LiveDNS API

https://api.gandi.net/v5/livedns

Gandi LiveDNS Management API

TSIG keys ¶

https://api.gandi.net/v5/livedns/axfr/tsig

get List existing TSIG keys ¶

Note that the list of TSIG keys is relative to the optional sharing_id passed as argument (default to user_id)

Request

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠array

Of items of type:

object
With the following properties:
- href ⁠string
  URL of the key
- id ⁠string
  Identifier of the key
- key_name ⁠string
  Unique "name" for the key, based on its id
- secret ⁠string
  shared secret of the key

Example:

[
  {
    "href": "https://api.test/v5/livedns/axfr/tsig/2e21af2b-3d85-4ad9-b51b-698c242a13e5",
    "id": "2e21af2b-3d85-4ad9-b51b-698c242a13e5",
    "key_name": "2e21af2b-3d85-4ad9-b51b-698c242a13e5.gandi.net",
    "secret": "aiG5ji3Necheisho"
  }
]

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Creates a new TSIG key ¶

Warning the optional sharing_id parameter (as query string) will determine the one of the new key

Request

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

201

Headers

- Location ⁠string

Body

application/json

⁠object

With the following properties:

href ⁠string
URL of the key
id ⁠string
Identifier of the key
key_name ⁠string
Unique "name" for the key, based on its id

Example:

{
  "href": "https://api.test/v5/livedns/axfr/tsig/2e21af2b-3d85-4ad9-b51b-698c242a13e5",
  "id": "2e21af2b-3d85-4ad9-b51b-698c242a13e5",
  "key_name": "2e21af2b-3d85-4ad9-b51b-698c242a13e5.gandi.net"
}

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Manage TSIG keys ¶

https://api.gandi.net/v5/livedns/axfr/tsig/{id}

get GET information about a TSIG key ¶

Request

URI Parameters

- id ⁠string

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠object

With the following properties:

config_samples ⁠object
URL samples for each of those software
With the following properties:
- bind ⁠string
- knot ⁠string
- nsd ⁠string
- powerdns ⁠string
href ⁠string
URL of the key
id ⁠string
Identifier of the key
key_name ⁠string
Unique "name" for the key, based on its id
secret ⁠string
shared secret of the key

Example:

{
  "href": "https://api.test/v5/v5/livedns/axfr/tsig/2e21af2b-3d85-4ad9-b51b-698c242a13e5",
  "id": "2e21af2b-3d85-4ad9-b51b-698c242a13e5",
  "key_name": "2e21af2b-3d85-4ad9-b51b-698c242a13e5.gandi.net",
  "secret": "aiG5ji3Necheisho",
  "config_samples": {
    "bind": "https://api.test/v5/v5/livedns/axfr/tsig/id-tsig-001/config/bind",
    "knot": "https://api.test/v5/v5/livedns/axfr/tsig/id-tsig-001/config/knot",
    "nsd": "https://api.test/v5/v5/livedns/axfr/tsig/id-tsig-001/config/nsd",
    "powerdns": "hhttps://api.test/v5/v5/livedns/axfr/tsig/id-tsig-001/config/"
  }
}

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Software configuration information ¶

https://api.gandi.net/v5/livedns/axfr/tsig/{id}/config/{software}

get Software configuration information ¶

Request

URI Parameters

- id ⁠string
- software ⁠string
  One of: "bind", "knot", "nsd", "powerdns"

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠string
String representation of the configuration for that key

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

List accepted record types ¶

https://api.gandi.net/v5/livedns/dns/rrtypes

get List record types ¶

Returns the list of known record types (A, CNAME, …)

Current list (might be outdated):

A
AAAA
ALIAS
CAA
CDS
CNAME
DNAME
DS
KEY
LOC
MX
NAPTR
NS
OPENPGPKEY
PTR
RP
SPF
SRV
SSHFP
TLSA
TXT
WKS

Request

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠array[ string ]

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Domains ¶

https://api.gandi.net/v5/livedns/domains

get List of domains handled by LiveDNS ¶

Warning: The current behavior will only list domains directly under your Organization. You can use the sharing_id query string filter to list domains associated with another Organization

Request

Query String

Optional
- page ⁠integer
  Default: 1
  Minimum: 1
  Which result page to retrieve. If the number is greater than the last page, an empty list is returned.
- per_page ⁠integer
  Minimum: 1
  How many items to display per page.
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Headers

- Total-Count ⁠integer
  Total number of items.
Optional
- Link ⁠string
  Links to next and last page.

