Skip to search Skip to main content

Introduction

This is the NS1 API (v1) documentation which provides you with the necessary tools for managing zone, records, data sources and feeds, account settings, and any other aspects of your NS1 account. The NS1 API is a standard REST API with JSON responses. The HTTP method you use — GET, PUT, POST, or DELETE — determines the type of action to be taken by the API. Generally, in the case of PUT and POST requests, you will send a JSON body in the request with details about the resource you're creating or updating.

Most API requests are authenticated with a simple API Key, which you must specify in the X-NSONE-Key request header. You can manage your API Keys in the Managed DNS portal (my.nsone.net) or within your Private DNS/DDI portal. You should treat your API Keys as secrets. You should also give them only the minimal access needed for your application.

If you have any questions or experience any issues while using the API, please submit a support ticket or send an email to [email protected].

Client Libraries

Account Management

General

GET /v1/account/settings

GET View account contact details

Returns details about the primary contact associated with the account.

Copy CodeReturns account admin contact details

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/settings

Request URL:

https://api.nsone.net/v1/account/settings

Example Response:

{
  "email": "[email protected]",
  "address": {
    "country": "US",
    "street": "Some Address Suite 2100",
    "state": "NY",
    "city": "New York",
    "postalcode": "10005"
  },
  "phone": "",
  "customerid": 5309,
  "company": "NSONE API Example Account",
  "lastname": "Example",
  "firstname": "API"
}
Expand Code Examples

POST /v1/account/settings

POST Edit account contact details

Modifies the primary contact details associated with the account.

Request body parameters:

firstnamestringFirst name of the account admin
lasttnamestringLast name of the account admin
companystringName of the company associated with the account
addressobjectSet of address details associated with the account
streetstringStreet address associated with the account contact
citystringCity associated with the account contact address
statestringState associated with the account contact address
postalcodestring or integerPostal code associated with the account contact address
countrystringCountry associated with the account contact address
emailstringPrimary email address associated with the account
secondary_emailstringSecondary (backup) email address associated with the account
phonestringPhone number associated with the account
titlestringTitle of the primary contact associated with the account
websitestringCompany website associated with the account

Copy CodeEdits account admin contact details

curl -X POST -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/settings

Request URL:

https://api.nsone.net/v1/account/settings

Example Request:

{
  "lastname": "Smith",
  "firstname": "John"
}

Example Response:

{
  "email": "[email protected]",
  "address": {
    "country": "US",
    "street": "Some Address Suite 2100",
    "state": "NY",
    "city": "New York",
    "postalcode": "10005"
  },
  "phone": "",
  "customerid": 5309,
  "company": "NSONE API Example Account",
  "lastname": "Smith",
  "firstname": "John"
}
Expand Code Examples

GET /v1/account/usagewarnings

GET View overage alert settings

Returns toggles and thresholds used when sending overage warning alert messages to users with billing notifications enabled.

Copy CodeReturns overage alert settings

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/usagewarnings

Request URL:

https://api.nsone.net/v1/account/usagewarnings

Example Response:

{
  "queries": {
    "send_warnings": true,
    "warning_2": 90,
    "warning_1": 80
  },
  "records": {
    "send_warnings": false,
    "warning_2": 80,
    "warning_1": 50
  }
}
Expand Code Examples

POST /v1/account/usagewarnings

POST Edit overage alert settings

Changes alerting toggles and thresholds for overage warning alert messages. First thresholds (warning_1) must be smaller than second ones (warning_2) and all thresholds must be percentages between 0 and 100.

Request body parameters:

recordsobjectObject containing the overage alert settings for records
zonesobjectObject containing the overage alert settings for zones
warning_1integerThreshold (overage percentage) upon which to send the first overage alert
warning_2integerThreshold (overage percentage) upon which to send the second overage alert
send_warningsbooleanIndicates whether or not overage alerts are enabled

Copy CodeEdits overage alert settings

curl -X POST -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/usagewarnings

Request URL:

https://api.nsone.net/v1/account/usagewarnings

Example Request:

{
  "queries": {
    "warning_2": 90
  }
}

Example Response:

{
  "queries": {
    "send_warnings": true,
    "warning_2": 90,
    "warning_1": 60
  },
  "records": {
    "send_warnings": false,
    "warning_2": 80,
    "warning_1": 50
  }
}
Expand Code Examples

User

GET /v1/account/users

GETView all account users

Returns a list of all users with access to the account. Notification settings (notify) and access restrictions (permissions) are included. If any specific access right is omitted from permissionsthen it defaults to true (allowed). In the example below, "New User" is only allowed to manage the example.com zone and can do nothing else in the account; "API Example" has full permissions.

Users may belong to "Teams" in which case they inherit the permissions of the Teams. If a user belongs to multiple Teams, then they inherit the union of permissions of the Teams they belong to. For example, if a user belongs to two Teams, and one Team has the dns.manage_zones permission and the other does not, then the user will have that permission.

If a user does not belong to any Teams, then their permissions may be modified directly and are just for them. If a user does belong to one or more Teams, then the permissions returned with the user are the computed permissions from all the Teams to which they belong and may not be modified directly (instead, modify the relevant Team permissions).

Example Response:

[
  {
    "permissions": {
      "dns": {
        "view_zones": true,
        "manage_zones": true,
        "zones_allow_by_default": false,
        "zones_deny": [],
        "zones_allow": [
          "example.com"
        ],
        "records_allow": [],
        "records_deny": [
          {
            "zone": "example.com",
            "domain": "deny.example.com",
            "include_subdomains": false,
            "type": "A"
          }
        ]
      },
      "data": {
        "push_to_datafeeds": false,
        "manage_datasources": false,
        "manage_datafeeds": false
      },
      "account": {
        "manage_payment_methods": false,
        "manage_plan": false,
        "manage_teams": false,
        "manage_apikeys": false,
        "manage_account_settings": false,
        "view_activity_log": false,
        "view_invoices": false,
        "manage_users": false,
        "manage_ip_whitelist": false
      },
      "monitoring": {
        "manage_lists": false,
        "manage_jobs": false,
        "view_jobs": false
      },
      "security": {
        "manage_global_2fa": false
      }
    },
    "teams": [],
    "email": "[email protected]",
    "last_access": 1376325771,
    "notify": {
      "billing": true
    },
    "name": "API Example",
    "username": "apiexample",
    "ip_whitelist_strict": false,
    "ip_whitelist": []
  },
  {
    "permissions": {
      "dns": {
        "view_zones": true,
        "manage_zones": true,
        "zones_allow_by_default": false,
        "zones_deny": [],
        "zones_allow": [
          "example.com"
        ],
        "records_allow": [],
        "records_deny": [
          {
            "zone": "example.com",
            "domain": "deny.example.com",
            "include_subdomains": false,
            "type": "A"
          }
        ]
      },
      "data": {
        "push_to_datafeeds": false,
        "manage_datasources": false,
        "manage_datafeeds": false
      },
      "account": {
        "manage_payment_methods": false,
        "manage_plan": false,
        "manage_teams": false,
        "manage_apikeys": false,
        "manage_account_settings": false,
        "view_activity_log": false,
        "view_invoices": false,
        "manage_users": false,
        "manage_ip_whitelist": false
      },
      "monitoring": {
        "manage_lists": false,
        "manage_jobs": false,
        "view_jobs": false
      },
      "security": {
        "manage_global_2fa": false
      }
    },
    "email": "[email protected]",
    "last_access": null,
    "notify": {
      "billing": true
    },
    "name": "New User",
    "username": "newuser",
    "ip_whitelist_strict": false,
    "ip_whitelist": [],
    "shared_auth": {
      "saml": {
        "sso": false,
        "idp": {
          "use_metadata_url": null,
          "metadata_url": null,
          "metadata_file": null,
          "provider": null
        }
      }
    },
    "2fa_enabled": false
  }
]
Expand Code Examples

GET /v1/account/users/:username

GETView user details

Returns details for the user specified in the URL path by their username.

Path Parameters:

usernamestring(Required) Username of the account user for whom you are requesting details.


Copy CodeReturns user details

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/users/:username

Example Response:

{
  "permissions": {
    "dns": {
      "view_zones": true,
      "manage_zones": true,
      "zones_allow_by_default": false,
      "zones_deny": [],
      "zones_allow": [
        "example.com"
      ],
      "records_allow": [],
      "records_deny": [
        {
          "zone": "example.com",
          "domain": "deny.example.com",
          "include_subdomains": false,
          "type": "AAAA"
        }
      ]
    },
    "data": {
      "push_to_datafeeds": false,
      "manage_datasources": false,
      "manage_datafeeds": false
    },
    "account": {
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_account_settings": false,
      "view_activity_log": false,
      "view_invoices": false,
      "manage_users": false,
      "manage_ip_whitelist": false
    },
    "monitoring": {
      "manage_lists": false,
      "manage_jobs": false,
      "view_jobs": false
    },
    "security": {
      "manage_global_2fa": false
    }
  },
  "teams": [
    "520422919f782d37dffb588a"
  ],
  "email": "[email protected]",
  "last_access": null,
  "notify": {
    "billing": true
  },
  "name": "New User",
  "username": "newuser",
  "ip_whitelist_strict": false,
  "ip_whitelist": []
}
Expand Code Examples

PUT /v1/account/users

PUTCreate a new user

Creates a new user within the current NS1 account.

If adding a user to your Managed DNS account, executing this command will automatically send an invitation email to the user's email address. Users can click to set a password and log into https://my.nsone.net. The user cannot log into their Managed DNS account until they accept the invitation and set a password.

If adding a user to your Enterprise DDI account, an invite token is included in the response (next to invite_token). Provide this invite token to the user and instruct them to go to the invite URL (ex. http://{portal.mycompany.net}/#/invite/{invite_token} replacing portal.mycompany.net with your specific DDI portal FQDN). The user will set the password on this webpage.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property (ex. ip_whitelist: ['104.20.48.182', '104.20.49.0/24']).

Request Body Parameters:

usernamestring(Required) Username for the new account user. Must be between 3-64 characters.
emailstring(Required) Email address associated with the new user. This is where the invite email and other notifications, if applicable, are sent.
namestringFull name of the new user.
teamsarray of stringsArray of team IDs corresponding to teams with which to associate this user. If assigned to a team, the user inherits the permissions set for that team.
ip_whitelist_strictbooleanSet to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ip_whitelistarray of stringsArray of IP addresses/networks to which to grant the user access. Optionally, set the ip_whitelist_strict field to true to restrict access to only those IP addresses/networks listed in this field.
notifyobjectSet of supported notifications to enable or disable for this user.
billingboolean(part of notify object) Enables or disables notifications related to account billing events.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the user to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the user to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the user to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the user to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the user to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the user to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the user to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the user to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the user to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the user must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the user to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the user to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the user to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the user to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the user to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the user to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the user to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the user to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the user to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the user.
zones_denyarray of strings(part of dns object) List of specific zones to which the user is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the user.
records_allowarray of objects(part of dns object) Array of specific record to which the user is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the user is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the user to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the user to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the user to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the user to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the user to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the user to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the user to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the user to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the user to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the user to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the user to modify DDI service (container/node) configurations. (DDI only)



Example Request:

{
  "username": "newuser",
  "email": "[email protected]",
  "name": "New User",
  "teams": [],
  "permissions": {
    "data": {
      "push_to_datafeeds": false,
      "manage_datafeeds": false,
      "manage_datasources": false
    },
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "zones_deny": [],
      "zones_allow_by_default": false,
      "manage_zones": false,
      "view_zones": true,
      "records_allow": [
        {
          "zone": "example.com",
          "domain": "example.com",
          "include_subdomains": false
        },
        {
          "zone": "example.com"
        }
      ],
      "records_deny": [
        {
          "zone": "example.com",
          "domain": "deny.example.com",
          "type": "MX"
        },
        {
          "zone": "foo.bar",
          "domain": "deny.example.com",
          "include_subdomains": true,
          "type": "A"
        },
        {
          "zone": "wha.what",
          "type": "AAAA"
        },
        {
          "zone": "example.com",
          "type": "DNSSEC"
        },
        {
          "zone": "another.example",
          "domain": "noway.example.com"
        }
      ]
    },
    "monitoring": {
      "manage_lists": false,
      "manage_jobs": false,
      "view_jobs": false
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}

Example Response:

{
  "2fa_enabled": true,
  "created": 0,
  "invite_token": "string",
  "last_access": null,
  "username": "some_username69",
  "shared_auth": {
    "saml": {
      "sso": true,
      "idp": {
        "use_metadata_url": null,
        "metadata_url": null,
        "metadata_file": null,
        "provider": null
      }
    }
  },
  "email": "string",
  "ip_whitelist": [
    "strings"
  ],
  "ip_whitelist_strict": true,
  "name": "string",
  "notify": {
    "billing": true
  },
  "permissions": {
    "account": {
      "manage_account_settings": true,
      "manage_teams": true,
      "manage_users": true,
      "manage_apikeys": true,
      "manage_ip_whitelist": true,
      "view_activity_log": true,
      "manage_payment_methods": true,
      "manage_plan": true,
      "view_invoices": true,
      "manage_auth_tags": true,
      "manage_service": true,
      "view_service": true
    },
    "data": {
      "manage_datasources": true,
      "manage_datafeeds": true,
      "push_to_datafeeds": true
    },
    "dhcp": {
      "manage_dhcp": true,
      "view_dhcp": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "dns": {
      "manage_zones": true,
      "view_zones": true,
      "zones_allow_by_default": true,
      "zones_allow": [
        "foo.bar.com"
      ],
      "zones_deny": [
        "foo.bar.com"
      ],
      "records_allow": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ],
      "records_deny": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ]
    },
    "ipam": {
      "manage_ipam": true,
      "view_ipam": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "monitoring": {
      "manage_lists": true,
      "manage_jobs": true,
      "view_jobs": true
    },
    "security": {
      "manage_global_2fa": true,
      "manage_active_directory": true,
      "manage_kerberos": true,
      "manage_ddns": true
    },
    "service": {
      "view_config": true,
      "manage_config": true
    }
  },
  "teams": [
    "50eb9d77830f784f98b0dd59"
  ]
}
Expand Code Examples

POST /v1/account/users/:username

POSTEdit user details

Updates settings for an existing user.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property (ex. ip_whitelist: ['104.20.48.182', '104.20.49.0/24']).

Path Parameters:

usernamestring(Required) Username associated with the user you are editing.


