Search in this section

Skip to end of metadata
Go to start of metadata


Table of Contents

Introduction

The Domainrobot API offers different possibilities of authentication. Depending on the selected API, the following authentication options are available:

JSON and XML:

  • Credentials (user/context/password)
  • SessionID
  • TrustedApp

XML only:

  • Two-Factor Authentication
  • SingleSignOn authentication

JSON API

Authentication via Credentials (username/password/context)

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself.

User ($user) and password ($password) are specified as Basic Auth. The context is specified here via the header X-Domainrobot-Context.

Note the context numbers. Context "1" refers to the demo system, context "4" or the PersonalAutoDNS context number, the live system.

Authentication via Trusted App

For this type of authentication, the data of the Trusted App ($uuid:$password) must be specified as Basic Auth.

Authentication via SessionID

Login

The session to be used for authentication must first be created with the following order.

JSON
POST /login?acl=true&profile=true&customer=true&timeout=60
{
	"user": "$user",
	"context": $context,
	"password": "$password"
}

List of query parameters

ParameterDescriptionValuesRequired
aclSpecifies whether the user's ACLs are to be output in the response.true/falseOPTIONAL
profileSpecifies whether the profile data is to be output in the response.true/falseOPTIONAL
customerSpecifies whether the customer data is to be output in the response.true/falseOPTIONAL
timeoutSpecifies the session runtime in minutes.default 10 minutesOPTIONAL

If the login is successful, the system returns the user data in the response. Depending on the query parameters selected, additional user data is output. The SessionID is returned in the header.

Set-Cookie: domainrobot_session=$sessionID; Path=/;Max-Age=599;secure;httponly

Example Response

JSON
{
    "status": {
        "code": "S1321001",
        "text": "Session token has been created successfully.",
        "type": "SUCCESS"
    },
    "stid": "20180915-app1",
    "object": {
        "type": "user",
        "value": "username, 4"
    },
    "data": [
        {
            "user": "username",
            "context": 4,
            "defaultEmail": "user.name@domain.com",
            "status": 2,
            "substatus": 0,
            "owner": {},
            "language": "en"
        }
    ]
}

SessionID as Cookie/Header

The SessionID returned at login is now available for further orders. It can be used in the orders in the header (X-Domainrobot-SessionId) or as a cookie.

X-Domainrobot-SessionId: $sessionID

Logout

The current working session can be terminated via the GET /logout route.

XML API

Authentication via Credentials (username/password/context)

Note the context numbers. Context "1" refers to the demo system, context "4" or the PersonalAutoDNS context number, the live system.

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself. It is entered in the auth block in the <password> tag.

Password Authentication
<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
</auth>

Authentication via Trusted Application

A Trusted Application is an application that you have created in AutoDNS as trustworthy.

TrustedbApplication Authentication
<request>
	<authentication>
		<trusted_application>
			<uuid>USER</uuid>
			<password>PASSWORD</password>
			<application>
				<name>TRUSTED_APP_NAME</name>
			</application>
		</trusted_application>
	</authentication>
	<task>
		<!-- .... -->
	</task>
</request>

Authentication with SessionID

Login

You create the AutoDNS SessionID with the task AuthSession Create - 1321001

SessionID as XML tag

The AutoDNS SessionID is a UUID (Universally Unique Identifier) with which you authenticate yourself for the duration of a working session. The auth_session block replaces the auth block.

Session ID Authentication
<request>
	<auth_session>
		<hash>9b4b36ff-2bed-41c8-8471-6ede5d2873dd</hash>
	</auth_session>
	<task>
		<!-- .... -->
	</task>
</request>

Ending the working session

You end the working session with the task AuthSession Delete - 1321003.

Authentication via Two-Factor Authentication (2FA)

With the 2FA, a six-digit numerical code, the so-called token, must be entered in addition to the user name and password.

Create Token

The token is generated using the time-based One-time Password Algorithm (RFC 6238).

Use Token

The token is entered in the auth block in the <token< tag.

2FA Authentication
<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
	<token>TOKEN</token>
</auth>