# How to integrate Digicert MCP with LangChain ```json { "title": "How to integrate Digicert MCP with LangChain", "toolkit": "Digicert", "toolkit_slug": "digicert", "framework": "LangChain", "framework_slug": "langchain", "url": "https://composio.dev/toolkits/digicert/framework/langchain", "markdown_url": "https://composio.dev/toolkits/digicert/framework/langchain.md", "updated_at": "2026-05-12T10:08:46.380Z" } ``` ## Introduction This guide walks you through connecting Digicert to LangChain using the Composio tool router. By the end, you'll have a working Digicert agent that can list all intermediate certificates for your account, create a new api key for admin, update the schedule for monthly security reports through natural language commands. This guide will help you understand how to give your LangChain agent real control over a Digicert account through Composio's Digicert MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved. ## Also integrate Digicert with - [OpenAI Agents SDK](https://composio.dev/toolkits/digicert/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/digicert/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/digicert/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/digicert/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/digicert/framework/codex) - [OpenClaw](https://composio.dev/toolkits/digicert/framework/openclaw) - [Hermes](https://composio.dev/toolkits/digicert/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/digicert/framework/cli) - [Google ADK](https://composio.dev/toolkits/digicert/framework/google-adk) - [Vercel AI SDK](https://composio.dev/toolkits/digicert/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/digicert/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/digicert/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/digicert/framework/crew-ai) ## TL;DR Here's what you'll learn: - Get and set up your OpenAI and Composio API keys - Connect your Digicert project to Composio - Create a Tool Router MCP session for Digicert - Initialize an MCP client and retrieve Digicert tools - Build a LangChain agent that can interact with Digicert - Set up an interactive chat interface for testing ## What is LangChain? LangChain is a framework for developing applications powered by language models. It provides tools and abstractions for building agents that can reason, use tools, and maintain conversation context. Key features include: - Agent Framework: Build agents that can use tools and make decisions - MCP Integration: Connect to external services through Model Context Protocol adapters - Memory Management: Maintain conversation history across interactions - Multi-Provider Support: Works with OpenAI, Anthropic, and other LLM providers ## What is the Digicert MCP server, and what's possible with it? The Digicert MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Digicert account. It provides structured and secure access to your digital certificate management, so your agent can perform actions like auditing users, creating API keys, checking permissions, listing certificates, and updating reports on your behalf. - API key management and creation: Let your agent securely generate new API keys for specific users and permissions, ensuring controlled access for your team and services. - Permission and access validation: Have your agent check if specific permissions are available before performing sensitive operations, helping you enforce security best practices automatically. - Intermediate certificate inventory: Instantly retrieve and review all intermediate certificates in your Digicert account—perfect for audits or compliance checks. - User management and auditing: Effortlessly list all CertCentral account users, including detailed information for each user, to streamline management and oversight. - Automated report configuration updates: Direct your agent to update scheduled report configurations—changing recipients, formats, or schedules—with just a single instruction. ## Supported Tools | Tool slug | Name | Description | |---|---|---| | `DIGICERT_ADD_TAGS_TO_CERTIFICATE` | Add Tags to Certificate | Tool to add custom tags to one or more certificates for categorization. Use when you need to organize or label certificates with custom tags for easier management and filtering. | | `DIGICERT_CHECK_PERMISSION` | Check Permission | Tool to check if a specific permission is available. Use when validating that the authenticated user may perform an operation before attempting it. | | `DIGICERT_CREATE_API_KEY` | Create API Key | Tool to create a new API key with specified permissions. Use when you have a valid DigiCert user_id and need to generate a new key. Note the API key appears only once; save it securely. | | `DIGICERT_CREATE_AUTH_KEY` | Create AuthKey | Tool to create a new AuthKey for account authentication. Use when you need to generate a new AuthKey, either permanent or with a specific validity period (TTL). | | `DIGICERT_CREATE_CONTAINER_IP_RULES` | Create Container IP Rules | Tool to add an IP restriction rule to a CertCentral account. Use when you need to limit API or user access to specific IP address ranges for enhanced security. | | `DIGICERT_CREATE_FINANCE_ORDER_PRICING` | Create Finance Order Pricing | Tool to get price estimates for a certificate order. Use when you need to calculate the cost of a certificate before placing an order, including base price, add-ons, tax estimates, and total cost. For Code Signing/EV Code Signing with hardware tokens or KeyLocker, include the corresponding add-on IDs for accurate estimates. | | `DIGICERT_CREATE_ORGANIZATION` | Create Organization | Tool to create a new organization in your DigiCert CertCentral