Request Body Parameters:

emailstring(Required) Email address associated with the new user. This is where the invite email and other notifications, if applicable, are sent.
namestringFull name of the new user.
teamsarray of stringsArray of team IDs corresponding to teams with which to associate this user. If assigned to a team, the user inherits the permissions set for that team.
ip_whitelist_strictbooleanSet to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ip_whitelistarray of stringsArray of IP addresses/networks to which to grant the user access. Optionally, set the ip_whitelist_strict field to true to restrict access to only those IP addresses/networks listed in this field.
notifyobjectSet of supported notifications to enable or disable for this user.
billingboolean(part of notify object) Enables or disables notifications related to account billing events.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the user to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the user to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the user to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the user to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the user to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the user to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the user to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the user to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the user to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the user must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the user to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the user to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the user to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the user to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the user to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the user to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the user to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the user to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the user to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the user.
zones_denyarray of strings(part of dns object) List of specific zones to which the user is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the user.
records_allowarray of objects(part of dns object) Array of specific record to which the user is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the user is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the user to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the user to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the user to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the user will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the user to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the user to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the user to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the user to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the user to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the user to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the user to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the user to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the user to modify DDI service (container/node) configurations. (DDI only)



Copy CodeEdits the name of an existing user

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"name": "Jane Smith"}' https://api.nsone.net/v1/account/users/jsmith

Example Response:

{
  "permissions": {
    "dns": {
      "view_zones": true,
      "manage_zones": true,
      "zones_allow_by_default": false,
      "zones_deny": [],
      "zones_allow": [
        "example.com"
      ],
      "records_allow": [],
      "records_deny": [
        {
          "zone": "example.com",
          "domain": "deny.example.com",
          "include_subdomains": false,
          "type": "A"
        }
      ]
    },
    "data": {
      "push_to_datafeeds": false,
      "manage_datasources": false,
      "manage_datafeeds": false
    },
    "account": {
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_account_settings": false,
      "view_activity_log": false,
      "view_invoices": false,
      "manage_users": false,
      "manage_ip_whitelist": false
    },
    "monitoring": {
      "manage_lists": false,
      "manage_jobs": false,
      "view_jobs": false
    },
    "security": {
      "manage_global_2fa": false
    }
  },
  "teams": [],
  "email": "[email protected]",
  "last_access": null,
  "notify": {
    "billing": true
  },
  "name": "Jane Smith",
  "username": "newuser",
  "ip_whitelist_strict": false,
  "ip_whitelist": []
}

ParameterTypeDescriptionRequired?
usernameStringYes
Expand Code Examples

DELETE /v1/account/users/username

DELETERemove a user

Deletes a user from the account. They will no longer be able to log into my.nsone.net. There is no response other than the HTTP status code.

Path Parameters:

usernamestring(Required) Username for the account user you are deleting.

Copy CodeDeletes the account user

curl -X DELETE -H "X-NSONE-Key: $API_KEY" http://api.nsone.net/v1/account/users/:username

POST /v1/account/reinvite/:username

POSTResend invitation to a user

In the event that a user does not receive their invitation email or the invitation has expired, you may resend the invitation. There is no response other than the HTTP status code. Note that if the user has already logged into their account, you will not be able to resent the invitation. Instead, the user should click the "Forgot Password" link on the login page to verify their email address and reset their password.

Path Parameters:

usernamestring(Required) Username for the user to whom you are resending the invitation.

Request Body Parameters:

emailstringEmail address associated with the user
namestringFull name of the user
usernamestringUsername for the user


Copy CodeInvite a new user with full access to your account

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"username":"newuser", "name":"New User", "email":"[email protected]"}' https://api.nsone.net/v1/account/users/newuser

An invitation email will be sent to [email protected] allowing them to set a password and log in to my.nsone.net.

DELETE /v1/account/2factor/reset/:username

DELETEReset two-factor authentication (2FA) for user

This operation resets two-factor authentication (2FA) for user specified by their username. Once cleared, the user can log into the portal normally. If enabled globally, the user will be prompted to set up 2FA upon login.

Copy CodeClears existing 2FA configuration for the specified user

curl -X DELETE -H "X-NSONE-KEY:key" https://api.nsone.net/v1/account/2factor/reset/{username}

Example Response:

2FA disabled for user '{userId}'
Expand Code Examples

API key

GET /v1/account/apikeys

GETList all API keys

Returns a list of all API Keys under the account, including access rights (permissions) and the actual key to be used when contacting the NSONE API. API keys may belong to teams with the same conditions as users.

Copy CodeReturns a list of API keys

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.mycompany.net/v1/account/apikeys

Example Response:

[
  {
    "ip_whitelist_strict": false,
    "name": "MyAPIKey",
    "key": "abcdefghijklmnopqrst",
    "ip_whitelist": [],
    "last_access": null,
    "teams": [],
    "id": "5d727dc9f1e0e100621352a6",
    "permissions": {
      "account": {
        "manage_account_settings": true,
        "manage_apikeys": true,
        "manage_users": true,
        "manage_teams": true,
        "view_activity_log": true,
        "manage_ip_whitelist": true
      },
      "ipam": {
        "view_ipam": true,
        "manage_ipam": true,
        "tags_allow": [
          {
            "name": "auth:allow1"
          },
          {
            "name": "auth:allow2"
          },
          {
            "name": "auth:zip",
            "value": "07030"
          },
          {
            "name": "auth:lat_lon",
            "value": "+12.345-098.765"
          }
        ],
        "tags_deny": [
          {
            "name": "auth:deny1"
          },
          {
            "name": "auth:deny2"
          },
          {
            "name": "auth:zip",
            "value": "90210"
          },
          {
            "name": "auth:lat_lon",
            "value": "+16.345-096.765"
          }
        ]
      },
      "dns": {
        "zones_allow": [
          "example.com"
        ],
        "manage_zones": true,
        "zones_allow_by_default": true,
        "view_zones": true
      },
      "dhcp": {
        "manage_dhcp": true,
        "view_dhcp": true
      },
      "security": {
        "manage_global_2fa": true
      },
      "data": {
        "manage_datafeeds": true,
        "manage_datasources": true,
        "push_to_datafeeds": true
      }
    }
  }
]
Expand Code Examples

GET https://api.nsone.net/v1/account/apikeys/:keyid

GETView API key details

Returns details, including permissions, for a single API Key. Note: do not use the API Key itself as the keyid in the URL — use the id of the key. Keep the API Key string secret — it grants access to your account!

Request URL:

https://api.nsone.net/v1/account/apikeys/:keyid

Example URL:

https://api.nsone.net/v1/account/apikeys/520422919f782d37dffb588a

Example Response:

{
  "permissions": {
    "dns": {
      "zones_allow_by_default": true,
      "view_zones": true,
      "zones_deny": [],
      "manage_zones": true,
      "zones_allow": []
    },
    "data": {
      "push_to_datafeeds": true,
      "manage_datasources": true,
      "manage_datafeeds": true
    },
    "account": {
      "manage_payment_methods": true,
      "manage_plan": true,
      "manage_teams": true,
      "manage_apikeys": true,
      "manage_account_settings": true,
      "view_activity_log": true,
      "view_invoices": true,
      "manage_users": true
    },
    "monitoring": {
      "manage_lists": false,
      "manage_jobs": false,
      "view_jobs": false
    }
  },
  "teams": ["52276047830f787e2ff88d4c"],
  "id": "520422919f782d37dffb588a",
  "last_access": null,
  "key": "rifGeRNMshCOKwlaYBcu",
  "name": "API Example App",
  "ip_whitelist_strict": false,
  "ip_whitelist": []
}

ParameterTypeDescriptionRequired?
keyidStringYes
Expand Code Examples

PUT /v1/account/apikeys

PUTCreate an API key

Creates a new API key and returns the API key string in the key field in the response.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property (ex. ip_whitelist: ['104.20.48.182', '104.20.49.0/24']).

Request Body Parameters:

ip_whitelist_strictbooleanSet to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
namestringName of the API key you are creating (2-64 characters).
ip_whitelistarray of stringsArray of IP addresses/networks to which to grant the API key access. Optionally, set the ip_whitelist_strict field to true to restrict access to only those IP addresses/networks listed in this field.
teamsarray of stringsOne or more teams with which this API key is associated. If assigned to a team, the API key inherits the permissions set for that team.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the API key to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the API key to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the API key to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the API key to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the API key to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the API key to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the API key to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the API key to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the API key to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the API key must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the API key to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the API key to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the API key to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the API key to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the API key to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the API key to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the API key to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the API key to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the API key to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the API key.
zones_denyarray of strings(part of dns object) List of specific zones to which the API key is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the API key.
records_allowarray of objects(part of dns object) Array of specific record to which the API key is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the API key is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the API key to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the API key to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the API key to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the API key to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the API key to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the API key to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the API key to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the API key to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the API key to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the API key to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the API key to modify DDI service (container/node) configurations. (DDI only)



Copy CodeCreate an API Key that can only view one zone

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"name":"My Application", "permissions":{"dns":{"view_zones":true, "manage_zones":false, "zones_allow_by_default":false, "zones_allow":["example.com"]}, "account":{"manage_account_settings":false, "manage_payment_methods":false, "manage_plan":false, "manage_teams":false, "manage_users":false, "manage_apikeys":false, "view_activity_log":false, "view_invoices":false}, "data":{"manage_datasources":false, "manage_datafeeds":false, "push_to_datafeeds":false}, "monitoring":{"manage_lists":false, "manage_jobs":false, "view_jobs":false} }}' https://api.nsone.net/v1/account/apikeys

You must explicitly deny permissions you do not want a new API Key (or User) to have. Since zones_allow_by_default is false, the user will have access only to zones in zones_allow. We grant this user access to example.com only — and since they only have view_zones access, they can only look at the zone's configuration and stats, and can make no changes.

Example Request:

{
  "ip_whitelist_strict": true,
  "name": "string",
  "key": "stringstringstringst",
  "ip_whitelist": [
    "strings"
  ],
  "last_access": null,
  "teams": [
    "50eb9d77830f784f98b0dd59"
  ],
  "id": "string",
  "permissions": {
    "account": {
      "manage_account_settings": true,
      "manage_teams": true,
      "manage_users": true,
      "manage_apikeys": true,
      "manage_ip_whitelist": true,
      "view_activity_log": true,
      "manage_payment_methods": true,
      "manage_plan": true,
      "view_invoices": true,
      "manage_auth_tags": true,
      "manage_service": true,
      "view_service": true
    },
    "data": {
      "manage_datasources": true,
      "manage_datafeeds": true,
      "push_to_datafeeds": true
    },
    "dhcp": {
      "manage_dhcp": true,
      "view_dhcp": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "dns": {
      "manage_zones": true,
      "view_zones": true,
      "zones_allow_by_default": true,
      "zones_allow": [
        "foo.bar.com"
      ],
      "zones_deny": [
        "foo.bar.com"
      ],
      "records_allow": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ],
      "records_deny": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ]
    },
    "ipam": {
      "manage_ipam": true,
      "view_ipam": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "monitoring": {
      "manage_lists": true,
      "manage_jobs": true,
      "view_jobs": true
    },
    "security": {
      "manage_global_2fa": true,
      "manage_active_directory": true,
      "manage_kerberos": true,
      "manage_ddns": true
    },
    "service": {
      "view_config": true,
      "manage_config": true
    }
  }
}

Example Response:

{
  "ip_whitelist_strict": true,
  "name": "string",
  "key": "stringstringstringst",
  "ip_whitelist": [
    "strings"
  ],
  "last_access": null,
  "teams": [
    "50eb9d77830f784f98b0dd59"
  ],
  "id": "string",
  "permissions": {
    "account": {
      "manage_account_settings": true,
      "manage_teams": true,
      "manage_users": true,
      "manage_apikeys": true,
      "manage_ip_whitelist": true,
      "view_activity_log": true,
      "manage_payment_methods": true,
      "manage_plan": true,
      "view_invoices": true,
      "manage_auth_tags": true,
      "manage_service": true,
      "view_service": true
    },
    "data": {
      "manage_datasources": true,
      "manage_datafeeds": true,
      "push_to_datafeeds": true
    },
    "dhcp": {
      "manage_dhcp": true,
      "view_dhcp": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "dns": {
      "manage_zones": true,
      "view_zones": true,
      "zones_allow_by_default": true,
      "zones_allow": [
        "foo.bar.com"
      ],
      "zones_deny": [
        "foo.bar.com"
      ],
      "records_allow": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ],
      "records_deny": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ]
    },
    "ipam": {
      "manage_ipam": true,
      "view_ipam": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "monitoring": {
      "manage_lists": true,
      "manage_jobs": true,
      "view_jobs": true
    },
    "security": {
      "manage_global_2fa": true,
      "manage_active_directory": true,
      "manage_kerberos": true,
      "manage_ddns": true
    },
    "service": {
      "view_config": true,
      "manage_config": true
    }
  }
}
Expand Code Examples

POST /v1/account/apikeys/:keyID

POSTEdit an API key

Updates the settings for the API key specified in the URL path by its unique keyID and returns the API key string in the key field in the response.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property (ex. ip_whitelist: ['104.20.48.182', '104.20.49.0/24']).

Path Parameters:

keyIDstringUnique identifier for the API key. This value is returned in the response after creating an API key and can be viewed by executing an API call to view API key details.


