow you to define the value for fields in the certificate request. For example, when a device uses the enrollment passcode to enroll for a certificate, you can set the value for the common name field.