account. Use when you need to add a new organization with required details like legal name, address, contact information, and country. | | `DIGICERT_CREATE_ORGANIZATION_VALIDATION` | Create Organization Validation | Tool to submit an organization for validation and add verified contacts for specific product types. Use when you need to validate an organization for certificate issuance. Note: EV, CS, and EV_CS validation types require verified users. | | `DIGICERT_CREATE_SCAN_LIST` | List Scan Templates | Tool to retrieve the list of scan templates along with their name, status, and configuration. Use when you need to view or manage DigiCert Discovery scans with support for filtering by division, state, and other criteria. | | `DIGICERT_DELETE_ACCOUNT_AUTH_KEY` | Delete Account AuthKey | Tool to delete your account's AuthKey. Use when you need to revoke an existing AuthKey. If no auth_key_id is specified, deletes the primary AuthKey. | | `DIGICERT_DELETE_CERTIFICATE` | Delete Certificate from Discovery | Tool to delete certificates from DigiCert Discovery inventory. Use when you need to remove one or more certificates identified by their certificate IDs. | | `DIGICERT_DELETE_DOMAIN` | Delete Domain | Tool to delete a domain with the given ID. Use when you need to remove a domain from the CertCentral account. | | `DIGICERT_DELETE_KEY` | Delete SSH Key | Tool to delete SSH keys from DigiCert Discovery. Use when you need to remove one or more SSH keys by their names. | | `DIGICERT_DELETE_REPORTS_ENDPOINTS` | Delete Discovery Endpoints | Tool to delete one or more endpoints from the Discovery API. Permanently removes the endpoints and any certificates associated with the scan results. Use when you need to clean up IP/port combinations that should no longer be monitored. | | `DIGICERT_EXECUTE_GRAPHQL_QUERY` | Execute GraphQL Query | Tool to execute GraphQL queries against DigiCert Custom Reports API. Use when you need to retrieve customizable certificate order data using GraphQL syntax. Supports queries like order_details and order_details_by_id with flexible field selection. | | `DIGICERT_FILTER_KEYS` | Filter Keys | Tool to filter keys in DigiCert Discovery API by various criteria. Use when you need to search and filter keys based on attributes like name, IP, port, authentication methods, or other key properties. | | `DIGICERT_GET_ACCOUNT` | Get Account Details | Tool to retrieve details about your CertCentral account. Use when you need account information such as billing model, account manager details, or account settings. | | `DIGICERT_GET_ACCOUNT_DETAILS` | Get Account Details | Tool to retrieve account details for the authenticated user. Use when you need to get information about the user assigned to the API key, including profile details, roles, and container assignments. | | `DIGICERT_GET_ACCOUNT_GUEST_ACCESS` | Get Account Guest Access URL | Tool to retrieve the guest access URL for your DigiCert account. Use when you need to obtain the guest access URL to share with external users. | | `DIGICERT_GET_ACCOUNT_METADATA` | Get Account Metadata | Tool to retrieve metadata for custom order fields in the account. Use when you need to list custom field configurations including their validation types and display settings. | | `DIGICERT_GET_ACCOUNT_SAML_ENTITY` | Get Account SAML Entity | Tool to retrieve SAML entity details for your account. Use when you need to check SAML SSO configuration or verify identity provider settings. Returns empty object if no SAML entity is configured. | | `DIGICERT_GET_AGENT_IP_PORT` | Get Agent IP Port Details | Tool to retrieve agent IP port details from DigiCert Discovery API. Use when you need to view IP addresses and ports being monitored by DigiCert agents in a specific account and division. | | `DIGICERT_GET_ALERT_COUNT` | Get Alert Count | Tool to retrieve alert count from DigiCert Discovery API dashboard. Use when you need to query the number of alerts for a specific module (scan, cert, endpoint, etc.) within an account and division. | | `DIGICERT_GET_AUTH_KEY` | Get AuthKey Details | Tool to retrieve AuthKey details by ID. Use when you need to fetch information about an active, inactive, or expired AuthKey. | | `DIGICERT_GET_AUTHORIZATION_CONTAINER` | List Authorized Containers | Tool to list all containers authorized to perform a permission action. Use when checking which containers a user can access for specific operations like viewing, editing, or creating resources. | | `DIGICERT_GET_CERTIFICATE_AUTHORITY_HELPER` | Get Certificate Authority Helper | Tool to retrieve certificate authority API helper information including version details. Use when verifying API connectivity or checking the current API version. | | `DIGICERT_GET_CERTIFICATE_RATING` | Get Certificate Security Rating | Tool to retrieve SSL certificate security rating from DigiCert Discovery API. Use when you need to assess certificate security posture, view rating details, or audit certificate configurations. Requires valid accountId and certId from DigiCert. | | `DIGICERT_GET_CLOUD_SCAN` | Get Cloud Scan Details | Tool to get cloud scan details from DigiCert Discovery API. Use when you need to retrieve information about an existing cloud scan template including its status and completion percentage. | | `DIGICERT_GET_CONTAINER_BY_CONTAINER` | Get Container by ID | Tool to get details about a specific container using its ID. Use when you need to retrieve information about a container's configuration, status, and properties. | | `DIGICERT_GET_CONTAINER_CHILDREN` | Get Container Children | Tool to list all child containers for a parent container. Use when you need to retrieve the hierarchy of containers under a specific parent. | | `DIGICERT_GET_CONTAINER_IP_RULES` | Get Container IP Rules | Tool to retrieve a list of existing IP restriction rules in a CertCentral account. Use when you need to audit or manage IP access controls for a specific container. | | `DIGICERT_GET_CONTAINER_ORDER_ORGANIZATION` | Get Container Order Organizations | Tool to list all organizations assigned to a container. Use when you need to retrieve organization details and validation information for a specific container. | | `DIGICERT_GET_CONTAINER_PRODUCT_LIMITS` | Get Container Product Limits | Tool to get information about the limits and settings for a container's enabled products. Use when you need to check product-specific restrictions for certificate ordering. | | `DIGICERT_GET_CONTAINER_ROLE` | Get Container Roles | Tool to retrieve all access roles available to a container. Use when you need to list permissions or roles associated with a specific container. | | `DIGICERT_GET_CONTAINER_TEMPLATE_BY_TEMPLATE` | Get Container Template Details | Tool to get details about a template in a container. Use when you need to retrieve template information including access roles and creation date. | | `DIGICERT_GET_DOMAIN_DCV` | Get Domain DCV Information | Tool to retrieve domain DCV (Domain Control Validation) information from DigiCert. Use when you need to check domain validation status, DCV tokens, expiration dates, or validation methods. | | `DIGICERT_GET_DOMAIN_DCV_EMAILS` | Get Domain DCV Emails | Tool to retrieve email addresses that receive validation emails from DigiCert for the email domain control validation (DCV) method. Use when you need to determine which email addresses can be used to validate domain ownership during certificate issuance. | | `DIGICERT_GET_DOMAIN_EXPIRATION_COUNT` | Get Domain Expiration Count | Tool to get the number of domains in your account with expired or expiring OV or EV domain validations. Use when you need to audit domain validation status across different time ranges. | | `DIGICERT_GET_DOMAIN_VALIDATION_TYPE` | Get Domain Validation Type | Tool to list available validation types for domains. Use when you need to retrieve the supported domain validation types (e.g., OV, EV) and their requirements. | | `DIGICERT_GET_FINANCE_BALANCE` | Get Finance Balance | Tool to view the current balance of your DigiCert account. Use when you need to check available funds, unpaid invoices, or credit limits. | | `DIGICERT_GET_FINANCE_BALANCE_HISTORY` | Get Finance Balance History | Tool to list balance adjustment history for your DigiCert account. Use when you need to review financial transactions, track deposits, charges, or refunds. | | `DIGICERT_GET_INFO` | Get Remote Service Information | Tool to retrieve remote service information from DigiCert Document Manager CSC API. Use when you need details about the remote service such as supported authentication methods, API methods, service description, or language preferences. | | `DIGICERT_GET_KEY_BY_KEY` | Get API Key Details | Tool to retrieve detailed information about an API key. Use when you need to check key status, owner, creation date, or ACME configuration. | | `DIGICERT_GET_MPKI_VERSION` | Get MPKI Version | Tool to query the TLM application version from DigiCert MPKI API. Use when you need to check the current version of the DigiCert ONE MPKI system. | | `DIGICERT_GET_ORDER_CERTIFICATE_STATUS_CHANGES` | Get Order Certificate Status Changes | Tool to list orders that changed status during a given time frame. Use when you need to track order status changes within a specific time period. | | `DIGICERT_GET_ORGANIZATION_BY_ORGANIZATION` | Get Organization Details | Tool to retrieve detailed information about an organization from DigiCert. Use when you need organization details such as legal name, address, contacts, validation status, or container assignments. | | `DIGICERT_GET_ORGANIZATION_CONTACT` | Get Organization Contact Info | Tool to retrieve organization and technical contact details for a specific organization. Use when you need contact information for administrative or technical purposes. | | `DIGICERT_GET_ORGANIZATION_RECENT` | Get Recent Organizations | Tool to retrieve the three most recently used organizations from your CertCentral account. Use when you need to quickly access organizations that were recently used for certificate orders or management. | | `DIGICERT_GET_ORGANIZATION_VALIDATION` | Get Organization Validation | Tool to get validation details for an organization. Use when you need to retrieve approved validation types, statuses, and expiration dates for a specific organization. | | `DIGICERT_GET_ORGANIZATION_VALIDATION_TYPE` | Get Organization Validation Type | Tool to list available validation types for organizations. Use when you need to retrieve the supported organization validation types and their requirements. | | `DIGICERT_GET_PRODUCT_BY_NAME` | Get Product by Name | Tool to get information about a product by its name identifier. Use when you need product details such as validation type, validity periods, supported platforms, or certificate configuration options. | | `DIGICERT_GET_PRODUCT_PLATFORM_CERTFORMAT_MAPPING` | Get Product Platform Certificate Format Mapping | Tool to list the certificate format that is returned for a particular server platform. Use when you need to determine the recommended certificate format for a specific platform or to view all available platform-certificate format mappings. | | `DIGICERT_GET_PRODUCT_PRICING` | Get Product Pricing | Tool to retrieve a comprehensive list of product prices available under your DigiCert account. Use when you need pricing information including product names, validity periods, costs, and additional