Body

application/json

⁠array

Of items of type:

object
With the following properties:
- domain_href ⁠string
- domain_records_href ⁠string
- fqdn ⁠string

Example:

[
  {
    "fqdn": "example.org",
    "domain_href": "https://api.test/v5/livedns/domains/example.org",
    "domain_records_href": "https://api.test/v5/livedns/domains/example.org/records"
  },
  {
    "fqdn": "example.net",
    "domain_href": "https://api.test/v5/livedns/domains/example.net",
    "domain_records_href": "https://api.test/v5/livedns/domains/example.net/records"
  }
]

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Add a new domain to LiveDNS ¶

This will add a new domain to the LiveDNS database. Please note that you need sufficient permissions to manage this domain at Gandi to perform this action

Request

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- fqdn ⁠string
  The domain name
Optional
- zone ⁠object
  With the following properties:
  Optional
  - items ⁠array
    Of items of type:
    object
    With the following properties:
    Required
    rrset_name ⁠string
    Name of the record
    rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
    rrset_values ⁠array[ string ]
    A list of values for this record
    Optional
    rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record
  - ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The TTL of the SOA record. Note that this is not a default TTL that will be used for the records in the zone.
Example:
```
{
  "fqdn": "example.org"
}
```
Example:
```
{
  "fqdn": "example.org",
  "zone": {
    "items": [
      {
        "rrset_name": "@",
        "rrset_type": "A",
        "rrset_values": [
          "192.0.2.1"
        ]
      }
    ]
  }
}
```

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Domain information ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}

get Show domain's properties ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠object

With the following properties:

automatic_snapshots ⁠boolean
True if new snapshots are automatically created when a modification is made to this domain's records
domain_href ⁠string
domain_keys_href ⁠string
domain_records_href ⁠string
fqdn ⁠string

Example:

{
  "fqdn": "example.com",
  "domain_href": "https://api.test/v5/livedns/domains/example.com",
  "domain_records_href": "https://api.test/v5/livedns/domains/example.com/records",
  "domain_keys_href": "https://api.test/v5/livedns/domains/example.com/keys",
  "automatic_snapshots": true
}

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

patch Update domain's properties ¶

Only automatic_snapshots can be currently be changed

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Optional
- automatic_snapshots ⁠boolean
  Enable or disable the automatic creation of new snapshots when records are changed. Disabling this will improve performance of modifications for domains with a large number of records
Example:
```
{
  "automatic_snapshots": true
}
```

Responses

200

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Zone transfer slaves ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/axfr/slaves

get List current slave's IP addresses ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠array[ string ]
A simple list of IP addresses
Example:
```
[
  "192.0.2.1",
  "2001:0db8:0000:0000:0000:0000:0000:0001"
]
```

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Zone slaves' IP ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/axfr/slaves/{ip}

put Add a new slave IP address to a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- ip ⁠string
  IP address (v4 or v6)

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Remove a slave IP address from a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- ip ⁠string
  IP address (v4 or v6)

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

202

IP address was removed

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

TSIG keys associated with a domain ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/axfr/tsig

get List TSIG keys associated with a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠array

Of items of type:

object
With the following properties:
- href ⁠string
  URL of the key
- id ⁠string
  Identifier of the key
- key_name ⁠string
  Unique "name" for the key, based on its id

Example:

[
  {
    "id": "9c87db4b-5624-4547-a006-8ac5c9343c6a",
    "key_name": "9c87db4b-5624-4547-a006-8ac5c9343c6a.gandi.net",
    "href": "https://api.test/v5/livedns/domains/example.com/axfr/tsig/9c87db4b-5624-4547-a006-8ac5c9343c6a"
  }
]