Request Body Parameters:

ip_whitelist_strictbooleanSet to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
namestringName of the API key you are creating (2-64 characters).
ip_whitelistarray of stringsArray of IP addresses/networks to which to grant the API key access. Optionally, set the ip_whitelist_strict field to true to restrict access to only those IP addresses/networks listed in this field.
teamsarray of stringsOne or more team IDs corresponding to teams with which this API key is associated. If assigned to a team, the API key inherits the permissions set for that team.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the API key to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the API key to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the API key to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the API key to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the API key to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the API key to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the API key to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the API key to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the API key to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the API key must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the API key to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the API key to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the API key to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the API key to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the API key to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the API key to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the API key to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the API key to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the API key to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the API key.
zones_denyarray of strings(part of dns object) List of specific zones to which the API key is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the API key.
records_allowarray of objects(part of dns object) Array of specific record to which the API key is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the API key is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the API key to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the API key to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the API key to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the API key will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the API key to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the API key to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the API key to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the API key to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the API key to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the API key to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the API key to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the API key to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the API key to modify DDI service (container/node) configurations. (DDI only)



Example Request:

{
  "ip_whitelist_strict": true,
  "name": "string",
  "key": "stringstringstringst",
  "ip_whitelist": [
    "strings"
  ],
  "last_access": null,
  "teams": [
    "50eb9d77830f784f98b0dd59"
  ],
  "id": "string",
  "permissions": {
    "account": {
      "manage_account_settings": true,
      "manage_teams": true,
      "manage_users": true,
      "manage_apikeys": true,
      "manage_ip_whitelist": true,
      "view_activity_log": true,
      "manage_payment_methods": true,
      "manage_plan": true,
      "view_invoices": true,
      "manage_auth_tags": true,
      "manage_service": true,
      "view_service": true
    },
    "data": {
      "manage_datasources": true,
      "manage_datafeeds": true,
      "push_to_datafeeds": true
    },
    "dhcp": {
      "manage_dhcp": true,
      "view_dhcp": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "dns": {
      "manage_zones": true,
      "view_zones": true,
      "zones_allow_by_default": true,
      "zones_allow": [
        "foo.bar.com"
      ],
      "zones_deny": [
        "foo.bar.com"
      ],
      "records_allow": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ],
      "records_deny": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ]
    },
    "ipam": {
      "manage_ipam": true,
      "view_ipam": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "monitoring": {
      "manage_lists": true,
      "manage_jobs": true,
      "view_jobs": true
    },
    "security": {
      "manage_global_2fa": true,
      "manage_active_directory": true,
      "manage_kerberos": true,
      "manage_ddns": true
    },
    "service": {
      "view_config": true,
      "manage_config": true
    }
  }
}

Example Response:

{
  "ip_whitelist_strict": true,
  "name": "string",
  "key": "stringstringstringst",
  "ip_whitelist": [
    "strings"
  ],
  "last_access": null,
  "teams": [
    "50eb9d77830f784f98b0dd59"
  ],
  "id": "string",
  "permissions": {
    "account": {
      "manage_account_settings": true,
      "manage_teams": true,
      "manage_users": true,
      "manage_apikeys": true,
      "manage_ip_whitelist": true,
      "view_activity_log": true,
      "manage_payment_methods": true,
      "manage_plan": true,
      "view_invoices": true,
      "manage_auth_tags": true,
      "manage_service": true,
      "view_service": true
    },
    "data": {
      "manage_datasources": true,
      "manage_datafeeds": true,
      "push_to_datafeeds": true
    },
    "dhcp": {
      "manage_dhcp": true,
      "view_dhcp": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "dns": {
      "manage_zones": true,
      "view_zones": true,
      "zones_allow_by_default": true,
      "zones_allow": [
        "foo.bar.com"
      ],
      "zones_deny": [
        "foo.bar.com"
      ],
      "records_allow": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ],
      "records_deny": [
        {
          "zone": "foo.bar.com",
          "domain": "*.foo.bar.com",
          "include_subdomains": true,
          "type": "string"
        }
      ]
    },
    "ipam": {
      "manage_ipam": true,
      "view_ipam": true,
      "tags_allow": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "tags_deny": [
        {
          "name": "string",
          "value": "string"
        }
      ]
    },
    "monitoring": {
      "manage_lists": true,
      "manage_jobs": true,
      "view_jobs": true
    },
    "security": {
      "manage_global_2fa": true,
      "manage_active_directory": true,
      "manage_kerberos": true,
      "manage_ddns": true
    },
    "service": {
      "view_config": true,
      "manage_config": true
    }
  }
}
Expand Code Examples

DELETE /v1/account/apikeys/:keyid

DELETEDelete an API key

Deletes an API key specified in the URL path by its unique key ID. Any applications, scripts, or tools you have that are using this API Key will no longer be able to access your account. There is no response other than the HTTP status code.

Path Parameters:

keyIDstringUnique identifier for the API key.


Copy CodeDeletes the API key

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/apikeys/:keyid

Team

GET /v1/account/teams

GETView all teams

Returns a list of all teams associated with the account—including access rights (permissions) associated with users and API keys in the team.

Copy CodeReturns a list of teams

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/teams

Example Response:

[
  {
    "id": "50eb9d77830f784f98b0dd59",
    "name": "string",
    "permissions": {
      "account": {
        "manage_account_settings": true,
        "manage_teams": true,
        "manage_users": true,
        "manage_apikeys": true,
        "manage_ip_whitelist": true,
        "view_activity_log": true,
        "manage_payment_methods": true,
        "manage_plan": true,
        "view_invoices": true,
        "manage_auth_tags": true,
        "manage_service": true,
        "view_service": true
      },
      "data": {
        "manage_datasources": true,
        "manage_datafeeds": true,
        "push_to_datafeeds": true
      },
      "dhcp": {
        "manage_dhcp": true,
        "view_dhcp": true,
        "tags_allow": [
          {
            "name": "string",
            "value": "string"
          }
        ],
        "tags_deny": [
          {
            "name": "string",
            "value": "string"
          }
        ]
      },
      "dns": {
        "manage_zones": true,
        "view_zones": true,
        "zones_allow_by_default": true,
        "zones_allow": [
          "foo.bar.com"
        ],
        "zones_deny": [
          "foo.bar.com"
        ],
        "records_allow": [
          {
            "zone": "foo.bar.com",
            "domain": "*.foo.bar.com",
            "include_subdomains": true,
            "type": "string"
          }
        ],
        "records_deny": [
          {
            "zone": "foo.bar.com",
            "domain": "*.foo.bar.com",
            "include_subdomains": true,
            "type": "string"
          }
        ]
      },
      "ipam": {
        "manage_ipam": true,
        "view_ipam": true,
        "tags_allow": [
          {
            "name": "string",
            "value": "string"
          }
        ],
        "tags_deny": [
          {
            "name": "string",
            "value": "string"
          }
        ]
      },
      "monitoring": {
        "manage_lists": true,
        "manage_jobs": true,
        "view_jobs": true
      },
      "security": {
        "manage_global_2fa": true,
        "manage_active_directory": true,
        "manage_kerberos": true,
        "manage_ddns": true
      },
      "service": {
        "view_config": true,
        "manage_config": true
      }
    },
    "ip_whitelist": [
      {
        "id": "string",
        "name": "string",
        "values": [
          "string"
        ]
      }
    ]
  }
]
Expand Code Examples

GET /v1/account/teams/:teamid

GETView team details

Returns configuration settings including permissions for the team specified in the URL path by its unique team ID.

Path Parameters:

teamIDstringUnique identifier for the team

Copy CodeReturns details for the team

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/teams/:teamid

Example Response:

{
  "id": "5d839a45a38fef004eb22f25",
  "ip_whitelist": [],
  "name": "Test team",
  "permissions": {
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "data": {
      "manage_datafeeds": false,
      "manage_datasources": false,
      "push_to_datafeeds": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "manage_zones": false,
      "zones_allow_by_default": false,
      "view_zones": true
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}
Expand Code Examples

PUT /v1/account/teams

PUTCreate a new team

Creates a new team within the current NS1 account. After creating the team, you can associate users and API keys with this team by adding the team ID to the team property within the user and API key objects. All users and API keys associated with the team will inherit the permissions set at the team level and all permission settings applied to the individual user or key are ignored.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property. In contrast to the user and API key objects, teams support names on the whitelist records (i.e. ip_whitelist: [ {'name': 'Home Whitelist', 'values': ['104.20.48.182'], {'name': 'Multi Whitelist', 'values': ['104.20.49.0/24', '104.20.50.1']} ]).

Request Body Parameters:

namestringName for the team
ip_whitelistarray of objectsArray of IP addresses objects to which to grant the team access. Each object includes an id (string), name (string), and values (array of strings) associated with each "allow" list.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the team to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the team to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the team to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the team to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the team to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the team to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the team to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the team to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the team to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the team must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the team to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the team to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the team to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the team to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the team to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the team to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the team to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the team to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the team to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the team.
zones_denyarray of strings(part of dns object) List of specific zones to which the team is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the team.
records_allowarray of objects(part of dns object) Array of specific record to which the team is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the team is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the team to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the team to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the team to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the team to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the team to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the team to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the team to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the team to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the team to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the team to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the team to modify DDI service (container/node) configurations. (DDI only)



Example Request:

{
  "name": "Test team",
  "ip_whitelist": [],
  "permissions": {
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "data": {
      "push_to_datafeeds": false,
      "manage_datafeeds": false,
      "manage_datasources": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "zones_allow_by_default": false,
      "manage_zones": false,
      "view_zones": true
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}

Example Response:

{
  "id": "5d839a45a38fef004eb22f25",
  "ip_whitelist": [],
  "name": "Test team",
  "permissions": {
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "data": {
      "manage_datafeeds": false,
      "manage_datasources": false,
      "push_to_datafeeds": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "manage_zones": false,
      "zones_allow_by_default": false,
      "view_zones": true
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}
Expand Code Examples

POST /v1/account/teams/:teamid

POSTEdit team details

Modifies a new team within the current NS1 account.

Important note about API key security: NS1 recommends restricting access to your API key and reducing permissions only to include what the application requires. Keep your API key secret. If it is compromised, delete the API key immediately. Restrict access to this key by applying IP addresses or CIDR blocks in the ip_whitelist property. In contrast to the user and API key objects, teams support names on the whitelist records (i.e. ip_whitelist: [ {'name': 'Home Whitelist', 'values': ['104.20.48.182'], {'name': 'Multi Whitelist', 'values': ['104.20.49.0/24', '104.20.50.1']} ]).

Path Parameters:

teamidstring(Required) Unique identifier for the team you are editing.


Request Body Parameters:

namestringName for the team
ip_whitelistarray of objectsArray of IP addresses objects to which to grant the team access. Each object includes an id (string), name (string), and values (array of strings) associated with each "allow" list.
permissionsobjectAll supported permissions
accountobject(part of permissions object) Group of account-related permissions.
manage_account_settingsboolean(part of account object) Allows (or prevents, if false) the team to manage account settings.
manage_teamsboolean(part of account object) Allows (or prevents, if false) the team to create or update teams.
manage_usersboolean(part of account object) Allows (or prevents, if false) the team to create or update users.
manage_apikeysboolean(part of account object) Allows (or prevents, if false) the team to create or update API keys.
manage_ip_whitelistboolean(part of account object) Allows (or prevents, if false) the team to create or update IP "allow" lists.
view_activity_logboolean(part of account object) Allows (or prevents, if false) the team to view the account activity log.
manage_payment_methodsboolean(part of account object) Allows (or prevents, if false) the team to manage account payment methods.
view_invoicesboolean(part of account object) Allows (or prevents, if false) the team to view account invoices.
manage_auth_tagsboolean(part of account object) Allows (or prevents, if false) the team to create and edit authorization of ('auth:') tags. Auth tags determine access controls to view or manage resources. Auth tags control access, so the team must also have the 'manage_auth_keys' permission set to true.
manage_serviceboolean(part of account object) Allows (or prevents, if false) the team to create and modify services. (DDI only)
view_serviceboolean(part of account object) Allows (or prevents, if false) the team to view services. (DDI only)
dataobject(part of permissions object) Group of data-related permissions.
manage_datasourcesboolean(part of data object) Allows (or prevents, if false) the team to create and modify data sources.
manage_datafeedsboolean(part of data object) Allows (or prevents, if false) the team to create and modify data feeds.
push_to_datafeedsboolean(part of data object) Allows (or prevents, if false) the team to push data to NS1 data feeds.
dhcpobject(part of permissions object) Group of DHCP-related permissions.
manage_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the team to manage DHCP configuration settings.
view_dhcpboolean(part of dhcp object) Allows (or prevents, if false) the team to view DHCP configuration settings.
tags_allowarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to grant access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of DHCP tag permission specifiers used to deny access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
dnsobject(part of permissions object) Group of DNS-related permissions.
manage_zonesboolean(part of dns object) Allows (or prevents, if false) the team to create or modify zones.
view_zonesboolean(part of dns object) Allows (or prevents, if false) the team to view zones.
zones_allow_by_defaultboolean(part of dns object) Set to true to allow access to all zones except for those listed under zones_deny. Set to false to deny access to all zones by default except for those listed under zones_allow.
zones_allowarray of strings(part of dns object) List of specific zones to which the API key is allowed access. If zones_allow_by_default property is set to false, the zones listed next to the zones_allow property are the only zones accessible to the team.
zones_denyarray of strings(part of dns object) List of specific zones to which the team is denied access. If zones_allow_by_default property is set to true, the zones listed next to the zones_deny property are the only zones not accessible to the team.
records_allowarray of objects(part of dns object) Array of specific record to which the team is allowed access.
records_denyarray of objects(part of dns object) Array of specific record to which the team is denied access.
zonestring(Required; part of records_allow and/or records_deny objects) Name of the zone to which the record belongs.
domainstring(Required; part of records_allow and/or records_deny objects) Domain name associated with the record.
include_subdomainsboolean(Required; part of records_allow and/or records_deny objects) If a domain is specified, set to "true" to apply the same permissions to all subdomains.
typestring(Required; part of records_allow and/or records_deny objects) Type of record to which you are allowing or denying access.
ipamobject(part of permissions object) Group of IPAM-related permissions.
manage_ipamboolean(part of ipam object) Allows (or prevents, if false) the team to manage IPAM settings.
view_ipamboolean(part of ipam object) Allows (or prevents, if false) the team to view IPAM settings.
tags_allowarray of objects(part of ipam object) List of IPAM tag permission specifiers used to grant access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will have access to those objects with the matching name. If both a name and value are provided, both must match in order to grant access.
tags_denyarray of objects(part of dhcp object) List of IPAM tag permission specifiers used to deny access for the team to specific objects containing the same tag. Each tag includes a name (required) and a value (optional). If just a name is provided, the team will be denied access to those objects with the matching name. If both a name and value are provided, both must match in order to deny access.
monitoringobject(part of permissions object) Group of monitoring-related permissions.
manage_listsboolean(part of monitoring object) Allows (or prevents, if false) the team to create or modify notification lists.
manage_jobsboolean(part of monitoring object) Allows (or prevents, if false) the team to create or modify monitoring jobs.
view_jobsboolean(part of monitoring object) Allows (or prevents, if false) the team to view monitoring jobs.
securityobject(part of permissions object) Group of security-related permissions.
manage_global_2faboolean(part of security object) Allows (or prevents, if false) the team to manage global two-factor authentication (2FA) settings.
manage_active_directoryboolean(part of security object) Allows (or prevents, if false) the team to manage Active Directory settings. (DDI only)
manage_kerberosboolean(part of security object) Allows (or prevents, if false) the team to manage Kerberos settings. (DDI only)
manage_ddnsboolean(part of security object) Allows (or prevents, if false) the team to manage dynamic DNS (DDNS) settings. (DDI only)
serviceobject(part of permissions object) Group of DDI service-related permissions. (DDI only)
view_configboolean(part of service object) Allows (or prevents, if false) the team to view DDI service (container/node) configurations. (DDI only)
manage_configboolean(part of service object) Allows (or prevents, if false) the team to modify DDI service (container/node) configurations. (DDI only)



Example Request:

{
  "name": "Test team",
  "ip_whitelist": [],
  "permissions": {
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "data": {
      "push_to_datafeeds": false,
      "manage_datafeeds": false,
      "manage_datasources": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "zones_allow_by_default": false,
      "manage_zones": false,
      "view_zones": true
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}

Example Response:

{
  "id": "5d839a45a38fef004eb22f25",
  "ip_whitelist": [],
  "name": "Test team",
  "permissions": {
    "account": {
      "view_invoices": false,
      "view_activity_log": false,
      "manage_teams": false,
      "manage_apikeys": false,
      "manage_users": false,
      "manage_payment_methods": false,
      "manage_plan": false,
      "manage_account_settings": false,
      "manage_ip_whitelist": false
    },
    "data": {
      "manage_datafeeds": false,
      "manage_datasources": false,
      "push_to_datafeeds": false
    },
    "dns": {
      "zones_allow": [
        "example.com"
      ],
      "manage_zones": false,
      "zones_allow_by_default": false,
      "view_zones": true
    },
    "security": {
      "manage_global_2fa": false
    }
  }
}
Expand Code Examples

DELETE /v1/account/teams/:teamID

DELETEDelete a team

Deletes a team. Any associated users or API keys will be removed from the team and inherit the permissions of any other teams with which they are associated. If they do not belong to any other teams, they will retain the permissions from this team.