Subject Alternative Names (SANs) pricing. | | `DIGICERT_GET_REMOTE_SERVICE_INFO` | Get Remote Service Info | Tool to retrieve information about DigiCert's Document Manager CSC (Cloud Signature Consortium) remote service. Use when you need service metadata such as supported authentication methods, API version, available methods, or service description. | | `DIGICERT_GET_REPORT_ORDER` | Get Order Report | Tool to retrieve a CSV report of all certificate orders. Use when you need to export or analyze certificate order data in bulk with support for pagination. | | `DIGICERT_GET_REPORT_ORDER_EXPIRING` | Get Report Order Expiring | Tool to get the number of orders and certificates that expire within 0-30, 30-60, and 60-90 days from now. Use when you need to audit certificate and order expiration status across different time ranges. | | `DIGICERT_GET_REPORT_REQUEST` | Get Report Request Summary | Tool to get total requests and requests by type for your account. Use when you need to retrieve aggregated pending request data categorized by type (new requests, revocations, duplicates, and reissues). | | `DIGICERT_GET_SCAN_SUBDOMAINS` | Get Scan Subdomains | Tool to retrieve all subdomains included in a DigiCert Discovery scan. Use when you need to get a list of subdomains for one or more domains from the scan results. | | `DIGICERT_GET_USER` | Get User Details | Tool to retrieve details about a specific user in CertCentral. Use when you need user information such as access roles, container assignments, or contact details. Specify 'me' as user_id to get the authenticated user's information. | | `DIGICERT_GET_USER_AVAILABILITY` | Check Username Availability | Tool to check if a username is available in DigiCert. Use when you need to verify whether a username can be used before creating a new user account. | | `DIGICERT_LIST_API_ACCESS_ROLES` | List API Access Roles | Tool to retrieve a list of available API access roles. Use after confirming authentication with an API key. | | `DIGICERT_LIST_API_KEYS` | List API Keys | Tool to retrieve a list of API keys and ACME URLs. Use to view all keys or filter by user_id or container_id. | | `DIGICERT_LIST_CERTIFICATE_FILTER_VALUES` | List Certificate Filter Values | Tool to retrieve available filter values for certificate attributes from DigiCert Discovery API. Use when you need to discover valid values for filtering certificates by common name, organization, status, serial number, security rating, or certificate authority. | | `DIGICERT_LIST_CERTIFICATE_ORDERS` | List Certificate Orders | Tool to list all certificate orders in your DigiCert account. Use when you need to retrieve order information with support for filtering by status, product, container, and pagination. | | `DIGICERT_LIST_CERTIFICATES` | List Certificates | Tool to list all certificates discovered by DigiCert Discovery scans. Use when you need to retrieve certificate inventory with support for filtering by status, organization, common name, expiration, and other attributes. | | `DIGICERT_LIST_CONTAINERS` | List Containers | Tool to retrieve a list of all containers (divisions) in your DigiCert account. Use when you need to view or manage account divisions. | | `DIGICERT_LIST_CONTAINER_TEMPLATES` | List Container Templates | Tool to list all templates that can be used when creating containers. Use when you need to retrieve available container templates for a specific container. | | `DIGICERT_LIST_DOMAIN_DCV_METHODS` | List Domain DCV Methods | Tool to retrieve available domain control validation (DCV) methods for domains. Use when you need to know which DCV methods are available for domain verification. | | `DIGICERT_LIST_DOMAINS` | List Domains | Tool to list all domains in your CertCentral account. Use when you need to retrieve domain information with support for filtering by name, validation status, and pagination. | | `DIGICERT_LIST_INTERMEDIATE_CERTIFICATES` | List Intermediate Certificates | Tool to retrieve a list of intermediate certificates. Use when you need to list all intermediate certificates for your account. No input required. | | `DIGICERT_LIST_LOCALES` | List Locales | Tool to retrieve a list of available locales. Use when you need to get supported locale codes and languages for the DigiCert Account Manager API. | | `DIGICERT_LIST_ORGANIZATION_POTENTIAL_APPROVERS` | List Organization Potential Approvers | Tool to list all users and contacts that can be validated as verified contacts (also called EV approvers). Use when you need to identify potential approvers for organization validation. | | `DIGICERT_LIST_ORGANIZATIONS` | List Organizations | Tool to retrieve all organizations in your DigiCert account. Use when you need to list, search, or audit organizations with support for filtering and pagination. | | `DIGICERT_LIST_PERMISSIONS` | List Permissions | Tool to list all permissions for the authenticated user. Use when you need to audit or verify the complete set of permissions available to the current API key. | | `DIGICERT_LIST_PRODUCTS` | List Available Products | Tool to list all products available to your CertCentral account. Use when you need to discover available certificate products, their validation periods, or supported hash algorithms. | | `DIGICERT_LIST_SENSORS` | List Sensors | Tool to list all sensors used for network scanning in DigiCert Discovery. Use when you need to retrieve sensor inventory with support for filtering by status, name, IP address, and other attributes. | | `DIGICERT_LIST_SERVICE_USERS` | List Service Users | Tool to list all DigiCert service users (API-only users). Use when you need to retrieve or audit service user accounts with support for filtering by container, access