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Manage TSIG key association ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/axfr/tsig/{id}

put Associate a domain with a TSIG key ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  TSIG identifier

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Remove association between a domain and a TSIG key ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  TSIG identifier

Query String

Optional
- sharing_id ⁠string
  Sharing ID. Organization ID used as a filter or as a billing identifier. See the reference.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

202

TSIG was removed

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

DNSSEC keys ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/keys

get List DNSSEC keys of a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠array
Of items of type:
- object
  With the following properties:
  - algorithm ⁠integer
    Algorithm number (see IANA for full list)
  - algorithm_name ⁠string
    Algorithm as "human readable" (eg: ECDSAP256SHA256)
  - deleted ⁠boolean
    Is this key deleted? (no longer active)
  - ds ⁠string
    DS record as RFC1035 line (absolute)
  - flags ⁠integer
    One of: 256, 257
    Key flags
  - fqdn ⁠string
    associated domain name
  - id ⁠string
    Identifier of the key
  - key_href ⁠string
    URL of the key
  - status ⁠string
    Current status of the key
Example:
```
[
  {
    "algorithm": 13,
    "algorithm_name": "ECDSAP256SHA256",
    "deleted": false,
    "ds": "example.com. 3600 IN DS 50651 13 2 01cc01ee6b2750339245aba473340f589356b889a360380e80a11a36824dfb0d",
    "flags": 257,
    "fqdn": "example.com",
    "key_href": "https://api.test/v5/livedns//domains/example.com/keys/key-001",
    "status": "active",
    "id": "key-001"
  }
]
```

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Creates a new DNSSEC Key ¶

The key is automatically handled by LiveDNS, you can only provide the flags value

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- flags ⁠integer
  One of: 256, 257
  Key flags (ZSK=256, KSK=257)
Example:
```
{
  "flags": 256
}
```
Example:
```
{
  "flags": 257
}
```

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Manipulate a specific DNSSEC key ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/keys/{id}

get Get information about a key ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Key identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠object

With the following properties:

algorithm ⁠integer
Algorithm number (see IANA for full list)
algorithm_name ⁠string
Algorithm as "human readable" (eg: ECDSAP256SHA256)
deleted ⁠boolean
Is this key deleted? (no longer active)
ds ⁠string
DS record as RFC1035 line (absolute)
fingerprint ⁠string
The digest of the key
flags ⁠integer
One of: 256, 257
Key flags
fqdn ⁠string
associated domain name
id ⁠string
Identifier of the key
key_href ⁠string
URL of the key
public_key ⁠string
Public part of the key
status ⁠string
Current status of the key
tag ⁠integer
Extracted tag number of the key

Example:

{
  "algorithm": 13,
  "algorithm_name": "ECDSAP256SHA256",
  "deleted": false,
  "ds": "example.com. 3600 IN DS 50651 13 2 01cc01ee6b2750339245aba473340f589356b889a360380e80a11a36824dfb0d",
  "fingerprint": "ed5317ae0f6726cc694332d2d636e72f7ec616b96475a0cf3dd9801d0d64f619",
  "flags": 257,
  "fqdn": "example.com",
  "id": "key-001",
  "key_href": "https://api.test/v5/livedns//domains/example.com/keys/key-001",
  "public_key": "rtvYYzLKH/O9IlWUyP5/eMNymj1svKZhK9PVcih019T0KyJ99eyfL6VeOVys22+JQ0Xua7b/0B0RNFfEBsIImg==",
  "status": "active",
  "tag": 33695
}

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

patch Undelete a key ¶

This allows you to restore a previously deleted key

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Key identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- deleted ⁠boolean
  One of: false
Example:
```
{
  "deleted": false
}
```

Responses

200

The key was restored

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Deletes a key ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Key identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

204

Key was deleted

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Domain's nameserver information ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/nameservers

get Retrieve this domain's nameservers ¶

This route returns the list of nameservers that this domain is using according to LiveDNS' systems.

Either there are no NS records on @ and the 3 hashed nameservers are returned (ns-{123}-{abc}.gandi.net)
Or some NS records exist on @ and it will return those

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json

⁠array[ string ]

List of nameservers

Example:

[
  "ns-154-a.gandi.net",
  "ns-232-b.gandi.net",
  "ns-109-c.gandi.net"
]

Example:

[
  "ns1.example.net",
  "ns2.example.net"
]

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Domain's records ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/records

get List records associated with a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Query String

Optional
- page ⁠integer
  Default: 1
  Minimum: 1
  Which result page to retrieve. If the number is greater than the last page, an empty list is returned.
- per_page ⁠integer
  Minimum: 1
  How many items to display per page.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Filter records by type
- sort_by ⁠string
  Default: "rrset_name"

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key
Optional
- Accept ⁠string
  When passed text/plain value, this route will return The contents of the zone as it would appear in a standard master zone file (see RFC1035)

Responses

200

Headers

- Total-Count ⁠integer
  Total number of items.
Optional
- Link ⁠string
  Links to next and last page.

Body

application/json
⁠array
Of items of type:
- object
  With the following properties:
  - rrset_href ⁠string
    URL for the record
  - rrset_name ⁠string
    Name of the record
  - rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  - rrset_values ⁠array[ string ]
    A list of values for this record
  Optional
  - rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record
Example:
```
[
  {
    "rrset_name": "@",
    "rrset_ttl": 10800,
    "rrset_type": "A",
    "rrset_values": [
      "192.0.2.1"
    ],
    "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/%40/A"
  },
  {
    "rrset_name": "www",
    "rrset_ttl": 10800,
    "rrset_type": "CNAME",
    "rrset_values": [
      "www.example.net."
    ],
    "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/www/CNAME"
  }
]
```

text/plain
⁠string
The contents of the zone as it would appear in a standard master zone file (see RFC1035)

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Creates a new record ¶

Creates a new record. Will raise a 409 conflict if the record already exists, and return a 200 OK if the record already exists with the same values

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- rrset_name ⁠string
  Name of the record
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_name": "www",
  "rrset_type": "A",
  "rrset_values": [
    "192.0.2.1"
  ]
}
```
Example:
```
{
  "rrset_name": "www",
  "rrset_type": "AAAA",
  "rrset_values": [
    "2001:db8::1",
    "2001:db8::2"
  ]
}
```
Example:
```
{
  "rrset_name": "@",
  "rrset_type": "TXT",
  "rrset_values": [
    "\"v=spf1 include:_mailcust.gandi.net ?all\""
  ]
}
```

Responses

200

Same record already exists. Nothing was changed

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

201

Record was created

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

409

A record with that name / type pair already exists

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

put Replace the whole zone with new records ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- items ⁠array
  Of items of type:
  - object
    With the following properties:
    Required
    rrset_name ⁠string
    Name of the record
    rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
    rrset_values ⁠array[ string ]
    A list of values for this record
    Optional
    rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record
Optional
- remove_apex_ns ⁠boolean
  Default: false
  The default behavior is to keep the NS records on @ if they already exist and no NS where provided in the body. Setting remove_apex_ns to true will remove the NS records in all cases. (Note that having no NS record is a valid configuration, the default ones will be used by the current nameservers)
Example:
```
{
  "items": [
    {
      "rrset_name": "www",
      "rrset_type": "A",
      "rrset_values": [
        "192.0.2.1"
      ]
    },
    {
      "rrset_name": "www",
      "rrset_type": "AAAA",
      "rrset_values": [
        "2001:db8::1",
        "2001:db8::2"
      ]
    },
    {
      "rrset_name": "@",
      "rrset_type": "TXT",
      "rrset_values": [
        "\"v=spf1 include:_mailcust.gandi.net ?all\""
      ]
    }
  ]
}
```

text/plain
⁠string
The contents of the zone as it would appear in a standard master zone file (see RFC1035)

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Delete all records ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

204

Records were deleted

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Domain's records, by name ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/records/{rrset_name}

get Zone records list {rrset_name} linked to a domain ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠array
Of items of type:
- object
  With the following properties:
  - rrset_href ⁠string
    URL for the record
  - rrset_name ⁠string
    Name of the record
  - rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  - rrset_values ⁠array[ string ]
    A list of values for this record
  Optional
  - rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record
Example:
```
[
  {
    "rrset_name": "www",
    "rrset_type": "A",
    "rrset_values": [
      "192.0.2.1"
    ],
    "rrset_ttl": 320,
    "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/www/A"
  },
  {
    "rrset_name": "www",
    "rrset_type": "TXT",
    "rrset_values": [
      "some-text-value"
    ],
    "rrset_ttl": 320,
    "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/www/TXT"
  }
]
```

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Create a new record whose name is defined by the path ¶

Creates a new record. Will raise a 409 conflict if the record already exists, and return a 200 OK if the record already exists with the same values

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_type": "A",
  "rrset_values": [
    "192.0.2.1"
  ]
}
```
Example:
```
{
  "rrset_type": "AAAA",
  "rrset_values": [
    "2001:db8::1",
    "2001:db8::2"
  ]
}
```
Example:
```
{
  "rrset_type": "TXT",
  "rrset_values": [
    "some-text-value"
  ]
}
```