There is no response other than the HTTP status code.

Path Parameters:

teamIDstring(Required) Unique identifier for the team you are deleting

Copy CodeDeletes a team

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/teams/:teamID

IP whitelist

GET https://api.nsone.net/v1/account/whitelist

GETView all IP whitelists

Returns all the (global) IP Whitelist records for the account.

Example URL:

https://api.nsone.net/v1/account/whitelist

Example Response:

[
  {
    "id":  "7c65ca27-23f0-4c00-8906-ae24f9fe0ae5",
    "name": "New York Office",
    "values": ["192.0.2.0/24"]
  },
  {
    "id":  "ead8e0fb-cd99-4ae2-8643-1c9ab9eca4bc",
    "name": "San Francisco Office",
    "values": ["198.51.100.0/24"]
  },
]
Expand Code Examples

GET https://api.nsone.net/v1/account/whitelist/id

GETView IP whitelist details

Get a specific IP whitelist record by its unique ID.

Request URL:

https://api.nsone.net/v1/account/whitelist/:id

Example URL:

https://api.nsone.net/v1/account/whitelist/7c65ca27-23f0-4c00-8906-ae24f9fe0ae5

Example Response:

{
  "id":  "7c65ca27-23f0-4c00-8906-ae24f9fe0ae5",
  "name": "New York Office",
  "values": ["192.0.2.0/24"]
}

ParameterTypeDescriptionRequired?
idStringYes
Expand Code Examples

PUT https://api.nsone.net/v1/account/whitelist

PUTCreate a new IP whitelist

Creates a new IP Whitelist Record.

Example URL:

https://api.nsone.net/v1/account/whitelist

Example Request:

{
  "name": "San Diego Office",
  "values": ["203.0.113.1", "203.0.113.2"]
}

Example Response:

{
  "id":  "873de209-16ca-4bfb-b53a-e495525cc298",
  "name": "San Diego Office",
  "values": ["203.0.113.1", "203.0.113.2"]
}
Expand Code Examples

POST https://api.nsone.net/v1/account/whitelist/:id

POSTEdit an IP whitelist

Updates the properties of an existing IP Whitelist Record.

Request URL:

https://api.nsone.net/v1/account/whitelist/:id

Example URL:

https://api.nsone.net/v1/account/whitelist/873de209-16ca-4bfb-b53a-e495525cc298

Example Request:

{
  "name": "New IP Whitelist Record Name",
  "values": ["203.0.113.1", "203.0.113.2"]
}

Example Response:

{
  "id": "873de209-16ca-4bfb-b53a-e495525cc298",
  "name": "New IP Whitelist Record Name",
  "values": ["203.0.113.1", "203.0.113.2"]
}

ParameterTypeDescriptionRequired?
idStringYes
Expand Code Examples

DELETE https://api.nsone.net/v1/account/whitelist/:id

DELETEDelete an IP whitelist

Request URL:

https://api.nsone.net/v1/account/whitelist/:id

Example URL:

https://api.nsone.net/v1/account/whitelist/873de209-16ca-4bfb-b53a-e495525cc298
ParameterTypeDescriptionRequired?
idStringYes

Plan and Billing

GET /v1/account/plantypes

GETView Managed DNS plan type

Returns details of all currently available self service subscription plans and associated pricing. Each subscription plan is uniquely identified by the plan type and period.

Note: details are returned regardless of your current plan, but at this time only users on the startup, starter, or basic plan types may change their subscription automatically. Users currently on other plans should contact [email protected].

Request URL:

https://api.nsone.net/v1/account/plantypes

Example Response:

[
  {
    "overage_order": "ascending",
    "overages": {
      "static": {
        "queries": "2",
        "records": "1"
      },
      "intelligent": {
        "queries": "6",
        "records": "1"
      },
      "dynamic": {
        "queries": "4",
        "records": "1"
      }
    },
    "monthly_price": "0.00",
    "discount": "0.00",
    "discount_type": "percentage",
    "included": {
      "any": {
        "queries": 1e+07,
        "records": 50
      },
      "static": {
        "queries": 0,
        "records": 0
      },
      "intelligent": {
        "queries": 0,
        "records": 0
      },
      "dynamic": {
        "queries": 0,
        "records": 0
      }
    },
    "recurring_cost": "0.00",
    "access_charges": {
      "static": "0.00",
      "intelligent": "0.00",
      "dynamic": "0.00"
    },
    "monitoring": {
      "jobs": 2,
      "frequency": 60,
      "regions": 1
    },
    "type": "startup",
    "period": "monthly"
  },
  {
    "overage_order": "ascending",
    "overages": {
      "static": {
        "queries": "0.75",
        "records": "0.25"
      },
      "intelligent": {
        "queries": "2",
        "records": "0.25"
      },
      "dynamic": {
        "queries": "1.25",
        "records": "0.25"
      }
    },
    "monthly_price": "50.00",
    "discount": "0.00",
    "discount_type": "percentage",
    "included": {
      "any": {
        "queries": 2.5e+07,
        "records": 250
      },
      "static": {
        "queries": 0,
        "records": 0
      },
      "intelligent": {
        "queries": 0,
        "records": 0
      },
      "dynamic": {
        "queries": 0,
        "records": 0
      }
    },
    "recurring_cost": "50.00",
    "access_charges": {
      "static": "0.00",
      "intelligent": "0.00",
      "dynamic": "0.00"
    },
    "monitoring": {
      "jobs": 25,
      "frequency": 20,
      "regions": 3
    },
    "type": "business",
    "period": "monthly"
  },
  {
    "overage_order": "ascending",
    "overages": {
      "static": {
        "queries": "0.75",
        "records": "0.25"
      },
      "intelligent": {
        "queries": "2",
        "records": "0.25"
      },
      "dynamic": {
        "queries": "1.25",
        "records": "0.25"
      }
    },
    "monthly_price": "47.50",
    "discount": "0.00",
    "discount_type": "percentage",
    "included": {
      "any": {
        "queries": 2.5e+07,
        "records": 250
      },
      "static": {
        "queries": 0,
        "records": 0
      },
      "intelligent": {
        "queries": 0,
        "records": 0
      },
      "dynamic": {
        "queries": 0,
        "records": 0
      }
    },
    "recurring_cost": "47.50",
    "access_charges": {
      "static": "0.00",
      "intelligent": "0.00",
      "dynamic": "0.00"
    },
    "monitoring": {
      "jobs": 25,
      "frequency": 20,
      "regions": 3
    },
    "type": "business",
    "period": "quarterly"
  },
  ...
]
Expand Code Examples

GET /v1/account/plan

GETView Managed DNS plan details

Returns details of the current subscription for the account, including all applicable fees, charges, discounts, etc. The current balance, if any, is also returned.

Request URL:

https://api.nsone.net/v1/account/plan

Example Response:

{
  "type": "pro",
  "period": "annual"
  "monthly_price": "200.00",
  "discount": "0.00",
  "discount_type": "percentage",
  "recurring_cost": "2400.00",
  "locked": false,
  "included": {
    "any": {
      "queries": 2.5e+08,
      "records": 1500
    },
    "static": {
      "queries": 0,
      "records": 0
    },
    "intelligent": {
      "queries": 0,
      "records": 0
    },
    "dynamic": {
      "queries": 0,
      "records": 0
    }
  },
  "overage_order": "ascending",
  "overages": {
    "static": {
      "queries": "0.50",
      "records": "0.10"
    },
    "intelligent": {
      "queries": "1",
      "records": "0.10"
    },
    "dynamic": {
      "queries": "0.75",
      "records": "0.10"
    }
  },
  "access_charges": {
    "static": "0.00",
    "intelligent": "0.00",
    "dynamic": "0.00"
  },
  "monitoring": {
    "jobs": 250,
    "frequency": 5,
    "regions": 5
  },
  "balance": "0.00"
}
Expand Code Examples

POST /v1/account/plan

POSTChange your Managed DNS plan type

If you are on the startupstarter, or basic plan, and you have a valid credit card on file, you may call this method to instantly pay for and upgrade to a new subscription plan. You may change to a basic or advanced plan with a monthlyquarterlysemiannual, or annual term. Note: In this case, you will be charged the full price of the new plan as indicated in the recurring_cost field in the plan description. If you are currently on any other plan, you do not have a payment method on file, or you are requesting a change to the professionalenterpriseenterprise premiumplan, calling this method will submit a request to change your subscription plan, which we will review and respond to. In that case, you may also pass us notes about your request. If we submit a change request but cannot process it immediately, the response will not include a body.

Request URL:

https://api.nsone.net/v1/account/plan

Example Request:

{
  "type": "pro",
  "period": "annual"
}

Example Response:

{
  "overage_order": "ascending",
  "type": "pro",
  "balance": "2,400.00",
  "discount_type": "percentage",
  "monthly_price": "200.00",
  "access_charges": {
    "static": "0.00",
    "intelligent": "0.00",
    "dynamic": "0.00"
  },
  "period": "annual",
  "discount": "0.00",
  "included": {
    "any": {
      "queries": 2.5e+08,
      "records": 1500
    },
    "static": {
      "queries": 0,
      "records": 0
    },
    "intelligent": {
      "queries": 0,
      "records": 0
    },
    "dynamic": {
      "queries": 0,
      "records": 0
    }
  },
  "recurring_cost": "2400.00",
  "overages": {
    "static": {
      "queries": "0.50",
      "records": "0.10"
    },
    "intelligent": {
      "queries": "1",
      "records": "0.10"
    },
    "dynamic": {
      "queries": "0.75",
      "records": "0.10"
    }
  },
  "monitoring": {
    "jobs": 250,
    "frequency": 5,
    "regions": 5
  },
  "locked": true
}
Expand Code Examples

GET /v1/account/invoices

GETList invoices

Lists basic details of all historical and current invoices for the account.

Request URL:

https://api.nsone.net/v1/account/invoices

Example Response:

[
  {
    "due": 1377129600,
    "sent": 1375756229,
    "id": 11,
    "amount": "82.02",
    "status": "due"
  },
  {
    "due": 1375315200,
    "sent": 1373985364,
    "id": 10,
    "amount": "29.00",
    "status": "paid"
  },
  {
    "due": 1366588800,
    "sent": 1365215402,
    "id": 2,
    "amount": "0.00",
    "status": "paid"
  },
  {
    "due": 1369180800,
    "sent": 1367807401,
    "id": 4,
    "amount": "0.00",
    "status": "paid"
  }
]
Expand Code Examples

GET /v1/account/invoices/{invoiceID}

GETDownload an invoice

The invoice is returned in PDF format. This method will directly return a PDF. The Content-Type and Content-Dispositionheaders will be set accordingly. However, if there is an error, the usual JSON error will be returned.

There are certain cases, such as in some browsers, where you will be unable to send the X-NSONE-Key authentication header to download a file intended to be saved to the user's filesystem, due to restrictions on some kinds of AJAX/XHR requests. In this case, you may use an alternative authentication mechanism for this method: add an authtoken parameter to the URL, consisting of a SHA1 hash of the concatenation of the API Key, the invoice id, and the sent field from /account/invoices for the invoice (as a string). For example: sha1('qACMD09OJXBxT7XOuRs8101373985364').

ParameterTypeDescriptionRequired?
invoiceidStringExample: '727'Yes
authtokenStringExample: d4a2080c926b85c9936908852454cb181249622aNo

Request URL:

https://api.nsone.net/v1/account/invoices/:invoiceid[?authtoken=21900a196f...]

Example URL:

https://api.nsone.net/v1/account/invoices/727?authtoken=d4a2080c926b85c9936908852454cb181249622a

Example URL:

https://api.nsone.net/v1/account/invoices/invoiceid?authtoken=d4a2080c926b85c9936908852454cb181249622a

ParameterTypeDescriptionRequired?
invoiceidStringExample: '727'Yes
authtokenStringExample: d4a2080c926b85c9936908852454cb181249622aNo

GET /v1/account/billataglance

GETView bill at a glance

Returns current usage and charges that will appear on the next invoice.

WARNING
Please note that the metrics shown do not reflect real-time data. Usage information is generated daily at 00:30 UTC.

Copy CodeReturns usage and charges based on the last instance of 00:30 UTC

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/billataglance

Request URL:

https://api.nsone.net/v1/account/billataglance

Example Response:

{
  "plan": "startup",
  "period": "monthly",
  "last_invoice": 1377561600,
  "next_invoice": 1379721600,
  "next_base_invoice": 1379721600,
  "recurring_cost": "0.00"
  "recurring_cost_next_invoice": "0.00",
  "any": {
    "overage_order": "ascending",
    "query_credit": 1e+07,
    "record_credit": 50
  },
  "static": {
    "record_rate": "1",
    "access_charge": "0.00",
    "records": 14,
    "query_credit": 0,
    "query_cost": "0.00",
    "query_rate_per_million": "2",
    "queries": 5,
    "record_credit": 0,
    "record_cost": "0.00"
  },
  "dynamic": {
    "record_rate": "1",
    "access_charge": "0.00",
    "records": 2,
    "query_credit": 0,
    "query_cost": "0.00",
    "query_rate_per_million": "4",
    "queries": 10,
    "record_credit": 0,
    "record_cost": "0.00"
  },
  "intelligent": {
    "record_rate": "1",
    "access_charge": "0.00",
    "records": 0,
    "query_credit": 0,
    "query_cost": "0.00",
    "query_rate_per_million": "6",
    "queries": 0,
    "record_credit": 0,
    "record_cost": "0.00"
  },
  "totals": {
    "record_cost": "0.00",
    "record_credit": 16,
    "queries": 15,
    "query_credit": 15,
    "records": 16,
    "access_charge": "0.00",
    "query_cost": "0.00"
  },
  "balance": "0.00",
  "bill": "0.00"
}
Expand Code Examples

Payment method

GET /v1/account/paymentmethods

GETView list of active payment methods

This method returns the list of all payment methods (credit cards) attached to the account.