role, status, or search terms. | | `DIGICERT_LIST_USERS` | List CertCentral Users | Tool to retrieve a list of CertCentral account users. Use when you need to audit or manage users with support for pagination and optional detail inclusion. | | `DIGICERT_RESEND_USER_CREATE_EMAIL` | Resend User Create Email | Tool to resend the create user email to a user. Use when you need to resend the account creation email to a user who may not have received it. | | `DIGICERT_SUBMIT_DOMAIN_FOR_VALIDATION` | Submit Domain for Validation | Tool to submit a domain for validation with specified validation types. Use when you need to initiate domain validation for OV or EV certificates with various DCV methods. | | `DIGICERT_UPDATE_ACCOUNT_EMAILS` | Update Account Emails | Tool to update account notification and emergency email addresses. Use when you need to change the email addresses that receive account notifications or urgent security communications. | | `DIGICERT_UPDATE_CONTAINER` | Update Container | Tool to edit a container's details including name and description. Use when you need to update container information in your DigiCert account. | | `DIGICERT_UPDATE_CONTAINER_ALLOWED_DOMAIN_NAMES` | Update Container Allowed Domain Names | Tool to update a container's allowed domains. Use when you need to control which domains are permitted for certificate operations within a specific container. Note that this operation is destructive and will replace the entire allowed domains list. | | `DIGICERT_UPDATE_CONTAINER_USER_ASSIGNMENTS` | Update Container User Assignments | Tool to update a container's user assignments. Use when you need to assign or reassign users to a container. Note that this operation overwrites all existing assignments. | | `DIGICERT_UPDATE_DOMAIN_ACTIVATE` | Activate Domain | Tool to activate a domain in DigiCert CertCentral. Use when you need to activate a domain that has been validated and is ready for certificate issuance. | | `DIGICERT_UPDATE_DOMAIN_DCV_EMAILS` | Resend Domain DCV Emails | Tool to resend domain control validation (DCV) emails for a domain. Use when you need to trigger a new DCV email to be sent for domain validation purposes, such as when the original email was not received or has expired. | | `DIGICERT_UPDATE_KEY` | Update API Key | Tool to edit an API key's name or access role restrictions. Use when you need to rename an API key or modify its permission scope. | | `DIGICERT_UPDATE_KEY_STATUS` | Update API Key Status | Tool to activate, deactivate, or revoke a DigiCert API key. Use when you need to change the status of an existing API key by its ID. | | `DIGICERT_UPDATE_NOTIFICATIONS` | Update Notification Settings | Tool to update CertCentral account notification settings. Use when you need to configure certificate lifecycle email recipients, organization validation preferences, or account balance notifications. | | `DIGICERT_UPDATE_ORGANIZATION` | Update Organization | Tool to update an organization's details in your DigiCert CertCentral account. Use when you need to modify organization information such as name, address, telephone, or location details. Note: All fields (name, address, city, state, country, telephone) are required. The zip field may be required depending on the country (e.g., required for US). Updating organization details will invalidate current validations. | | `DIGICERT_UPDATE_ORGANIZATION_ACTIVATE` | Activate Organization | Tool to activate an organization in DigiCert CertCentral. Use when you need to activate an organization that has been validated and is ready for certificate operations. | | `DIGICERT_UPDATE_ORGANIZATION_CONTACT` | Update Organization Contact | Tool to update or replace organization contact and technical contact for an organization. Use when you need to modify contact information associated with an organization. | | `DIGICERT_UPDATE_ORGANIZATION_DEACTIVATE` | Deactivate Organization | Tool to deactivate an organization in DigiCert CertCentral. Use when you need to deactivate an organization that is no longer active or should be disabled. | | `DIGICERT_UPDATE_RENEWAL_EMAIL_PREFERENCE` | Update Renewal Email Preference | Tool to enable or disable renewal notifications for SSL/TLS certificates discovered in DigiCert Discovery. Use when you need to manage email alerts for certificate renewals. | | `DIGICERT_UPDATE_REPORT` | Update Report | Tool to update an existing report’s configuration. Use when you need to modify the schedule, recipients, or format of a scheduled report. | | `DIGICERT_UPDATE_USER` | Update User Profile | Tool to update a user's profile information in CertCentral. Use when you need to modify user details such as name, email, job title, or SAML SSO settings. The email field is required; other fields are optional. | | `DIGICERT_UPDATE_USER_CONTAINER_ASSIGNMENTS` | Update User Container Assignments | Tool to update container (division) assignments for a user. Use when you need to modify which containers a user has access to. Note that this completely overwrites existing assignments, and an empty array removes all restrictions. | | `DIGICERT_UPDATE_USER_ROLE` | Update User Role | Tool to change a user's access role in CertCentral. Use when you need to modify permissions by assigning different roles to an existing user. | | `DIGICERT_VALIDATE_VMC_ENCODED_LOGO` | Validate VMC Encoded Logo | Tool to validate if an SVG file format is compatible with Verified Mark Certificate (VMC) or Common Mark Certificate (CMC) requirements. Use when you need to verify logo format compliance before submitting for VMC/CMC issuance. | | `DIGICERT_VALIDATE_VMC_LOGO` | Validate VMC/CMC Logo Format | Tool to validate SVG logo format for Verified Mark Certificates (VMC) or Common Mark Certificates (CMC). Use when you need to check if an SVG file meets DigiCert's VMC/CMC requirements before certificate issuance. | | `DIGICERT_VERIFY_TEMPLATE` | Verify Template | Tool to verify a certificate template structure against DigiCert's validation rules. Use when you need to validate template JSON before creating or updating a template. Returns success (204) if valid, or raises ExecutionFailed with details if invalid. | ## Supported Triggers None listed. ## Creating MCP Server - Stand-alone vs Composio SDK The Digicert MCP server is an implementation of the Model Context Protocol that connects your AI agent to Digicert. It provides structured and secure access so your agent can perform Digicert operations on your behalf through a secure, permission-based interface. With Composio's managed implementation, you don't have to create your own developer app. For production, if you're building an end product, we recommend using your own credentials. The managed server helps you prototype fast and go from 0-1 faster. ## Step-by-step Guide ### 1. Prerequisites No description provided. ### 1. Getting API Keys for OpenAI and Composio OpenAI API Key - Go to the [OpenAI dashboard](https://platform.openai.com/settings/organization/api-keys) and create an API key. You'll need credits to use the models, or you can connect to another model provider. - Keep the API key safe. Composio API Key - Log in to the [Composio dashboard](https://dashboard.composio.dev?utm_source=toolkits&utm_medium=framework_docs). - Navigate to your API settings and generate a new API key. - Store this key securely as you'll need it for authentication. ### 2. Install dependencies No description provided. ```python pip install composio-langchain langchain-mcp-adapters langchain python-dotenv ``` ```typescript npm install @composio/langchain @langchain/core @langchain/openai @langchain/mcp-adapters dotenv ``` ### 3. Set up environment variables Create a .env file in your project root. What's happening: - COMPOSIO_API_KEY authenticates your requests to Composio's API - COMPOSIO_USER_ID identifies the user for session management - OPENAI_API_KEY enables access to OpenAI's language models ```bash COMPOSIO_API_KEY=your_composio_api_key_here COMPOSIO_USER_ID=your_composio_user_id_here OPENAI_API_KEY=your_openai_api_key_here ``` ### 4. Import dependencies No description provided. ```python from langchain_mcp_adapters.client import MultiServerMCPClient from langchain.agents import create_agent from dotenv import load_dotenv from composio import Composio import asyncio import os load_dotenv() ``` ```typescript import { Composio } from '@composio/core'; import { LangchainProvider } from '@composio/langchain'; import { MultiServerMCPClient } from "@langchain/mcp-adapters"; import { createAgent } from "langchain"; import * as readline from 'readline'; import 'dotenv/config'; dotenv.config(); ``` ### 5. Initialize Composio client What's happening: - We're loading the COMPOSIO_API_KEY from environment variables and validating it exists - Creating a Composio instance that will manage our connection to Digicert tools - Validating that COMPOSIO_USER_ID is also set before proceeding ```python async def main(): composio = Composio(api_key=os.getenv("COMPOSIO_API_KEY")) if not os.getenv("COMPOSIO_API_KEY"): raise ValueError("COMPOSIO_API_KEY is not set") if not os.getenv("COMPOSIO_USER_ID"): raise ValueError("COMPOSIO_USER_ID is not set") ``` ```typescript const composioApiKey = process.env.COMPOSIO_API_KEY; const userId = process.env.COMPOSIO_USER_ID; if (!composioApiKey) throw new Error('COMPOSIO_API_KEY is not set'); if (!userId) throw new Error('COMPOSIO_USER_ID is not set'); async function main() { const composio = new Composio({ apiKey: composioApiKey as string, provider: new LangchainProvider() }); ``` ### 6. Create a Tool Router session What's happening: - We're creating a Tool Router session that gives your agent access to Digicert tools - The create method takes the user ID and specifies which toolkits should be available - The returned session.mcp.url is the MCP server URL that your agent will use - This approach allows the agent to dynamically load and use Digicert tools as needed ```python # Create Tool Router session for Digicert session = composio.create( user_id=os.getenv("COMPOSIO_USER_ID"), toolkits=['digicert'] ) url = session.mcp.url ``` ```typescript const session = await composio.create( userId as string, { toolkits: ['digicert'] } ); const url = session.mcp.url; ``` ### 7. Configure the agent with the MCP URL No description provided. ```python client = MultiServerMCPClient({ "digicert-agent": { "transport": "streamable_http", "url": session.mcp.url, "headers": { "x-api-key": os.getenv("COMPOSIO_API_KEY") } } }) tools = await client.get_tools() agent = create_agent("gpt-5", tools) ``` ```typescript const client = new MultiServerMCPClient({ "digicert-agent": { transport: "http", url: url, headers: { "x-api-key": process.env.COMPOSIO_API_KEY } } }); const tools = await client.getTools(); const agent = createAgent({ model: "gpt-5", tools }); ``` ### 8. Set up interactive chat interface No description provided. ```python conversation_history = [] print("Chat started! Type 'exit' or 'quit' to end the conversation.\n") print("Ask any Digicert related question or task to the agent.\n") while True: user_input = input("You: ").strip() if user_input.lower() in ['exit', 'quit', 'bye']: print("\nGoodbye!") break if not user_input: continue conversation_history.append({"role": "user", "content": user_input}) print("\nAgent is thinking...