Responses

200

Same record already exists. Nothing was changed

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

201

Record was created

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

409

A record with that name / type pair already exists

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

put Replace all records named {rrset_name} ¶

Replaces all records for a given name with the provided list.

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- items ⁠array
  Of items of type:
  - object
    With the following properties:
    Required
    rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
    rrset_values ⁠array[ string ]
    A list of values for this record
    Optional
    rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "items": [
    {
      "rrset_type": "A",
      "rrset_values": [
        "192.0.2.1"
      ]
    },
    {
      "rrset_type": "AAAA",
      "rrset_values": [
        "2001:db8::1",
        "2001:db8::2"
      ]
    },
    {
      "rrset_type": "TXT",
      "rrset_values": [
        "some-text-value"
      ]
    }
  ]
}
```

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Delete all records named {rrset_name} ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

204

Records were deleted

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Single domain's record, by name and type ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/records/{rrset_name}/{rrset_type}

get Get a single single record with its name and type ¶

Will return a 404 if the name/type pair does not exist

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Type of the record

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Body

application/json
⁠object
With the following properties:
- rrset_href ⁠string
  URL for the record
- rrset_name ⁠string
  Name of the record
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_name": "www",
  "rrset_type": "CNAME",
  "rrset_values": [
    "www.example.net"
  ],
  "rrset_ttl": 10800,
  "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/www/CNAME"
}
```

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

patch Update a record (RRset) in the zone records linked to a domain ¶

Add or remove some values of a Resource Record set (RRset).

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Type of the record

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Optional
- add_rrset_values ⁠array
  Default: []
  Resource record set values to add in a DNS zone.
  Of items of type:
  - string
    Maximum length: 16384
    Pattern: ^[\x20-\x7E]+$
- remove_rrset_values ⁠array
  Default: []
  Resource record set values to remove from a DNS zone.
  Of items of type:
  - string
    Maximum length: 16384
    Pattern: ^[\x20-\x7E]+$
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record.
Example:
```
{
  "add_rrset_values": [
    "www.example.org."
  ],
  "rrset_ttl": 11000
}
```

Responses

200

Body

application/json
⁠object
With the following properties:
- rrset_href ⁠string
  URL for the record
- rrset_name ⁠string
  Name of the record
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_name": "www",
  "rrset_type": "CNAME",
  "rrset_values": [
    "www.example.org."
  ],
  "rrset_ttl": 11000,
  "rrset_href": "https://api.test/v5/livedns/domains/example.com/records/www/CNAME"
}
```

204

The request was successful, but the resource record set no longer exists at the end of the operation.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Create a new record whose name and type are defined by the path ¶

Creates a new record. Will raise a 409 conflict if the record already exists, and return a 200 OK if the record already exists with the same values

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Type of the record

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_values": [
    "www.example.org"
  ],
  "rrset_ttl": 320
}
```