Request URL:

https://api.nsone.net/v1/account/paymentmethods

Example Response:

[
  {
    "type": "creditcard",
    "default": true,
    "cc_expire_year": 2014,
    "cc_expire_month": 3,
    "firstname": "John",
    "lastname": "Smith",
    "company": "Joe Company",
    "cc_type": "mastercard",
    "phone": "222-555-5555",
    "address": {
      "country": "US",
      "street": "20 Awesome Street Suite 1234",
      "state": "NY",
      "city": "New York",
      "postalcode": "10005"
    },
    "cc_number_last4": "4444",
    "id": 8273
  },
  {
    "type": "creditcard",
    "cc_expire_year": 2016,
    "cc_expire_month": 4,
    "firstname": "Bob",
    "lastname": "Boberton",
    "company": "Joe Company",
    "cc_type": "amex",
    "phone": "212-867-5309",
    "address": {
      "country": "US",
      "street": "20 Awesome Street Suite 1234",
      "state": "NY",
      "city": "New York",
      "postalcode": "10005"
    },
    "cc_number_last4": "1000",
    "id": 6159
  }
]
Expand Code Examples

GET /v1/account/paymentmethods/:id

GETView payment method details

This method returns just the details for a single payment method given its id.

Request URL:

https://api.nsone.net/v1/account/paymentmethods/:id

Example URL:

https://api.nsone.net/v1/account/paymentmethods/8273

Example Response:

{
  "type": "creditcard",
  "default": true,
  "cc_expire_year": 2014,
  "cc_expire_month": 3,
  "firstname": "John",
  "lastname": "Smith",
  "company": "Joe Company",
  "cc_type": "mastercard",
  "phone": "222-555-5555",
  "address": {
    "country": "US",
    "street": "20 Awesome Street Suite 1234",
    "state": "NY",
    "city": "New York",
    "postalcode": "10005"
  },
  "cc_number_last4": "4444",
  "id": 8273
}

ParameterTypeDescriptionRequired?
idStringPayment method idYes
Expand Code Examples

PUT /v1/account/paymentmethods

PUTAdd a new payment method

Adds a new credit card to the account. If you set default to true it will become the new default card we charge for new invoices. We will do a small pre-authorization charge to the credit card, which will be refunded.

Request body parameters:

typestringPayment type (e.g., creditcard)
defaultbooleanIndicates whether or not this is the default payment method
cc_numberstringCredit card numbers (between 12-19 digits)
cc_expire_monthintegerMonth of the credit card expiration date
cc_expire_yearintegerYear of the credit card expiration date
cc_cvv2stringCard verification code (between 3-4 characters)
firstnamestringFirst name on with the credit card
lastnamestringLast name on the credit card
companystringCompany associated with the payment method (if applicable)
phonestringPhone number associated with the payment method
addressobjectAddress details associated with the payment method
streetstringStreet address associated with the payment method
citystringCity associated with the payment method address
statestringState associated with the payment method address
postalcodestringPostal code associated with the payment method address
countrystringCountry associated with the payment method address

Copy CodeAdds a new payment method

curl -X PUT -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/account/paymentmethods

Request URL:

https://api.nsone.net/v1/account/paymentmethods

Example Request:

{
  "address": {
    "country": "US",
    "postalcode": "10005",
    "state": "NY",
    "city": "New York",
    "street": "20 Awesome Street Suite 1234"
  },
  "phone": "222-555-5555",
  "company": "Joe Company",
  "type": "creditcard",
  "default": true,
  "cc_number": "5215888899994444",
  "cc_expire_year": 2014,
  "cc_expire_month": 3,
  "cc_cvv2": "1234",
  "firstname": "John",
  "lastname": "Smith"
}

Example Response:

{
  "type": "creditcard",
  "default": true,
  "cc_expire_year": 2014,
  "cc_expire_month": 3,
  "firstname": "John",
  "lastname": "Smith",
  "company": "Joe Company",
  "cc_type": "mastercard",
  "phone": "222-555-5555",
  "address": {
    "country": "US",
    "street": "20 Awesome Street Suite 1234",
    "state": "NY",
    "city": "New York",
    "postalcode": "10005"
  },
  "cc_number_last4": "4444",
  "id": 8273
}
Expand Code Examples

POST https://api.nsone.net/v1/account/paymentmethods/id

POSTMake a payment method the default

Calling this method — with no request body — sets the requested payment method as the default one, and it will be charged for future invoices. You may not modify other details associated with an existing payment method — add a new one instead. There is no response other than the HTTP status code.

Request URL:

https://api.nsone.net/v1/account/paymentmethods/:id

Example URL:

https://api.nsone.net/v1/account/paymentmethods/8273


ParameterTypeDescriptionRequired?
idStringPayment method idYes

DELETE https://api.nsone.net/v1/account/paymentmethods/id

DELETEDelete a payment method

Deletes a credit card. You may not delete the last credit card from the account — add another one first. There is no response other than the HTTP status code.

Request URL:

https://api.nsone.net/v1/account/paymentmethods/:id

Example URL:

https://api.nsone.net/v1/account/paymentmethods/8273

ParameterTypeDescriptionRequired?
idStringPayment method idYes

Activity Log

GET /v1/account/activity

GETView account activity log

Returns entries from the account activity log. By default, the most recent 20 entries are returned — get more by setting limit. You can also restrict the results to entries later than some start (UNIX timestamp) or earlier than some end. If you specify a resource_type, only entries for resources of that type are returned. You may also restrict by user and resource_id. Activity log entries include a user_type which is one of user, apikey, or system depending on where the activity came from, and for user and apikey activity, the user_id is the username or API Key ID, respectively. For create and update actions, any resource details are for the resource after the action is taken; for delete actions, any such details show the resource as it was prior to deletion.

Query Parameters:

ParameterTypeDescription
limitintegerMaximum number of entries to return
startintegerDatetime expression (absolute or relative) for the beginning of the time range.
endintegerDatetime expression (absolute or relative) for the end of the time range.
resource_typestringType of resource
userstringUsername or an API key ID
resource_idstringUnique identifier for a resource
exportstringThe file type of the report that should be generated. Can be one of the following file types: json, xml, csv, pdf, xslx, or html.

Copy CodeExports the activity log in PDF format

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/account/activity?export=pdf

Request URL:

https://api.nsone.net/v1/account/activity

Example Response:

[
  {
    "resource_type": "zonefile",
    "user_id": "myuser",
    "resource_id": "52276047830f787e2ff88d4c",
    "timestamp": 1378312263,
    "user_type": "user",
    "action": "create",
    "resource": {
      "id": "52276047830f787e2ff88d4c",
      "hostmaster": "[email protected]",
      "meta": {},
      "nx_ttl": 60,
      "retry": 3600,
      "zone": "myzone.net",
      "warnings": [],
      "refresh": 21600,
      "expiry": 1209600,
      "records": [
        {
          "id": "52276047830f787e2ff88d4f",
          "type": "NS",
          "tier": 1,
          "short_answers": [
            "dns1.p03.nsone.net",
            "dns2.p03.nsone.net",
            "dns3.p03.nsone.net",
            "dns4.p03.nsone.net"
          ],
          "domain": "myzone.net"
        },
        {
          "id": "52276047830f787e2ff88d53",
          "type": "A",
          "tier": 1,
          "short_answers": [
            "1.1.1.1",
            "2.2.2.2"
          ],
          "domain": "*.myzone.net"
        }
      ],
      "dns_servers": [
        "dns1.p03.nsone.net",
        "dns2.p03.nsone.net",
        "dns3.p03.nsone.net",
        "dns4.p03.nsone.net"
      ],
      "networks": [0],
      "network_pools": ["p03"]
    },
    "user_name": "My User",
    "id": "52276047830f787e2ff88d59"
  },
  {
    "resource_type": "user",
    "user_id": "myuser",
    "resource_id": "olduser",
    "timestamp": 1378312122,
    "user_type": "user",
    "action": "delete",
    "resource": {
      "permissions": {
        "dns": {
          "zones_allow_by_default": true,
          "view_zones": true,
          "zones_deny": [],
          "manage_zones": true,
          "zones_allow": []
        },
        "data": {
          "manage_datafeeds": true,
          "manage_datasources": true,
          "push_to_datafeeds": true
        },
        "account": {
          "manage_payment_methods": true,
          "manage_teams": true,
          "manage_apikeys": true,
          "manage_account_settings": true,
          "view_activity_log": true,
          "view_invoices": true,
          "manage_users": true,
          "manage_plan": true
        },
        "monitoring": {
          "manage_lists": false,
          "manage_jobs": false,
          "view_jobs": false
        }
      },
      "email": "[email protected]",
      "last_access": null,
      "notify": {
        "billing": true
      },
      "name": "Old User",
      "username": "olduser"
    },
    "user_name": "My User",
    "id": "52275fba830f787e2ff88d42"
  },
  ...
]
Expand Code Examples

Zones & Records

To learn more about managing NS1 zones and records, refer to the NS1 Help Center.

Zones

GET /v1/zones

GET List all zones

Returns a list of all active DNS zones along with basic zone configuration details for each.

Note about pagination: If you have more than 5,000 zones, the response header will include a link that you can use in a cURL command to get usage statistics for the next 5,000 zones (and so on). This follows the Web Linking standard (RFC 5988).

Copy CodeList active zones

curl -X GET -H 'X-NSONE-Key: $API_KEY' https://api.nsone.net/v1/zones

Example Response:

[
  {
    "dns_servers": [
      "string"
    ],
    "expiry": 0,
    "primary_master": "string",
    "hostmaster": "string",
    "id": "string",
    "meta": {
      "asn": [
        "string"
      ],
      "ca_province": [
        "string"
      ],
      "connections": 0,
      "country": [
        "string"
      ],
      "georegion": [
        "string"
      ],
      "high_watermark": 0,
      "ip_prefixes": [
        "string"
      ],
      "latitude": 0,
      "loadAvg": 0,
      "longitude": 0,
      "low_watermark": 0,
      "note": "string",
      "priority": 0,
      "pulsar": "string",
      "requests": 0,
      "up": true,
      "us_state": [
        "string"
      ],
      "weight": 0
    },
    "network_pools": [
      "string"
    ],
    "networks": [
      0
    ],
    "nx_ttl": 0,
    "primary": {
      "enabled": true,
      "secondaries": [
        {
          "ip": "string",
          "networks": [
            0
          ],
          "notify": true,
          "port": 0
        }
      ]
    },
    "records": [
      {
        "domain": "string",
        "id": "string",
        "short_answers": [
          "string"
        ],
        "tier": 0,
        "ttl": 0,
        "type": "string"
      }
    ],
    "refresh": 0,
    "retry": 0,
    "ttl": 0,
    "zone": "string",
    "views": [
      "string"
    ],
    "local_tags": [
      "string"
    ],
    "tags": {}
  }
]
Expand Code Examples

GET /v1/zones/:zone

GET View zone details

Returns a single active zone and its basic configuration details, as well as a list of records in the zone and basic details for each record.

Path Parameters:

ParameterTypeDescription
zonestring(Required) FQDN of the zone.


Example Response:

{
  "dns_servers": [
    "string"
  ],
  "expiry": 0,
  "primary_master": "string",
  "hostmaster": "string",
  "id": "string",
  "meta": {
    "asn": [
      "string"
    ],
    "ca_province": [
      "string"
    ],
    "connections": 0,
    "country": [
      "string"
    ],
    "georegion": [
      "string"
    ],
    "high_watermark": 0,
    "ip_prefixes": [
      "string"
    ],
    "latitude": 0,
    "loadAvg": 0,
    "longitude": 0,
    "low_watermark": 0,
    "note": "string",
    "priority": 0,
    "pulsar": "string",
    "requests": 0,
    "up": true,
    "us_state": [
      "string"
    ],
    "weight": 0
  },
  "network_pools": [
    "string"
  ],
  "networks": [
    0
  ],
  "nx_ttl": 0,
  "primary": {
    "enabled": true,
    "secondaries": [
      {
        "ip": "string",
        "networks": [
          0
        ],
        "notify": true,
        "port": 0
      }
    ]
  },
  "records": [
    {
      "domain": "string",
      "id": "string",
      "short_answers": [
        "string"
      ],
      "tier": 0,
      "ttl": 0,
      "type": "string"
    }
  ],
  "refresh": 0,
  "retry": 0,
  "ttl": 0,
  "zone": "string",
  "views": [
    "string"
  ],
  "local_tags": [
    "string"
  ],
  "tags": {}
}
Expand Code Examples

PUT /v1/zones/:zone

PUT Create a new zone

You must include a JSON body in the request with basic zone details. The only required element in the body is "zone", the zone fully-qualified domain name (FQDN). You can create a standard zone (which has its own configuration and records), a linked zone (pointing to an existing standard zone, reusing its configuration and records), or a secondary zone (which replicates DNS records from an external primary DNS server).

For non-linked zones, you may specify optional zone configuration by including TTL (SOA record TTL), refresh, retry, expiry, and nx_ttl values, as in a SOA record. Refer to the Help Center article, "Best practices: TTL configuration" for more information. The zone is assigned DNS servers and appropriate NS records are automatically created unless you create a secondary zone.

Linked zones

To create a linked zone, you must include a link property in the body of your request. It must be a string referencing the target zone (domain name) to which the current zone should link. The linked zone and target zone must be owned by the same account. If the link property is specified, no other zone configuration properties (including refresh, retry, etc.) may be specified as they are inherited from the target zone. After creating a linked zone, it cannot be modified and you cannot add records to it. You can delete the linked zone with no impact to the target zone.

Secondary zones

To create a secondary zone, you must include a secondary object in the body of your request including the following fields:

  • enabled - [true/false] If true, the zone is configured as a secondary zone
  • primary_ip - An IPv4 address (not a hostname) of the zone's primary DNS server. If your primary DNS server is running on a non-standard port, you may also include primary_port.

Zone replication

To enable zone replication by third-party DNS servers, you must include a primary object in the body of your request including the following fields:

  • enabled - [true/false] If true, AXFR queries (and optionally NOTIFY messages) will be enabled for the zone.
  • secondaries - a list of objects each containing:
    • ip - IPv4 address of the secondary node
    • port - (Optional) The port on the host to send NOTIFYmessages (default = 53)
    • notify - [true/false] If true, NS1 will send NOTIFY messages to the secondary host upon zone changes.

