Introduction

The Domainrobot API offers different possibilities of authentication. Depending on the selected API, the following authentication options are available:

JSON and XML:

• Credentials (user/context/password)
• SessionID
• TrustedApp

XML only:

• Two-Factor Authentication
• SingleSignOn authentication

JSON API

Authentication via credentials (username/password/context)

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself.

User ($user) and password ($password) are specified as Basic Auth. The context is specified here via the header X-Domainrobot-Context.

Example Http-Header :

You have to pass the following http header for the username "user", the password "password" and the context "4":

• Authorization: Basic dXNlcjpwYXNzd29yZA==
• X-Domainrobot-Context: 4

Authentication via Trusted App

For this type of authentication, the data of the Trusted App ($uuid:$password) must be specified as Basic Auth.

Authentication via SessionID

Login

The session to be used for authentication must first be created with a AuthSessionCreate request.

After a successful login, the system returns the user data in the response. Depending on the query parameters selected, additional user data is output. The SessionID is returned in the header.

Set-Cookie: domainrobot_session=$sessionID; Path=/;Max-Age=599;secure;httponly

SessionID as cookie/header

The SessionID returned at login is now available for further orders. It can be used in the orders in the header (X-Domainrobot-SessionId) or as a cookie.

X-Domainrobot-SessionId: $sessionID

Logout

The current working session can be terminated via the GET /logout route.

XML API

Authentication via credentials (Username/Password/Context)

Authentication with the AutoDNS user name and your AutoDNS context. You must define the password yourself. It is entered in the auth block in the <password> tag.

<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
</auth>

Authentication via Trusted Application

A "Trusted Application" is an application that you have created in AutoDNS as trustworthy.

<request>
	<authentication>
		<trusted_application>
			<uuid>USER</uuid>
			<password>PASSWORD</password>
			<application>
				<name>TRUSTED_APP_NAME</name>
			</application>
		</trusted_application>
	</authentication>
	<task>
		<!-- .... -->
	</task>
</request>

Authentication with SessionID

Starting the working session - login

You create the AutoDNS SessionID with an AuthSessionCreate request.

The AutoDNS SessionID is a UUID (Universally Unique Identifier) with which you authenticate yourself for the duration of a working session. The auth_session block replaces the auth block.

<request>
	<auth_session>
		<hash>9b4b36ff-2bed-41c8-8471-6ede5d2873dd</hash>
	</auth_session>
	<task>
		<!-- .... -->
	</task>
</request>

Ending the working session - logout

You end the working session with an AuthSessionDelete request.

Authentication via two-factor authentication (2FA)

With the 2FA, a six-digit numerical code, the so-called token, must be entered in addition to the user name and password.

Create Token

The token is generated using the time-based One-time Password Algorithm (RFC 6238).

Use Token

The token is entered in the auth block in the <token< tag.

<auth>
	<user>USER</user>
	<context>CONTEXT</context>
	<password>PASSWORD</password>
	<token>TOKEN</token>
</auth>