Authentication

Introduction

The Domainrobot API offers different possibilities of authentication. Depending on the selected API, the following authentication options are available:

JSON and XML:

• Credentials (user/context/password)
• SessionID
• TrustedApp

XML only:

• Two-Factor Authentication
• SingleSignOn authentication

JSON API

Authentication via Credentials (username/password/context)

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself.

User ($user) and password ($password) are specified as Basic Auth. The context is specified here via the header X-Domainrobot-Context.

Authentication via Trusted App

For this type of authentication, the data of the Trusted App ($uuid:$password) must be specified as Basic Auth.

Authentication via SessionID

Login

The session to be used for authentication must first be created with the following order.

POST /login?acl=true&profile=true&customer=true&timeout=60
{
	"user": "$user",
	"context": $context,
	"password": "$password"
}

List of query parameters

If the login is successful, the system returns the user data in the response. Depending on the query parameters selected, additional user data is output. The SessionID is returned in the header.

Set-Cookie: domainrobot_session=$sessionID; Path=/;Max-Age=599;secure;httponly

Example Response

{
    "status": {
        "code": "S1321001",
        "text": "Session token has been created successfully.",
        "type": "SUCCESS"
    },
    "stid": "20180915-app1",
    "object": {
        "type": "user",
        "value": "username, 4"
    },
    "data": [
        {
            "user": "username",
            "context": 4,
            "defaultEmail": "user.name@domain.com",
            "status": 2,
            "substatus": 0,
            "owner": {},
            "language": "en"
        }
    ]
}

SessionID as Cookie/Header

The SessionID returned at login is now available for further orders. It can be used in the orders in the header (X-Domainrobot-SessionId) or as a cookie.

X-Domainrobot-SessionId: $sessionID

Logout

The current working session can be terminated via the GET /logout route.

XML API

Authentication via Credentials (username/password/context)

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself. It is entered in the auth block in the <password> tag.

<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
</auth>

Authentication via Trusted Application

A Trusted Application is an application that you have created in AutoDNS as trustworthy.

<request>
	<authentication>
		<trusted_application>
			<uuid>USER</uuid>
			<password>PASSWORD</password>
			<application>
				<name>TRUSTED_APP_NAME</name>
			</application>
		</trusted_application>
	</authentication>
	<task>
		<!-- .... -->
	</task>
</request>

Authentication with SessionID

Login

You create the AutoDNS SessionID with the task AuthSession Create - 1321001

SessionID as XML tag

The AutoDNS SessionID is a UUID (Universally Unique Identifier) with which you authenticate yourself for the duration of a working session. The auth_session block replaces the auth block.

<request>
	<auth_session>
		<hash>9b4b36ff-2bed-41c8-8471-6ede5d2873dd</hash>
	</auth_session>
	<task>
		<!-- .... -->
	</task>
</request>

Ending the working session

You end the working session with the task AuthSession Delete - 1321003.

Authentication via Two-Factor Authentication (2FA)

With the 2FA, a six-digit numerical code, the so-called token, must be entered in addition to the user name and password.

Create Token

The token is generated using the time-based One-time Password Algorithm (RFC 6238).

Use Token

The token is entered in the auth block in the <token< tag.

<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
	<token>TOKEN</token>
</auth>