If your account has access to multiple DNS networks, you may pass in networks, a list of network ids for which the zone should be made available. If you do not provide a list of networks, the zone will be created in network 0, the primary NSONE Global Network. DNS servers will be selected and assigned from among all the networks you specify.

Path Parameters:

zonestring(Required) FQDN of the zone you are creating. Note for DDI users: You may have multiple zone names associated with the same zone (FQDN).

Request Body Paramters:

namestring(DDI only) Vanity name for the zone used for associating the zone with DNS views. If left undefined, the zone name defaults to the zone FQDN. You can have multiple zone names associated with the same zone (FQDN).
viewsstring(DDI only) Name of the DNS view(s) with which this zone is associated.
networksarray of integersIf you account has access to multiple DNS networks, you may pass a list of network IDs for which the zone should be made available. If not set, the zone is created in network 0 (primary NSONE Global Network). DNS servers will be selected and assigned across all the networks you specify.
expiryintegerIf refresh and Retry fail repeatedly, this is the time period after which the primary should be considered down and no longer authoritative for the given zone.
nx_ttlintegerIn the event that the DNS query results in an NXDOMAIN error, because the domain name does not exist (and this is also true for all names under it), or in an EBOT (aka NODATA) response, this is the length of time that the ‘negative’ answer should be cached for.
primaryobjectApplied to support zone replication by third-party DNS servers.
enabledboolean(Required; part of the primary object) If true, AXFR queries (and optionally NOTIFY messages) will be enabled for the zone.
secondariesarray of objects(Required if set to primary; part of the primary object) An array of objects to define secondary nodes
ipstring(Included in the secondaries array) IPv4 address of the secondary zone.
notifyboolean(Included in the secondaries array) If set to "true," NS1 will send NOTIFY messages to the secondary host upon zone changes.
portinteger(Included in the secondaries array) The port on the host to send NOTIFY messages. Default is 53.
refreshintegerThe interval at which secondary DNS servers are set to refresh the zone file from the primary server.
retryintegerThe rate at which a secondary DNS servers will retry to refresh the zone file if the initial refresh failed.
ttlintegerThe interval at which the SOA record itself is refreshed.
tagsobjectsAll local and inherited tags. Local tags are tags set directly on objects. Inherited tags are inherited from parent objects. For each tag, you must indicate the property name and (optionally) specify a corresponding value (i.e. "{property_name}":"{value}"). Tags specified here are inherited by any child subnets/addresses.


Copy CodeCreate a new DNS zone

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"zone":"{zoneFQDN}", "nx_ttl":60}' https://api.nsone.net/v1/zones/{zoneFQDN}

where {ZONE_NAME} is the zone's FQDN

Copy CodeCreate a new secondary DNS zone

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"zone":"{ZONE_NAME}", "secondary": {"enabled":true, "primary_ip":"{PRIMARY_IP_ADDRESS}"}}' https://api.nsone.net/v1/zones/{zoneFQDN}

where {ZONE_NAME} is the zone's FQDN and {PRIMARY_IP_ADDRESS} is the IP address of the primary zone.

Copy CodeCreates a secondary zone with TSIG enabled

curl -X PUT -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/zones/{ZONE_NAME} -d "{\"secondary\": {\"enabled\": true,\"tsig\":{\"enabled\": true, \"hash\": \"{HASH_TYPE}\", \"key\":\"{TSIG_KEY}\",\"name\": \"{TSIG_KEY_NAME}\"}, \"primary_ip\": \"{IP_ADDRESS}\", \"primary_port\": 53},\"zone\": \"{ZONE_NAME}\"}"

Copy CodeCreate a new zone allowing AXFR and sending NOTIFY to a secondary zone

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"zone":"{ZONE_NAME}", "primary": {"enabled":true, "secondaries":[ {"ip":"{SECONDARY_IP}", "port":{SECONDARY_PORT}, "notify":true} ]}}' https://api.nsone.net/v1/zones/{ZONE_NAME}

Copy CodeCreate a zone with associated DNS views and networks (DDI only)

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "zone": "'{domain}'", "name": "'{zone_name}", "views": [{view_name}], "networks": [{network_ids}] }' https://{api.mycompany.net}/v1/zones/{zone-name}

Example Request:

{
  "zone": "newzone.com",
  "ttl&tuot;: 3600,
  "nx_ttl": 60
}

Example Response:

{
  "id": "52051b2c9f782d58bb4df41b",
  "hostmaster": "[email protected]",
  "ttl": 3600,
  "nx_ttl": 60,
  "retry": 7200,
  "zone": "newzone.com",
  "refresh": 43200,
  "expiry": 1209600,
  "dns_servers": [
    "dns1.p06.nsone.net",z
    "dns2.p06.nsone.net",
    "dns3.p06.nsone.net",
    "dns4.p06.nsone.net"
  ],
  "networks": [0],
  "network_pools": ["p06"],
  "primary": {
    "enabled": false,
    "secondaries": []
  },
  "records": [
    {
      "id": "52051b2c9f782d58bb4df420",
      "type": "NS",
      "tier": 1,
      "ttl": 3600,
      "short_answers": [
        "dns1.p06.nsone.net",
        "dns2.p06.nsone.net",
        "dns3.p06.nsone.net",
        "dns4.p06.nsone.net"
      ],
      "domain": "newzone.com"
    }
  ],
  "meta": {}
}

Example Request:

{
  "expiry": 0,
  "hostmaster": "string",
  "nx_ttl": 0,
  "primary": {
    "enabled": true,
    "secondaries": [
      {
        "ip": "string",
        "networks": [
          0
        ],
        "notify": true,
        "port": 0
      }
    ]
  },
  "refresh": 0,
  "retry": 0,
  "ttl": 0,
  "zone": "string",
  "local_tags": [
    "string"
  ],
  "tags": {}
}

Example Response:

{
  "dns_servers": [
    "string"
  ],
  "expiry": 0,
  "name": "string",
  "link": "string",
  "primary_master": "string",
  "hostmaster": "string",
  "id": "string",
  "meta": {
    "asn": [
      "string"
    ],
    "ca_province": [
      "string"
    ],
    "connections": 0,
    "country": [
      "string"
    ],
    "georegion": [
      "string"
    ],
    "high_watermark": 0,
    "ip_prefixes": [
      "string"
    ],
    "latitude": 0,
    "loadAvg": 0,
    "longitude": 0,
    "low_watermark": 0,
    "note": "string",
    "priority": 0,
    "pulsar": "string",
    "requests": 0,
    "up": true,
    "us_state": [
      "string"
    ],
    "weight": 0
  },
  "network_pools": [
    "string"
  ],
  "networks": [
    0
  ],
  "nx_ttl": 0,
  "serial": 0,
  "primary": {
    "enabled": true,
    "secondaries": [
      {
        "ip": "string",
        "networks": [
          0
        ],
        "notify": true,
        "port": 0
      }
    ]
  },
  "records": [
    {
      "domain": "string",
      "zone": "string",
      "tags": {
        "property1": "string",
        "property2": "string"
      },
      "link": "string",
      "use_client_subnet": true,
      "regions": {
        "property1": "string",
        "property2": "string"
      },
      "meta": {
        "property1": "string",
        "property2": "string"
      },
      "zone_name": "string",
      "networks": [
        0
      ],
      "id": "string",
      "short_answers": [
        "string"
      ],
      "tier": 0,
      "ttl": 0,
      "type": "string"
    }
  ],
  "refresh": 0,
  "retry": 0,
  "secondary": {
    "status": "string",
    "last_xfr": 0,
    "primary_ip": "string",
    "primary_port": 0,
    "enabled": true,
    "tsig": {
      "enabled": true,
      "hash": "string",
      "name": "string",
      "key": "string"
    },
    "other_ports": [
      0
    ],
    "other_ips": [
      "string"
    ],
    "expired": true
  },
  "ttl": 0,
  "zone": "string",
  "views": [
    "string"
  ],
  "local_tags": [
    "string"
  ],
  "tags": {
    "property1": "string",
    "property2": "string"
  }
}
Expand Code Examples

POST /v1/zones/:zone

POST Edit a zone

Modifies the basic details of a DNS zone. You must include a JSON body in the request, in which you may include ttl (SOA record TTL), refresh, retry, expiry, or nx_ttl values, as in a SOA record. You may not change the zone name or other details.

If you are modifying a secondary zone, you can change the primary_ip and primary_port. You can also change enabled in the secondary object to convert a zone between primary and secondary behavior. Note that when converting a secondary to a primary zone, you must create a NS record for the zone with the assigned NSONE nameservers.

You can enable or disable replication from the primary zone, as well as add or remove secondary (replica) hosts by manipulating the primary object.

You may modify the set of DNS networks for which the zone should be made available. Note that if you remove a network from a zone, and later re-add it, then new nameservers will be assigned within that network. You may remove all networks from a zone, in which case the zone will not be accessible from any DNS network.

Path Parameters:

zonestring(Required) FQDN of the zone you are creating. Note for DDI users: You may have multiple zoneNames associated with the same zone (FQDN).

Request Body Paramters:

viewsstring(DDI only) Name of the DNS view(s) with which this zone is associated.
networksarray of integersIf you account has access to multiple DNS networks, you may pass a list of network IDs for which the zone should be made available. If not set, the zone is created in network 0 (primary NSONE Global Network). DNS servers will be selected and assigned across all the networks you specify.
expiryintegerIf refresh and retry fail repeatedly, this is the time period after which the primary should be considered down and no longer authoritative for the given zone.
nx_ttlintegerIn the event that the DNS query results in an NXDOMAIN error, because the domain name does not exist (and this is also true for all names under it), or in an EBOT (aka NODATA) response, this is the length of time that the ‘negative’ answer should be cached for.
primaryobjectApplied to support zone replication by third-party DNS servers.
enabledboolean(Required; part of the primary object) If true, AXFR queries (and optionally NOTIFY messages) will be enabled for the zone.
secondariesarray of objects(Required if set to primary; part of the primary object) An array of objects to define secondary nodes
ipstring(Included in the secondaries array) IPv4 address of the secondary zone.
notifyboolean(Included in the secondaries array) If set to "true," NS1 will send NOTIFY messages to the secondary host upon zone changes.
portinteger(Included in the secondaries array) The port on the host to send NOTIFY messages. Default is 53.
refreshintegerThe interval at which secondary DNS servers are set to refresh the zone file from the primary server.
retryintegerThe rate at which a secondary DNS servers will retry to refresh the zone file if the initial refresh failed.
ttlintegerThe interval at which the SOA record itself is refreshed.
tagsobjectsAll local and inherited tags. Local tags are tags set directly on objects. Inherited tags are inherited from parent objects. For each tag, you must indicate the property name and (optionally) specify a corresponding value (i.e. "{property_name}":"{value}"). Tags specified here are inherited by any child subnets/addresses.


Copy CodeModifies the specified zone

curl -X POST -H "X-NSONE-Key: $API_KEY" -d '{ "expiry": 0, "hostmaster": "string", "nx_ttl": 0, "primary": { "enabled": true, "secondaries": [ { "ip": "string", "networks": [0],"notify": true, "port": 0 }]}, "refresh": 0, "retry": 0, "ttl": 0, "zone": "string", "local_tags": ["string"], "tags": {}}'  https://{api.mycompany.net}/v1/zones/{zoneFQDN}

Copy CodeForces a refresh on a secondary zone

curl -X POST -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/zones/{zoneFQDN}?refresh=true

Execute the command above on a secondary zone to force a refresh, overriding any refresh interval setting defined. Note: Do not include any data in the request body.

Request URL:

https://api.nsone.net/v1/zones/:zone

Example URL:

https://api.nsone.net/v1/zones/newzone.com

Example Request:

{
  "refresh": 10800
}

Example Response:

{
  "dns_servers": [
    "string"
  ],
  "expiry": 0,
  "primary_master": "string",
  "hostmaster": "string",
  "id": "string",
  "meta": {
    "asn": [
      "string"
    ],
    "ca_province": [
      "string"
    ],
    "connections": 0,
    "country": [
      "string"
    ],
    "georegion": [
      "string"
    ],
    "high_watermark": 0,
    "ip_prefixes": [
      "string"
    ],
    "latitude": 0,
    "loadAvg": 0,
    "longitude": 0,
    "low_watermark": 0,
    "note": "string",
    "priority": 0,
    "pulsar": "string",
    "requests": 0,
    "up": true,
    "us_state": [
      "string"
    ],
    "weight": 0
  },
  "network_pools": [
    "string"
  ],
  "networks": [
    0
  ],
  "nx_ttl": 0,
  "primary": {
    "enabled": true,
    "secondaries": [
      {
        "ip": "string",
        "networks": [
          0
        ],
        "notify": true,
        "port": 0
      }
    ]
  },
  "records": [
    {
      "domain": "string",
      "id": "string",
      "short_answers": [
        "string"
      ],
      "tier": 0,
      "ttl": 0,
      "type": "string"
    }
  ],
  "refresh": 10800,
  "retry": 0,
  "ttl": 0,
  "zone": "string",
  "views": [
    "string"
  ],
  "local_tags": [
    "string"
  ],
  "tags": {}
}
Expand Code Examples

DELETE /v1/zones/:zone

DELETE Delete a zone

Deletes an existing DNS zone and all of its associated records.

Note: NS1 servers will not respond to queries for the zone or any of the records after it is deleted, and you cannot recover the deleted zone. There is no request body required, and there is no response other than the HTTP status code.

Request URL:

https://api.nsone.net/v1/zones/:zone

Example URL:

https://api.nsone.net/v1/zones/example.com
ParameterTypeDescriptionRequired?
zoneStringYes

PUT /v1/import/zonefile/:zone

PUT Import a zone from a zone file

Upload a zone file using form encoding (multipart/form-data) with the zone file as the content of the zonefile form parameter. The zone must not already exist in your account. Upon upload, the zone and all records within the zone file are created. Any "round-robin" records (e.g., multiple A records for the same domain) are treated as answers for a single record in your account. Existing NS records are replaced, as are some details of SOA records.

There are two modes: synchronous (default) and asynchronous.

  • In asynchronous mode, you must check back with a GET request using the returned job id to get the results of your request.
  • In synchronous mode, the connection remains open until the results can be returned to you directly. Full details of the new zone and all records are returned; a warnings field contains a list of strings with any warnings from the zone file import process.