Responses

200

Same record already exists. Nothing was changed

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

201

Record was created

Headers

- Location ⁠string
  URL of record

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

409

A record with that name / type pair already exists

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

put Overwrites a single record with {rrset_name} and {rrset_type} ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Type of the record

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- rrset_values ⁠array[ string ]
  A list of values for this record
Optional
- rrset_ttl ⁠integer
  Minimum: 300
  Maximum: 2592000
  The time in seconds that DNS resolvers should cache this record
Example:
```
{
  "rrset_values": [
    "www.example.org"
  ],
  "rrset_ttl": 320
}
```

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Delete record with {rrset_name} and {rrset_type} ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- rrset_name ⁠string
  Name of the record.
- rrset_type ⁠string
  One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  Type of the record

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

204

Record was deleted

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Snapshots of a domain ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/snapshots

get List available snapshots ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Query String

Optional
- automatic ⁠boolean
  Only list automatic/non-automatic snapshots
- page ⁠integer
  Default: 1
  Minimum: 1
  Which result page to retrieve. If the number is greater than the last page, an empty list is returned.
- per_page ⁠integer
  Minimum: 1
  How many items to display per page.
- sort_by ⁠string
  One of: "date_created", "-date_created"
  Default: "date_created"
  Allow sorting result by creation date or reverse creation date

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

200

Headers

- Total-Count ⁠integer
  Total number of items.
Optional
- Link ⁠string
  Links to next and last page.

Body

application/json
⁠array
Of items of type:
- object
  With the following properties:
  - automatic ⁠boolean
    true if the snapshot was automatically created after a zone change
  - created_at ⁠string
    Creation date of the snapshot (UTC)
  - href ⁠string
    URL of the snapshot
  - id ⁠string
    Identifier of the snapshot
  - name ⁠string
    Name of the snapshot
Example:
```
[
  {
    "id": "f975042c-e219-11ea-b22b-00163e867a15",
    "name": "My new snapshot",
    "created_at": "2019-08-30T12:44:41Z",
    "automatic": false,
    "href": "http://api.test/v5/livedns/domains/example.com/snapshots/f975042c-e219-11ea-b22b-00163e867a15"
  }
]
```

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

post Creates a new snapshot ¶

Creates a new snapshot with the current zone content

Request

URI Parameters

- fqdn ⁠string
  Domain name.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Optional
- name ⁠string
  Optional name for the snapshot. When not specified, the name will be today's date with an incremental number added to it
Example:
```
{
  "name": "My new snapshot"
}
```

Responses

201

The resource has been created.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- id ⁠string
  Identifier of the snapshot
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Snapshots operations ¶

https://api.gandi.net/v5/livedns/domains/{fqdn}/snapshots/{id}

get Snapshot details ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Snapshot identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key
Optional
- Accept ⁠string
  When passed text/plain value, this route will return The contents of the snapshot as it would appear in a standard master zone file (see RFC1035)

Responses

200

Body

application/json

⁠object

With the following properties:

automatic ⁠boolean
true if the snapshot was automatically created after a zone change
created_at ⁠string
Creation date of the snapshot (UTC)
href ⁠string
URL of the snapshot
id ⁠string
Identifier of the snapshot
name ⁠string
Name of the snapshot
zone_data ⁠array
Of items of type:
- object
  With the following properties:
  - rrset_name ⁠string
    Name of the record
  - rrset_type ⁠string
    One of: "A", "AAAA", "ALIAS", "CAA", "CDS", "CNAME", "DNAME", "DS", "HTTPS", "KEY", "LOC", "MX", "NAPTR", "NS", "OPENPGPKEY", "PTR", "RP", "SOA", "SPF", "SRV", "SSHFP", "SVCB", "TLSA", "TXT", "WKS"
  - rrset_values ⁠array[ string ]
    A list of values for this record
  Optional
  - rrset_ttl ⁠integer
    Minimum: 300
    Maximum: 2592000
    The time in seconds that DNS resolvers should cache this record

Example:

