Connect, list and inspect your registrar accounts (Spaceship, Dynadot, Webnic, NiceNIC, GName, …).
Secrets never come back. Responses NEVER include password, token, tokenTtl or proxyPassword. The values you POST are stored encrypted server-side and used only when bridge-sdk talks to the registrar on your behalf. To rotate a credential, delete and re-create the provider — there is no "show me my secret" endpoint.
Per-registrar field cheat sheet (call GET /providers/auth-config for the authoritative schema):
| Registrar | Required fields | Notes |
|---|---|---|
| Spaceship | token, password | token = api-key, password = api-secret |
| Dynadot | token | Single API key |
| Webnic | login, password | API username + password |
| NiceNIC | login, token, level | level = reseller tier (1, 2, or 3) — required |
| GName | login, token | login = appid, token = appkey |
| DomainNameAPI | login, token | login = reseller id |
| NicNames | token | Single API key |
One active per type at a time. If you already have an active provider of the same type, the new one is inserted with isActive: false. Flip the existing one off in the panel if you want the new one to take over.
Statuses are cached. GET /providers/statuses returns whatever the worker last wrote — typical lag is a few minutes. Don't poll this endpoint to trigger a live balance check; the worker controls the refresh cadence to stay inside each registrar's rate limit.
Disconnect doesn't delete domains. DELETE /providers/{id} drops the credentials and invalidates the status snapshot. Domains owned through this provider remain in the local DB — Most never deletes them at the registrar — but renew / nameserver / auth-info calls for those domains will fail until you reconnect the same registrar.
List provider accounts
Returns every registrar account connected to your user. Each row carries only the public fields — password, token, tokenTtl and proxyPassword are stripped server-side. Useful for showing a "connected registrars" list in a dashboard or picking a registrarId for a domain order.
List provider accounts › Responses
List of providers
Connect a provider account
Connect a new registrar account. The required body fields depend on the registrar type — call GET /providers/auth-config first to discover the per-type field schema.
Quick reference:
DYNADOT—tokenWEBNIC—login+passwordNICENIC—login+token(+level: 1/2/3 reseller tier)SPACESHIP—token(api-key) +password(api-secret)GNAME—login(appid) +token(appkey)DOMAINNAMEAPI—login+tokenNICNAMES—token
If you already have an active provider of the same type, the new one is inserted in disabled state (isActive: false) — flip the existing one off if you want the new one to take over. The response NEVER echoes back the secrets you sent. A background health-check is queued so the status cache populates without waiting for the next periodic sweep.
Connect a provider account › Request Body
nameHuman-readable label for this provider account (shown in your dashboard).
typeRegistrar type.
authTypeAuth scheme used by this registrar. Mirrors what GET /providers/auth-config returns for the type — pick the value listed there.
loginUsername / app id / reseller id — depending on registrar. See GET /providers/auth-config.
passwordPassword / api-secret — depending on registrar. Stored encrypted; never echoed back.
tokenAPI token / api-key / appkey — depending on registrar. Stored encrypted; never echoed back.
tokenTtlOptional token TTL (seconds). Used by OAuth-style registrars that issue short-lived tokens; null otherwise.
useProxyRoute all API traffic for this provider through a proxy.
proxyTypeRequired when useProxy: true.
proxyProxy address in host:port form.
proxyLoginOptional proxy username.
proxyPasswordOptional proxy password. Never echoed back.
rateLimitMaximum concurrent in-flight requests this provider will accept before bridge-sdk throttles. Defaults to 1 (safest); raise for accounts with looser registrar limits.
allowNegativeBalanceWhether the worker may attempt orders even when the registrar reports a negative or zero balance. Most registrars reject such orders anyway — leave false unless you have a registrar that explicitly supports it.
negativeBalanceLimitFloor (signed) on the registrar balance below which orders are blocked. Only consulted when allowNegativeBalance is true.
levelReseller tier level. Required for NICENIC (1, 2, or 3); ignored for every other provider type.
Connect a provider account › Responses
Provider created
Provider auth field schema
Returns the per-provider-type field schema describing which credential fields each registrar expects on connect. Use this to drive a form-builder UI or to sanity-check a POST /providers payload before sending it.
Provider auth field schema › Responses
Field configs per provider type
Balance + health snapshots
Returns the cached health + balance snapshot for every provider you own. Keys are provider ids; values are either an object { ok, balance, currency, ... } or null if no snapshot has been recorded yet (e.g. the provider was just created and the first health-check hasn't run). Snapshots are refreshed by a worker sweep every few minutes — the response is fast but may lag the registrar's live balance.
Balance + health snapshots › Responses
Status map
Disconnect a provider
Removes the provider account from your dashboard. The on-disk credentials are dropped and the Redis status snapshot is invalidated.
Domains owned through this provider remain in the local DB (Most does not delete domains at the registrar). Until you reconnect the same registrar, renew / nameserver / auth-info calls for those domains will fail.
path Parameters
idProvider id.
Disconnect a provider › Responses
Deleted