Upon import, the zone is made available only on the NSONE Global Network (network 0). If your account has access to other DNS networks, and you wish to make the zone available via those networks, simply add them to the zone after importing the zone file.

Copy CodeImport a new zone from a zone file

curl -X PUT -F [email protected] -H 'X-NSONE-Key: $API_KEY' https://api.nsone.net/v1/import/zonefile/{ZONE_NAME}

where {ZONE_NAME} is the zone FQDN

Request URL:

https://api.nsone.net/v1/import/zonefile/:zone[?async=true]

Example URL:

https://api.nsone.net/v1/import/zonefile/newzone.com?async=true

Example Request:

(Other headers)
Content-Type: multipart/form-data; boundary=----------------------------a5d22159c43c

------------------------------a5d22159c43c
Content-Disposition: form-data; name="zonefile"; filename="newzone.com.db"
Content-Type: application/octet-stream

$ORIGIN newzone.com.
$TTL 300
@	SOA	ns1.newzone.com. hostmaster.newzone.com. 201303202324 43200 7200 1209600 3600
@	NS	ns1
@	NS	ns2
@	A	1.2.3.4
www	A	1.2.3.4

------------------------------a5d22159c43c--

Example Response:

{
  "id": "52052aa99f782d5b1a10a831",
  "hostmaster": "[email protected]",
  "meta": {},
  "ttl": 3600,
  "nx_ttl": 300,
  "retry": 7200,
  "zone": "newzone.com",
  "warnings": [],
  "refresh": 43200,
  "expiry": 1209600,
  "dns_servers": [
    "dns1.p06.nsone.net",
    "dns2.p06.nsone.net",
    "dns3.p06.nsone.net",
    "dns4.p06.nsone.net"
  ],
  "networks": [0],
  "network_pools": ["p06"],
  "records": [
    {
      "id": "52052aa99f782d5b1a10a836",
      "type": "NS",
      "tier": 1,
      "short_answers": [
        "dns1.p06.nsone.net",
        "dns2.p06.nsone.net",
        "dns3.p06.nsone.net",
        "dns4.p06.nsone.net"
      ],
      "domain": "newzone.com"
    },
    {
      "id": "52052aa99f782d5bcc10a847",
      "type": "A",
      "tier": 1,
      "domain": "newzone.com",
      "zone": "newzone.com",
      "short_answers": [
        "1.2.3.4"
      ]
    },
    {
      "id": "52052aa99f78375bcc10a666",
      "type": "A",
      "tier": 1,
      "domain": "www.newzone.com",
      "zone": "newzone.com",
      "short_answers": [
        "1.2.3.4"
      ]
    }
  ]
}

Example Response:

{
  "sent": 1376070394,
  "id": "zIbC9VfrnVtubXfJbM6a",
  "type": "importzonefile",
  "percent": 20,
  "status": "Creating zone"
}
ParameterTypeDescriptionRequired?
zonestringzone FQDNyes
asyncboolean(see description above); default is "false"

no

Expand Code Examples

GET /v1/import/zonefile/:jobid

GET View status of zone file import

Get the status, and if finished, results of, a zone file import job launched with a PUT request to /import/zonefile/:zone. The jobid is the value of the id field in the response of an asynchronous import request. If the zone file import is finished, the response includes the fields response (body containing import request results), and response_code (final HTTP status code for the import request).

Request URL:

https://api.nsone.net/v1/import/zonefile/:jobid

Example URL:

https://api.nsone.net/v1/import/zonefile/zIbC9VfrnVtubXfJbM6a

Example Response:

{
  "sent": 1376070394,
  "id": "zIbC9VfrnVtubXfJbM6a",
  "type": "importzonefile",
  "result": {
    "id": "52052afa9f782d5b1a10a83f",
    "hostmaster": "[email protected]",
    "meta": {},
    "ttl": 3600,
    "nx_ttl": 300,
    "retry": 7200,
    "zone": "newzone.com",
    "warnings": [],
    "refresh": 43200,
    "expiry": 1209600,
    "records": [
      {
        "id": "52052afa9f782d5b1a10a844",
        "type": "NS",
        "tier": 1,
        "short_answers": [
          "dns1.p01.nsone.net",
          "dns2.p01.nsone.net",
          "dns3.p01.nsone.net",
          "dns4.p01.nsone.net"
        ],
        "domain": "newzone.com"
      },
      {
        "type": "A",
        "feeds": [],
        "tier": 1,
        "domain": "newzone.com",
        "zone": "newzone.com",
        "answers": [
          {
            "id": "52052afa9f782d5b1a10a846",
            "answer": [
              "1.2.3.4"
            ]
          }
        ],
        "regions": {},
        "meta": {},
        "filters": [],
        "ttl": 300
      },
      {
        "type": "A",
        "feeds": [],
        "tier": 1,
        "domain": "www.newzone.com",
        "zone": "newzone.com",
        "answers": [
          {
            "id": "52052afa9f782d5b1a10a848",
            "answer": [
              "1.2.3.4"
            ]
          }
        ],
        "regions": {},
        "meta": {},
        "filters": [],
        "ttl": 300
      }
    ],
    "dns_servers": [
      "dns1.p01.nsone.net",
      "dns2.p01.nsone.net",
      "dns3.p01.nsone.net",
      "dns4.p01.nsone.net"
    ],
    "networks": [0],
    "network_pools": ["p01"]
  },
  "percent": 100,
  "status": "Created zone and 3 records",
}
ParameterTypeDescriptionRequired?
jobidstringvalue of the id field in the response of an asynchronous zone file import requestyes
Expand Code Examples

GET /v1/search

GET Search zones and records

NOTE: NS1 Enterprise DDI and NS1 Connect users should use the new and improved zone/record search endpoints below. Refer to "Search for DNS zones" and "Search for DNS records."

Returns all zones and records that match a query string q. You can limit the max number of results and you can restrict the type of results to zone, record, or all. Entries in the response without domain/type are zones, and those with domain/type are records.

Query parameters:

qstringSearch query
maxintegerMaximum number of search results to display
typestringFilters search results by type. Enum: "zone", "record", "all", "answers"
expandstringExpands contents of search results. Enum: false, "f", true, or "t"

Request URL:

https://api.nsone.net/v1/search?q=[querystring][&max=10][&type=all]

Example URL:

https://api.nsone.net/v1/search?q=example

Example Response:

[
  {
    "zone": "example.com"
  },
  {
    "zone": "example.com",
    "type": "NS",
    "domain": "example.com"
  },
  {
    "zone": "example.com",
    "type": "MX",
    "domain": "mail.example.com"
  },
  {
    "zone": "example.com",
    "type": "A",
    "domain": "www.example.com"
  }
]
Expand Code Examples

GET /v1/dns/zone/search

GET Search for DNS zones (DDI only)

Returns a list of all zones based on any specified filters.

Query Parameters:

fqdnstringFilter by fully-qualified domain name (FQDN)
tagsarray of stringsFilter by specified keys or key-value pairs. For example, tag=key, tag=key*, tag=key=>value, tag=key*=>value, tag=key=>value*, or tag=key*=>value* Text can be prefixed and/or suffixed with * for pattern matching. Other * characters in the answer should be escaped.
limitintegerLimits the number of results returned. Default is 20.
nextstringIf your total number of zones exceeds the limit set, a next value is returned in the response. Apply the next value when searching for the next batch of zone results.
expandstringOption to include associated records in the search results. Enum: "false" (default), "f", "true", "t"

Copy CodeReturns a list of all zones

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/dns/zone/search

Request URL:

https://api.nsone.net/v1/dns/zone/search

Request URL:

https://api.nsone.net/v1/dns/zone/search?expand=true

Example Response:

{
  "total_results": 1,
  "next": "next",
  "limit": 1,
  "results": [
    {
      "fqdn": "example.com",
      "handle": "example.com"
    }
  ]
}

Example Response:

{
  "total_results": 1,
  "next": "next",
  "limit": 1,
  "results": [
    {
      "fqdn": "example.com",
      "handle": "example.com",
      "network_pools": [
        "p00"
      ],
      "networks": [
        1
      ],
      "primary": {
        "enabled": true,
        "secondaries": [
          {
            "ip": "127.0.0.1",
            "notify": true,
            "port": 53
          }
        ]
      },
      "record": [
        "dns1.p00.nsone.net",
        "hostmaster.example.net.",
        6,
        43200,
        7200,
        1209600,
        3600
      ],
      "secondary": {
        "enabled": false,
        "expired": false,
        "last_try": 1616692983,
        "last_xfr": 1616692983,
        "other_ips": [],
        "other_ports": [],
        "primary_ip": "127.0.0.1",
        "primary_port": 53,
        "status": "ok"
      },
      "ttl": 3600,
      "views": []
    }
  ]
}
Expand Code Examples

GET /v1/dns/record/search

GET Search for DNS records (DDI only)

Returns a list of all zones based on any specified filters.

Query Parameters:

domainstringFilter by domain.
typestringFilter by record type.
answersstringFilter by answers. Text can be prefixed and/or suffixed with * for pattern matching. Other * characters in the answer should be escaped.
tagsarray of stringsFilter by specified keys or key-value pairs. For example, tag=key, tag=key*, tag=key=>value, tag=key*=>value, tag=key=>value*, or tag=key*=>value*
limitintegerLimits the number of results returned. Default is 20.
nextstringIf your total number of records exceeds the limit set, a next value is returned in the response. Apply the next value when searching for the next batch of record results.
expandstringOption to include record details in the search results. Enum: "false" (default), "f", "true", "t"

Copy CodeReturns all records

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/dns/record/search

Request URL:

https://api.nsone.net/v1/dns/record/search

Request URL:

https://api.nsone.net/v1/dns/record/search?expand=true

Example Response:

{
  "total_results": 1,
  "next": "next",
  "limit": 1,
  "results": [
    {
      "domain": "www.example.com",
      "type": "A",
      "zone_fqdn": "example.com",
      "zone_handle": "example.com"
    }
  ]
}

Example Response:

{
  "total_results": 1,
  "next": "next",
  "limit": 1,
  "results": [
    {
      "answers": [
        {
          "answer": [
            "192.0.2.1"
          ],
          "id": "605cc6f6b407da12cd986c9f"
        }
      ],
      "domain": "www.example.com",
      "id": "605cc6f6b407da12cd986ca0",
      "meta": {},
      "networks": [
        1
      ],
      "regions": {},
      "tags": {
        "tag0": "value0",
        "tag1": "value1",
        "tag2": "value2",
        "tag3": "value3",
        "tag4": "value4"
      },
      "tier": 1,
      "ttl": 3600,
      "type": "A",
      "zone_fqdn": "example.com",
      "zone_handle": "example.com",
      "use_client_subnet": false
    }
  ]
}
Expand Code Examples

GET /v1/networks

GET List available networks

Some customers may have access to DNS networks other than the primary NSONE Global Network. This endpoint lists all networks for which you may create zones and records. You will generally always have access to the NSONE Global Network (network 0).

Request URL:

https://api.nsone.net/v1/networks

Example URL:

https://api.nsone.net/v1/networks

Example Response:

[
  {
    "network_id": 0,
    "label": "NSONE",
    "name": "NSONE Global Network"
  },
  {
    "network_id": 82,
    "label": "myprivate",
    "name": "My Private Network"
  }
]
Expand Code Examples

POST /v1/zones/:zone

POST Enable DNSSEC for a zone

Enables DNSSEC for a zone. For more information, refer to the following Help Center articles:

Note: Your account must have DNSSEC enabled to use this feature. Submit a support ticket or email [email protected] to request DNSSEC for your account.

Request URL:

https://api.nsone.net/v1/zones/:zone

Example URL:

https://api.nsone.net/v1/zones/mydnssec.test

Example Request:

{"dnssec":true}

Example Response:

{
    "nx_ttl": 3600,
    "retry": 7200,
    "dnssec": true,
    "zone": "mydnssec.test",
    "network_pools": [
        "p05"
    ],
    "primary": {
        "enabled": false,
        "secondaries": []
    },
    "refresh": 43200,
    "expiry": 1209600,
    "dns_servers": [
        "dns1.p05.nsone.net",
        "dns2.p05.nsone.net",
        "dns3.p05.nsone.net",
        "dns4.p05.nsone.net"
    ],
    "records": [
        {
            "domain": "mydnssec.test",
            "short_answers": [
                "dns1.p05.nsone.net",
                "dns2.p05.nsone.net",
                "dns3.p05.nsone.net",
                "dns4.p05.nsone.net"
            ],
            "ttl": 3600,
            "tier": 1,
            "type": "NS",
            "id": "5d4994bec94a900001134b77"
        }
    ],
    "meta": {},
    "link": null,
    "serial": 1565103372,
    "ttl": 3600,
    "id": "5d4994bec94a900001134b72",
    "hostmaster": "[email protected]",
    "networks": [
        0
    ],
    "pool": "p05"
}
Expand Code Examples

GET /v1/zones/:zone/dnssec

GET View DNSSEC details for a zone

Returns public key information including DNSKEY and DS record information.

Request URL:

https://api.nsone.net/v1/zones/:zone/dnssec

Example URL:

https://api.nsone.net/v1/zones/mydnssec.test/dnssec

Example Response:

{
    "keys": {
        "dnskey": [
            [
                "257",
                "3",
                "13",
                "t+4DPP+MFZ0Cr7gasdghasdhasdfhasdfhsdfa5xBXKIsjsj5baV1HzhBNo2F7mbsevsEo0/6UEL8+JBmA=="
            ],
            [
                "256",
                "3",
                "13",
                "pxEUulkf8UZtE9fy2+4wJwasdghashasdfhhasdfhadsfahd/QL9AmwFCgyFeC4uRNxoqxK0xOg=="
            ]
        ],
        "ttl": 3600
    },
    "delegation": {
        "dnskey": [
            [
                "257",
                "3",
                "13",
                "t+4DPP+MFZ0Cr7gAXiDYv6HTasdghashasdhasdfhahshasdfjsj5baV1HzhBNo2F7mbsevsEo0/6UEL8+JBmA=="
            ]
        ],
        "ds": [
            [
                "48553",
                "13",
                "2",
                "02f7cf1f6c24ccasdfasdgasdgasghd91e702287d74453b1aa3f495"
            ]
        ],
        "ttl": 3600
    },
    "zone": "mydnssec.test."
}
Expand Code Examples

POST /v1/zones/:zone

POST Enable TSIG on a secondary zone

NS1 offers authentication using TSIG (transaction signature) for instances where NS1 is configured as the secondary DNS provider. Note: Currently, NS1 does not support enabling TSIG authentication on a primary DNS network hosted within NS1.