{
  "name": "My new snapshot",
  "id": "f975042c-e219-11ea-b22b-00163e867a15",
  "created_at": "2022-12-15T15:20:03Z",
  "href": "http://api.test/v5/livedns/domains/example.com/snapshots/f975042c-e219-11ea-b22b-00163e867a15",
  "automatic": true,
  "zone_data": [
    {
      "rrset_name": "@",
      "rrset_type": "A",
      "rrset_ttl": 10800,
      "rrset_values": [
        "192.0.2.1"
      ]
    },
    {
      "rrset_name": "@",
      "rrset_type": "MX",
      "rrset_ttl": 10800,
      "rrset_values": [
        "10 spool.mail.gandi.net.",
        "50 fb.mail.gandi.net."
      ]
    },
    {
      "rrset_name": "@",
      "rrset_type": "TXT",
      "rrset_ttl": 10800,
      "rrset_values": [
        "\"v=spf1 include:_mailcust.gandi.net ?all\""
      ]
    },
    {
      "rrset_name": "www",
      "rrset_type": "CNAME",
      "rrset_ttl": 10800,
      "rrset_values": [
        "webredir.vip.gandi.net."
      ]
    }
  ]
}

text/plain
⁠string
The contents of the zone as it would appear in a standard master zone file (see RFC1035)

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

patch Update a snapshot ¶

Only the name can be changed at the moment

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Snapshot identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Body

application/json
⁠object
With the following properties:
Required
- name ⁠string
  New snapshot name
Example:
```
{
  "name": "Snapshot by SRE on 2022-02-06"
}
```

Responses

202

The request has been accepted.

Headers

Optional
- Location ⁠string

Body

application/json
⁠object
With the following properties:
- message ⁠string
  Confirmation message.

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

delete Delete a snapshot ¶

Request

URI Parameters

- fqdn ⁠string
  Domain name.
- id ⁠string
  Snapshot identifier

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Responses

204

Snapshot was deleted

403

Access to the resource is denied. Mainly due to a lack of permissions to access it.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

401

Bad authentication attempt because of a wrong API Key.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

403

In case the bearer token has expired, does not have enought permission or does not exists.

Body

application/json
⁠object
With the following properties:
- cause ⁠string
- code ⁠integer
- message ⁠string
- object ⁠string

Secured by

Http Authorization Scheme

This authentication scheme allows you to pass your Personal Access Token and be granted access to permissions and resources scoped by this token.

Tokens are created in the Organization Tab of the Gandi Admin application, choose the organization the token will have access too. Then go to the sharing tab, and click on "Create a token" button.

The authentication scheme Apikey allows also you to pass your Gandi API Key, but has been deprecated.

Headers

Required
- Authorization ⁠string
  The Authorization header must start with Bearer for access token, or Apikey depending of the authentication scheme. Apikey is deprecated and be replaced by personal access token.
  Example: Bearer pat_abc-123
  Example: Apikey your-api-key

Generic nameservers ¶

https://api.gandi.net/v5/livedns/nameservers/{fqdn}

get Retrieve the generic (hashed) nameservers ¶

This route returns the list of nameservers that this domain is using according to LiveDNS' systems when no NS resource record exists in the zone for that domain

This is a generic route for hashing any domain and thus is not authenticated.

To retrieve the nameservers that takes into account any NS resource records in the domain's zone, use the authenticated version instead.

LiveDNS API

TSIG keys ¶

get List existing TSIG keys ¶

Request

Query String

Optional

Headers

Required

Responses

200

Body

application/json

403

Body

application/json

401

Body

application/json

403

Body

application/json

Secured by

Http Authorization Scheme

Headers

Required

Examples

post Creates a new TSIG key ¶

Request

Query String

Optional

Headers

Required

Responses

201

Headers

Body

application/json

403

Body

application/json

401

Body

application/json

403

Body

application/json

Secured by

Http Authorization Scheme

Headers

Required

Examples

Manage TSIG keys ¶

get GET information about a TSIG key ¶

Request

URI Parameters

Query String

Optional

Headers

Required

Responses

200

Body

application/json

403

Body

application/json

401

Body

application/json

403

Body

application/json

Secured by

Http Authorization Scheme

Headers

Required

Examples

Software configuration information ¶

get Software configuration information ¶

Request