\n") response = await agent.ainvoke({"messages": conversation_history}) conversation_history = response['messages'] final_response = response['messages'][-1].content print(f"Agent: {final_response}\n") ``` ```typescript let conversationHistory: any[] = []; console.log("Chat started! Type 'exit' or 'quit' to end the conversation.\n"); console.log("Ask any Digicert related question or task to the agent.\n"); const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: 'You: ' }); rl.prompt(); rl.on('line', async (userInput: string) => { const trimmedInput = userInput.trim(); if (['exit', 'quit', 'bye'].includes(trimmedInput.toLowerCase())) { console.log("\nGoodbye!"); rl.close(); process.exit(0); } if (!trimmedInput) { rl.prompt(); return; } conversationHistory.push({ role: "user", content: trimmedInput }); console.log("\nAgent is thinking...\n"); const response = await agent.invoke({ messages: conversationHistory }); conversationHistory = response.messages; const finalResponse = response.messages[response.messages.length - 1]?.content; console.log(`Agent: ${finalResponse}\n`); rl.prompt(); }); rl.on('close', () => { console.log('\n👋 Session ended.'); process.exit(0); }); ``` ### 9. Run the application No description provided. ```python if __name__ == "__main__": asyncio.run(main()) ``` ```typescript main().catch((err) => { console.error('Fatal error:', err); process.exit(1); }); ``` ## Complete Code ```python from langchain_mcp_adapters.client import MultiServerMCPClient from langchain.agents import create_agent from dotenv import load_dotenv from composio import Composio import asyncio import os load_dotenv() async def main(): composio = Composio(api_key=os.getenv("COMPOSIO_API_KEY")) if not os.getenv("COMPOSIO_API_KEY"): raise ValueError("COMPOSIO_API_KEY is not set") if not os.getenv("COMPOSIO_USER_ID"): raise ValueError("COMPOSIO_USER_ID is not set") session = composio.create( user_id=os.getenv("COMPOSIO_USER_ID"), toolkits=['digicert'] ) url = session.mcp.url client = MultiServerMCPClient({ "digicert-agent": { "transport": "streamable_http", "url": url, "headers": { "x-api-key": os.getenv("COMPOSIO_API_KEY") } } }) tools = await client.get_tools() agent = create_agent("gpt-5", tools) conversation_history = [] print("Chat started! Type 'exit' or 'quit' to end the conversation.\n") print("Ask any Digicert related question or task to the agent.\n") while True: user_input = input("You: ").strip() if user_input.lower() in ['exit', 'quit', 'bye']: print("\nGoodbye!") break if not user_input: continue conversation_history.append({"role": "user", "content": user_input}) print("\nAgent is thinking...\n") response = await agent.ainvoke({"messages": conversation_history}) conversation_history = response['messages'] final_response = response['messages'][-1].content print(f"Agent: {final_response}\n") if __name__ == "__main__": asyncio.run(main()) ``` ```typescript import { Composio } from '@composio/core'; import { LangchainProvider } from '@composio/langchain'; import { MultiServerMCPClient } from "@langchain/mcp-adapters"; import { createAgent } from "langchain"; import * as readline from 'readline'; import 'dotenv/config'; const composioApiKey = process.env.COMPOSIO_API_KEY; const userId = process.env.COMPOSIO_USER_ID; if (!composioApiKey) throw new Error('COMPOSIO_API_KEY is not set'); if (!userId) throw new Error('COMPOSIO_USER_ID is not set'); async function main() { const composio = new Composio({ apiKey: composioApiKey as string, provider: new LangchainProvider() }); const session = await composio.create( userId as string, { toolkits: ['digicert'] } ); const url = session.mcp.url; const client = new MultiServerMCPClient({ "digicert-agent": { transport: "http", url: url, headers: { "x-api-key": process.env.COMPOSIO_API_KEY } } }); const tools = await client.getTools(); const agent = createAgent({ model: "gpt-5", tools }); let conversationHistory: any[] = []; console.log("Chat started! Type 'exit' or 'quit' to end the conversation.\n"); console.log("Ask any Digicert related question or task to the agent.\n"); const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: 'You: ' }); rl.prompt(); rl.on('line', async (userInput: string) => { const trimmedInput = userInput.trim(); if (['exit', 'quit', 'bye'].includes(trimmedInput.toLowerCase())) { console.log("\nGoodbye!"); rl.close(); process.exit(0); } if (!trimmedInput) { rl.prompt(); return; } conversationHistory.push({ role: "user", content: trimmedInput }); console.log("\nAgent is thinking...\n"); const response = await agent.invoke({ messages: conversationHistory }); conversationHistory = response.messages; const finalResponse = response.messages[response.messages.length - 1]?.content; console.log(`Agent: ${finalResponse}\n`); rl.prompt(); }); rl.on('close', () => { console.log('\nSession ended.'); process.exit(0); }); } main().catch((err) => { console.error('Fatal error:', err); process.exit(1); }); ``` ## Conclusion You've successfully built a LangChain agent that can interact with Digicert through Composio's Tool Router. Key features of this implementation: - Dynamic tool loading through Composio's Tool Router - Conversation history maintenance for context-aware responses - Async Python provides clean, efficient execution of agent workflows You can extend this further by adding error handling, implementing specific business logic, or integrating additional Composio toolkits to create multi-app workflows. ## How to build Digicert MCP Agent with another framework - [OpenAI Agents SDK](https://composio.dev/toolkits/digicert/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/digicert/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/digicert/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/digicert/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/digicert/framework/codex) - [OpenClaw](https://composio.dev/toolkits/digicert/framework/openclaw) - [Hermes](https://composio.dev/toolkits/digicert/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/digicert/framework/cli) - [Google