Hacker News new | comments | show | ask | jobs | submit login
Ask HN: Is there an API for editing DNS records – for *any* domain registrar?
9 points by igammarays 3 months ago | hide | past | web | favorite | 6 comments
I know some domain registrars like dnsimple provide an API for their own registrar service, but I am looking for a single API that works with all the popular registrars out there. The reason is that my users are required to edit their DNS records as part of the onboarding process of my email provider service. This is annoying and difficult for users - they need to find and login to their domain registrar, and copy paste DNS records across carefully. I would prefer the workflow to look like this:

1. User provides credentials for their registrar, such as Gandi, Namecheap, or GoDaddy

2. An API takes those credentials and makes the required changes to their DNS records, and notifies me when those changes have propagated

Anyone have a similar problem, or know of a service that does this?

Terraform supports a bunch of DNS providers out of the box.


Some other providers have third party implementations, or are a WIP. (Worst case, you might have to write a provider yourself).



(I’ve never used Terraform for this myself).

GoDaddy has an API: https://developer.godaddy.com/doc/endpoint/domains

There's also DomainConnect, kind of an evolving standard in this area... maybe worth a look? "Domain Connect is an open standard that makes it easy for a user to configure DNS for a domain running at a DNS provider to work with a Service running at an independent Service Provider. The user can do so without understanding any of the complexities of DNS." https://www.domainconnect.org/

I've had a similar problem but in a professional context. We use dual DNS providers (active-active), and in both providers we used advanced dynamic DNS services (not static records - but think things like DNS directing users to the closest healthy data center).

Both providers offered APIs, but, especially due to the higher-level dynamic DNS offerings we were using, were vastly different.

I ended up implementing a custom tool that uses, believe it or not, DNS zone files, all together versioned in git, as the truth for applying and provisioning changes.

I know it doesn't exactly answer your question, but FWIW when we needed it we had to write it from scratch. Ours is an internal tool, but more recently I've also come across something by Spotify that looks similar in spirit ( https://github.com/Shopify/record_store )

There are a couple of tools that let you mirror records to different providers, via provider-specific APIs. But a general purpose implementation would be hard.

I wrote a system which stores DNS records in text-files, and when git pushes occurs updates Amazon Route53 with their contents - At one point I was considering mirroring records to another DNS provider or two, to remove lock-in, but it seemed like my customers didn't mind.


Giving someone else full access to your DNS who in turn gives that access to a (probably undisclosed) fourth party seems like a really, really bad idea.

Do people really do that?

Note that although many people do use their registrar's name servers, registrar != nameserver. DNS can be hosted elsewhere than the registrar.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact