Overview

This page provides an overview of the official DNSimple API v1.


Expected Changes

There are some planned changes (last update 2013-08-10) we’ll implement someday in the future. Please review them and make sure to write your code accordingly.

URL

All API access is over HTTPS, and accessed from the api.dnsimple.com domain. Sandbox accounts must use the api.sandbox.dnsimple.com domain.

In order to maintain compatibility in the future, all requests must specify an API version, which is appended to the URL.

https://api.dnsimple.com/v1/

Current Version

The current API version is v2.

API v1 is currently in maintenance-only mode. It will be discontinued on October 1st, 2017.

Requests

All requests should include the Accept header set to application/json. All data is sent and received as JSON.

Passing form-encoded post data using the application/x-www-form-urlencoded content type is deprecated.

Authentication

There are three ways to authenticate through DNSimple API. Two of them are global to all the API methods, one provides access to limited resources.

There are two authentication methods available: the HTTP Basic Authentication and the API token.

The API token is the recommended authentication mechanism.

HTTP Basic Authentication
curl  -u '<email>:<password>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v1/user
DNSimple API Token (passed as header)
curl  -H 'X-DNSimple-Token: <email>:<token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v1/user
DNSimple Domain Token (passed as header)
curl  -H 'X-DNSimple-Domain-Token: <token>' \
      -H 'Accept: application/json' \
      https://api.dnsimple.com/v1/domains/:domain

The Authentication page provides more information about how to use them.

Cross Origin Resource Sharing

If you are using the DNSimple API in JavaScript from within a web browser then your browser will need to support for Cross Origin Resource Sharing (CORS).

Our CORS response headers are currently as follows:

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization,Accepts,Content-Type,X-DNSimple-Domain-Token,X-CSRF-Token,X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS

As you can see we allow any origin to access the DNSimple API, so you should be able to embed a JavaScript library directly in your web application if you would like.