Cert Spotter API by SSLMate monitors Certificate Transparency logs to alert users about SSL/TLS certificates issued for their domains, helping detect unauthorized certificates and potential security issues.
Cert Spotter API by SSLMate monitors Certificate Transparency logs to alert users about SSL/TLS certificates issued for their domains, helping detect unauthorized certificates and potential security issues. On Nagent, SSLMate Cert Spotter API is exposed as a fully-configurable security & identity tools integration that any agent can call — 9 actions, and API key authentication. No code is required to wire SSLMate Cert Spotter API into your workflow — connect it once via the External Integrations panel and reuse it across every agent you build.
Agent builders use SSLMate Cert Spotter API to automate the kinds of tasks security & identity tools teams previously handled manually. Concrete examples — each one is a single agent step in Nagent — include:
Every action and trigger is paired with a structured input/output schema (visible in the sections below), so when you wire SSLMate Cert Spotter API into Helix — our agentic agent builder — the editor knows exactly what each step expects and produces. Configure once, deploy anywhere across your Nagent agents.
Every operation an agent can call against SSLMate Cert Spotter API, with input parameters and output schema. Drop these into any step of an agent built in Helix.
SSLMATE_CERT_SPOTTER_API_ADD_MONITORED_DOMAINTool to add or update a monitored domain in Cert Spotter. Use when you need to enable monitoring for a new domain or update an existing one. If the domain already exists, omitted fields retain their existing values.
Input parameters
The domain name to monitor. Use a leading dot (e.g., .example.com) to monitor subdomains.
Whether monitoring is enabled for this domain. Default: true
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_AUTHORIZE_CERTIFICATETool to authorize a certificate in Cert Spotter. Use when you need to prevent future notifications for a known certificate. Once authorized, the certificate will not trigger alerts if discovered in Certificate Transparency logs.
Input parameters
Lowercase hex-encoded SHA-256 hash of the TBSCertificate to authorize. Must be exactly 64 hexadecimal characters.
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_AUTHORIZE_PUBLIC_KEYTool to authorize a public key in Cert Spotter. Use when you need to prevent notifications for certificates using a specific public key. Authorizing a key before certificate issuance avoids race conditions.
Input parameters
List of DNS names for which the public key is authorized. Cert Spotter will not send notifications for certificates using this key on these domains.
Lowercase hex-encoded SHA-256 hash of the public key to authorize. The hash is computed over the DER-encoded subject public key info.
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_CERTSPOTTER_GET_EVENTTool to retrieve detailed information about a specific CertSpotter certificate issuance. Use when you need to inspect certificate metadata after confirming an issuance ID.
Input parameters
The unique identifier of the CertSpotter issuance/event to retrieve.
Whether to expand and include issuer details in the response.
Whether to include the base64 DER-encoded certificate in the response.
Whether to expand and include DNS names in the response.
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_DELETE_MONITORED_DOMAINTool to delete a monitored domain from Cert Spotter. Use when you need to remove a domain from monitoring. Returns success confirmation on deletion (HTTP 204). Returns 404 if domain not found.
Input parameters
The monitored domain name to delete (e.g., '.example.com' for wildcard or 'example.com' for exact match)
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_GET_CERTIFICATE_V2Tool to retrieve certificate information by common name (domain). Use when you need to inspect certificate metadata, status, or configuration for a specific domain.
Input parameters
The certificate common name (domain) to retrieve, e.g., 'example.com'
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_GET_MONITORED_DOMAINTool to retrieve a specific monitored domain by its name. Use when you need to check the monitoring status of a domain.
Input parameters
The monitored domain name. Use a leading dot (e.g., .example.com) to include subdomains.
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_LIST_CT_ISSUANCESTool to list certificate issuances for a domain from Certificate Transparency logs. Use when you need to discover all unexpired certificates issued for a domain or its subdomains.
Input parameters
Return issuances discovered after this ID (for pagination). Use the ID from the last issuance of the previous page.
Domain name to search for certificate issuances (e.g., example.com)
Comma-separated list of fields to expand in response. Options: dns_names, issuer, cert_der, pubkey_der, pubkey, revocation, problem_reporting
Include wildcard certificates that match the domain. Default: false
Include certificates for subdomains of the specified domain. Default: false
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
SSLMATE_CERT_SPOTTER_API_LIST_MONITORED_DOMAINSTool to list all monitored domains. Use when you need to audit or review the domains currently monitored by Cert Spotter.
Output
Data from the action execution
Error if any occurred during the execution of the action
Whether or not the action execution was successful or not
No publicly available marketplace agent is found using this tool yet. There are 73 agents privately built on Nagent that already use SSLMate Cert Spotter API.
Build on Nagent
Connect SSLMate Cert Spotter API to any Nagent agent in minutes — no API key management, no boilerplate. Just configure and deploy.
The five questions agent builders ask before adopting a new integration.
Open the External Integrations panel inside Nagent (app.nagent.ai/externalIntegration), find SSLMate Cert Spotter API, and click "Connect Now." You'll authenticate with an API key — Nagent handles credential storage and refresh automatically. Once connected, SSLMate Cert Spotter API is available to any agent in your workspace.
No. Nagent provides no-code integration for every tool. Once SSLMate Cert Spotter API is connected, you configure its 9 actions directly in the agent builder UI — no API calls, no boilerplate, no schema management.
Helix — Nagent's agentic agent builder — lets you drop SSLMate Cert Spotter API steps into any workflow visually. Pick an action (e.g., one of those listed above), fill in the inputs (Helix knows the required vs. optional schema for each parameter), and connect it to upstream/downstream steps. Triggers run as the entry point of an agent, so when a SSLMate Cert Spotter API event fires, the agent kicks off automatically.
Every SSLMate Cert Spotter API action and trigger ships with a fully-typed schema — input parameters with name, type, required flag, and description, plus the output payload shape. The schemas are documented in the sections above. Helix uses these schemas to validate your configuration at build time and to type-check the data flowing between steps.
Yes. While SSLMate Cert Spotter API ships with 9 pre-built security & identity tools actions, you can layer custom logic around them inside Helix — pre/post-processing steps, conditional branches, retries, or stitching SSLMate Cert Spotter API together with other connected tools. For deeper customization, talk to our team about Nagent's Agentic AI Lab — forward-deployed engineers who build SSLMate Cert Spotter API-based workflows tailored to your business.