ADK](https://composio.dev/toolkits/digicert/framework/google-adk) - [Vercel AI SDK](https://composio.dev/toolkits/digicert/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/digicert/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/digicert/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/digicert/framework/crew-ai) ## Related Toolkits - [Supabase](https://composio.dev/toolkits/supabase) - Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure. - [Codeinterpreter](https://composio.dev/toolkits/codeinterpreter) - Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms. - [GitHub](https://composio.dev/toolkits/github) - GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place. - [Ably](https://composio.dev/toolkits/ably) - Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences. - [Abuselpdb](https://composio.dev/toolkits/abuselpdb) - Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses. - [Alchemy](https://composio.dev/toolkits/alchemy) - Alchemy is a blockchain development platform offering APIs and tools for Ethereum apps. It simplifies building and scaling Web3 projects with robust infrastructure. - [Algolia](https://composio.dev/toolkits/algolia) - Algolia is a hosted search API that powers lightning-fast, relevant search experiences for web and mobile apps. It helps developers deliver instant, typo-tolerant, and scalable search without complex infrastructure. - [Anchor browser](https://composio.dev/toolkits/anchor_browser) - Anchor browser is a developer platform for AI-powered web automation. It transforms complex browser actions into easy API endpoints for streamlined web interaction. - [Apiflash](https://composio.dev/toolkits/apiflash) - Apiflash is a website screenshot API for programmatically capturing web pages. It delivers high-quality screenshots on demand for automation, monitoring, or reporting. - [Apiverve](https://composio.dev/toolkits/apiverve) - Apiverve delivers a suite of powerful APIs that simplify integration for developers. It's designed for reliability and scalability so you can build faster, smarter applications without the integration headache. - [Appcircle](https://composio.dev/toolkits/appcircle) - Appcircle is an enterprise-grade mobile CI/CD platform for building, testing, and publishing mobile apps. It streamlines mobile DevOps so teams ship faster and with more confidence. - [Appdrag](https://composio.dev/toolkits/appdrag) - Appdrag is a cloud platform for building websites, APIs, and databases with drag-and-drop tools and code editing. It accelerates development and iteration by combining hosting, database management, and low-code features in one place. - [Appveyor](https://composio.dev/toolkits/appveyor) - AppVeyor is a cloud-based continuous integration service for building, testing, and deploying applications. It helps developers automate and streamline their software delivery pipelines. - [Backendless](https://composio.dev/toolkits/backendless) - Backendless is a backend-as-a-service platform for mobile and web apps, offering database, file storage, user authentication, and APIs. It helps developers ship scalable applications faster without managing server infrastructure. - [Baserow](https://composio.dev/toolkits/baserow) - Baserow is an open-source no-code database platform for building collaborative data apps. It makes it easy for teams to organize data and automate workflows without writing code. - [Bench](https://composio.dev/toolkits/bench) - Bench is a benchmarking tool for automated performance measurement and analysis. It helps you quickly evaluate, compare, and track your systems or workflows. - [Better stack](https://composio.dev/toolkits/better_stack) - Better Stack is a monitoring, logging, and incident management solution for apps and services. It helps teams ensure application reliability and performance with real-time insights. - [Bitbucket](https://composio.dev/toolkits/bitbucket) - Bitbucket is a Git-based code hosting and collaboration platform for teams. It enables secure repository management and streamlined code reviews. - [Blazemeter](https://composio.dev/toolkits/blazemeter) - Blazemeter is a continuous testing platform for web and mobile app performance. It empowers teams to automate and analyze large-scale tests with ease. - [Blocknative](https://composio.dev/toolkits/blocknative) - Blocknative delivers real-time mempool monitoring and transaction management for public blockchains. Instantly track pending transactions and optimize blockchain interactions with live data. ## Frequently Asked Questions ### What are the differences in Tool Router MCP and Digicert MCP? With a standalone Digicert MCP server, the agents and LLMs can only access a fixed set of Digicert tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Digicert and many other apps based on the task at hand, all through a single MCP endpoint. ### Can I use Tool Router MCP with LangChain? Yes, you can. LangChain fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Digicert tools. ### Can I manage the permissions and scopes for Digicert while using Tool Router? Yes, absolutely. You can configure which Digicert scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do. ### How safe is my data with Composio Tool Router? All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Digicert data and credentials are handled as safely as possible. --- [See all toolkits](https://composio.dev/toolkits) · [Composio docs](https://docs.composio.dev/llms.txt)