diff --git a/rootfs/api/tests/test_certificate_use_case_1.py b/rootfs/api/tests/test_certificate_use_case_1.py
index b9e235a56..3a2679410 100644
--- a/rootfs/api/tests/test_certificate_use_case_1.py
+++ b/rootfs/api/tests/test_certificate_use_case_1.py
@@ -92,6 +92,14 @@ def test_get_certificate_screens_data(self):
         )
         self.assertEqual(response.status_code, 201, response.data)
 
+        # Attach domain to cert but post no body
+        response = self.client.post(
+            '{}/{}/domain/'.format(self.url, self.name),
+            {}
+        )
+        self.assertEqual(response.status_code, 400, response.data)
+        self.assertEqual(response.data, {'detail': 'domain is a required field'})
+
         # Assert data
         response = self.client.get('{}/{}'.format(self.url, self.name))
         self.assertEqual(response.status_code, 200, response.data)
diff --git a/rootfs/api/views.py b/rootfs/api/views.py
index 64ab371a6..18f9a4576 100644
--- a/rootfs/api/views.py
+++ b/rootfs/api/views.py
@@ -361,8 +361,11 @@ def get_object(self, **kwargs):
 
     def attach(self, request, *args, **kwargs):
         try:
-            # TODO how to validate domain is set in the body?
-            kwargs['domain'] = request.data['domain']
+            if kwargs['domain'] is None and not request.data.get('domain'):
+                raise DeisException("domain is a required field")
+            elif request.data.get('domain'):
+                kwargs['domain'] = request.data['domain']
+
             self.get_object().attach(*args, **kwargs)
         except Http404:
             raise