Copy CodeEnables TSIG on an existing secondary zone

curl -X POST -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/zones/{ZONE_NAME} -d "{\"secondary\": {\"enabled\": true,\"tsig\":{\"enabled\": true, \"hash\": \"{HASH_TYPE}\", \"key\":\"$TSIG_KEY\",\"name\": \"{TSIG_KEY_NAME}\"}, \"primary_ip\": \"{IP_ADDRESS}\", \"primary_port\": 53},\"zone\": \"{ZONE_NAME}\"}"

Request URL:

https://api.nsone.net/v1/zones/:zone

Example URL:

https://api.nsone.net/v1/zones/example_secondary_zone

Example Request:

curl -X PUT -H 'X-NSONE-Key: qACMD09OJXBxT7XOuRs8' -d'{"zone":"newzone.com","secondary":{"enabled":true,"primary_ip":"1.2.3.4","tsig":{"enabled":true,"hash":"hmac-md5","name":"ns1-transfer-key","key":"mwmF7XOq/cB0TSF6kJX+sNW2jkZU/s0V/KPfXtOa6tTk3wU3RuZBFjM9 H0ATD+qbCdC7n64L9QqkAvk3sh89xw=="}}}'

Example Response:

{"dns_servers":["dns1.p06.nsone.net","dns2.p06.nsone.net","dns3.p06.nsone.net","dns4.p06.nsone.net"],"dnssec":false,"network_pools":["p06"],"primary":{"enabled":false,"secondaries":[]},"disabled":false,"meta":{},"ttl":3600,"serial":1578928419,"id":"5e1c8923bbccf90001c16162","retry":7200,"zone":"newzone.com","networks":[0],"hostmaster":"[email protected]","nx_ttl":3600,"expiry":1209600,"records":[],"link":null,"pool":"p06","secondary":{"status":"pending","last_xfr":0,"other_ips":[],"primary_port":53,"enabled":true,"tsig":{"enabled":true,"hash":"hmac-md5","name":"tsigname","key":"+Cdjlkef9ZTSeixERZ433Q=="},"error":null,"other_ports":[],"primary_ip":"1.2.3.4","expired":false},"refresh":43200,"primary_master":"dns1.p06.nsone.net"}
Expand Code Examples

Records

GET /v1/zones/:zone/:domain/:type

GETView record details

Returns full configuration for a DNS record including basic config, answers, regions, filter chain configuration, and all metadata tables and data feeds attached to entities in the record. (Note that regions might be any specified grouping, not necessarily a geo-related region. For this reason, the NS1 web portal at my.nsone.net uses the word "group" instead of "region".)

You must fully specify zone, domain, and record type, e.g., example.com/www.example.com/A returns the A record for www.example.com in the example.com zone.

Path Parameters:

ParameterTypeDescription
zonestring(Required) Name of the zone within which this record is located. (ex. example.com)
domainstring(Required) Domain name (ex. www.example.com)
typestring(Required) The type of record whose details you are requesting (ex. A).

Copy CodeReturns details about the specified record

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/zones/:zone/:domain/:type

Example Response:

{
  "answers": [
    {
      "answer": [
        "string"
      ],
      "id": "string",
      "meta": {
        "asn": [
          "string"
        ],
        "ca_province": [
          "string"
        ],
        "connections": 0,
        "country": [
          "string"
        ],
        "georegion": [
          "string"
        ],
        "high_watermark": 0,
        "ip_prefixes": [
          "string"
        ],
        "latitude": 0,
        "loadAvg": 0,
        "longitude": 0,
        "low_watermark": 0,
        "note": "string",
        "priority": 0,
        "pulsar": "string",
        "requests": 0,
        "up": true,
        "us_state": [
          "string"
        ],
        "weight": 0
      },
      "region": "string"
    }
  ],
  "domain": "string",
  "filters": [
    {
      "disabled": true,
      "filter": "string",
      "config": {
        "eliminate": false
      }
    }
  ],
  "id": "50eb9d77830f784f98b0dd59",
  "link": "string",
  "meta": {
    "asn": [
      "string"
    ],
    "ca_province": [
      "string"
    ],
    "connections": 0,
    "country": [
      "string"
    ],
    "georegion": [
      "string"
    ],
    "high_watermark": 0,
    "ip_prefixes": [
      "string"
    ],
    "latitude": 0,
    "loadAvg": 0,
    "longitude": 0,
    "low_watermark": 0,
    "note": "string",
    "priority": 0,
    "pulsar": "string",
    "requests": 0,
    "up": true,
    "us_state": [
      "string"
    ],
    "weight": 0
  },
  "networks": [
    0
  ],
  "regions": {
    "meta": {
      "asn": [
        "string"
      ],
      "ca_province": [
        "string"
      ],
      "connections": 0,
      "country": [
        "string"
      ],
      "georegion": [
        "string"
      ],
      "high_watermark": 0,
      "ip_prefixes": [
        "string"
      ],
      "latitude": 0,
      "loadAvg": 0,
      "longitude": 0,
      "low_watermark": 0,
      "note": "string",
      "priority": 0,
      "pulsar": "string",
      "requests": 0,
      "up": true,
      "us_state": [
        "string"
      ],
      "weight": 0
    }
  },
  "tier": 0,
  "ttl": 0,
  "type": "string",
  "use_client_subnet": true,
  "zone": "string",
  "blocked_tags": [
    "string"
  ],
  "local_tags": [
    "string"
  ],
  "tags": {}
}
Expand Code Examples

PUT /v1/zones/:zone/:domain/:type

PUTCreate a DNS record

Creates a new DNS record in the specified zone, for the specified domain, of the given record type. Currently supported record types are: A, AAAA, ALIAS, AFSDB, CERT, CNAME, DNAME, HINFO, MX, NAPTR, NS, PTR, RP, SPF, SRV, TXT, URLFWD. The answer field within each entry in the answers list must be a list of the RDATA fields for a DNS record of the specified type.

You may not create multiple records of the same type for the same domain name in a zone — instead, add new answers to the existing record. The default behavior if no filters are in the filter chain is to return all answers matching a query.

Metadata tables (meta) may be specified in answers, in regions or in the record as a whole. (Note that regions can be any kind of group, not just geo-related. For this reason, the NS1 web portal at my.nsone.net uses the word "group" instead of "region".) The metadata tables may contain key/value pairs where valid keys and values are as described in the output of /metatypes.

Anywhere metadata tables can go, data feeds can go as well. Connect a compatible feed to a metadata key by assigning its value to be a JSON object pointing to the data feed that should be consulted for the final value.

The new record will take on the same networks as the zone it's in.

Instead of specifying answers and other details, you may create a "linked" record. This allows you reuse the configuration (including answers and metadata) from an existing record in NSONE's systems. Linked records will respond in the exact same way as their targets at DNS resolution time, and can be used for maintaining complicated record configurations in a single record while pointing (linking) other lightweight records to it. Linked records must point to another record of the exact same record type and do not have to exist in the same zone.

To create a linked record, specify the link property as a string whose contents is the FQDN containing the config it should link to. If link is specified, no other record configuration (such as answers or meta) should be specified.

Path Parameters:

ParameterTypeDescription
zonestring(Required) Name of the zone within which this record is located. (ex. example.com)
domainstring(Required) Domain name (ex. www.example.com)
typestring(Required) The type of record whose details you are requesting (ex. A).

Copy CodeCreates a simple A record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"zone":"example.com", "domain":"arecord.example.com", "type":"A", "answers":[{"answer":["1.2.3.4"]}]}' https://api.nsone.net/v1/zones/example.com/arecord.example.com/A

(RFC 1035) The most common DNS record used, an A record maps a hostname to an IPv4 address (ex. 33.22.33.44). All zones must contain an A record in order for users to access a website or application using its hostname as opposed to memorizing the IPv4 address.

Copy CodeCreates a linked A record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"zone":"example.com", "domain":"linked-record.example.com", "type":"A", "link":"arecord.example2.com", "answers": []}' https://api.nsone.net/v1/zones/example.com/linked-record.example.com/A

Using a linked record avoids the timely and error-prone tasks of manually creating and maintaining identical configurations across multiple records. Linked records tell the NS1 authoritative server to use the full configuration from a target record that exists somewhere else on the NS1 platform. Note: The target record does not need to be in the same zone as the linked record.

For example, a CDN using NS1 DNS services can instruct its customer (who is also using NS1) to use a linked record to point to the customer’s domain at the CDN, instead of a CNAME. This eliminates DNS round trips and (for A or AAAA records) allows direct resolution at the zone apex. A linked record can be any record type (A, MX, CNAME, etc.), but it must be the same types as a target or it will not resolve.

Compared to a CNAME record, a linked record typically requires one less DNS lookup—often shortening the response time for the requesting resolver or user to receive the final answer.

Linked records are specific to NS1, and their resolution is a completely internal process. During resolution, the full configuration from the target record (including advanced configuration options) is duplicated into the source record such that (other than the name of the record) they resolve identically. DNS recursors making the query will not be able to differentiate between a linked record and the “real” target to which it points. Linked records support all NS1 features and capabilities used by the target record—including real-time data feeds.

Refer to this article for more information.

Copy CodeCreates an MX record with multiple answers

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"zone":"example.com", "domain":"example.com", "type":"MX", "answers":[{"answer":[5, "mail1.example.com"]}, {"answer":[10, "mail2.example.com"]}]}' https://api.nsone.net/v1/zones/example.com/example.com/MX

(RFC 1035, RFC 7505) Mail exchange (MX) records are used to direct emails sent to your domain. MX records, coupled with a mail server, provide organizations (employees, clients, etc.) with emails the organization's domain, such as support@ns1.com. If you have multiple mail servers configured, you can add multiple MX records with varying priorities.

Copy CodeCreates a record with GEOTARGET_REGIONAL

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"zone":"example.com", "domain":"georegion.example.com", "type":"A", "answers":[{"answer":["1.1.1.1"], "meta":{"georegion":["US-EAST"]}}, {"answer":["9.9.9.9"], "meta":{"georegion":["US-WEST"]}}], "filters":[{"filter":"geotarget_regional", "config":{}}, {"filter":"select_first_n", "config":{"N":1}}]}' https://api.nsone.net/v1/zones/example.com/georegion.example.com/A

This creates an A record with two answers: a server (1.1.1.1) in the US-EAST geotargeting region, and a server (9.9.9.9) in the US-WEST geotargeting region. We also add the GEOTARGET_REGIONALfilter first in the filter chain (it needs no configuration); and follow it with the SELECT_FIRST_N filter with N set to 1, which picks the closest answer.

Copy CodeCreates an A record with the DHCP filter

curl -L -X PUT https://api.mycompany.net/v1/zones/docker.local/*.docker.local/A -H "X-NSONE-Key: $APIKEY" -d '{     "zone": "docker.local",     "domain": "*.docker.local",     "type": "A",     "answers": [         {             "answer": [                 "127.0.0.1"             ]         }     ],     "filters": [         {             "filter": "dhcp",             "config": {                      "scope_group_id": 1                     }                 }             ] }'

For the purposes of implementing first-party DDNS, this creates a wildcard A record in the forward zone. In this example, the forward zone is docker.local.

Copy CodeCreates a PTR record with the DHCP filter

curl -L -X PUT https://api.mycompany.net/v1/zones/11.18.172.in-addr.arpa/*.11.18.172.in-addr.arpa/PTR -H "X-NSONE-Key: $API_KEY"  -d '{     "zone": "11.18.172.in-addr.arpa",     "domain": "*.11.18.172.in-addr.arpa",     "type": "PTR",     "answers": [         {             "answer": [                 "*.hosts.docker.local"             ]         }     ],     "filters": [         {             "filter": "dhcp",             "config": {                      "scope_group_id": 1                     }                 }             ] }'

For the purposes of implementing first-party DDNS, this creates a wildcard PTR record in the reverse zone. In this example, the reverse zone is 11.18.172.in-addr.arpa.

(RFC 1035) Pointer (PTR) records are usually described as the opposite of an A record. Whereas A records point the domain to an IP address, a PTR record points an IP to a domain (ex. reverse zone lookups). This is often used as spam verification with certain email programs to confirm a mail server is authorized to use the domain from which the email was sent. PTR records usually have to be defined by the owner of the IP address for your server—usually your server hosts. Many hosting companies will set this up for you when you set up a server.

Copy CodeCreates a URLFWD record

curl -X PUT -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/zones/example.com/www.example.com/URLFWD -d '{"zone": "example.com", "domain": "www.example.com", "type": "URLFWD", "answers": [{"answer": ["/one", "http://one.com", 0, 0, 0]}, {"answer": ["/two", "http://two.com", 301, 1, 1]}, {"answer": ["/three", "http://three.com", 302, 2, 0]}]}'

where

  • zone is the name of the zone to which you want to add the URLFWD record
  • domain is the FQDN within the zone to which you want to add the URLFWD record
  • type is the type of record you are creating (in this case, URLFWD)
  • each answer specifies five values
    • "from" path (ex. /one , /two. /three) indicated by the query
    • domain (ex. http://one.com, etc.) to which you want to redirect the query
    • forwarding type; either 0 (masking), 301 (permanent), 302 (temporary)
    • query forwarding enabled or disabled; either 0 (disabled) or 1 (enabled)

Similar structures can be used with GET or POST commands to retrieve or update the record. For more information, refer to the NS1 API documentation.

Refer to this article to learn more about URLFWD record configuration settings.

Note: URL forwarding must be enabled on your NS1 account in order to create URLFWD record. To enable this feature, contact the NS1 support team by submitting a ticket or emailing [email protected]

Copy CodeCreates a AAAA record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "aaaarecord.example.com", "type": "AAAA", "answers": [ { "answer": [ "dead:beef:cafe::1" ] } ] }' https://api.nsone.net/v1/zones/example.com/aaaarecord.example.com/AAAA

(RFC 3596) AAAA records function in the same way as A records, except that they map hostnames to an IPv6 address (ex. FE80::0202:B3FF:FE1E:8329). The limited number of permutations possible for IPv4 addresses has resulted in recent growth in the number of IPv6 addresses being used.

Copy CodeCreates an AFSDB record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{   "zone": "example.com", "domain": "afsdbrecord.example.com", "type": "AFSDB", "answers": [ { "answer": [ 1, "arecord.example.com" ] } ] }' https://api.nsone.net/v1/zones/example.com/afsdbrecord.example.com/AFSDB

(RFC 1183) AFSDB records are used to connect domain names to Andrew File System (AFS) servers. AFS is similar to NFS, but better suited to handle the latency of wide area networks (such as the internet) and locally caches files. The AFSDB record is key to this operation—providing the location to the file database.

Note: This record is experimental and not recognized by all services, and not all nameservers recognize or implement it. The AFSDB record type is deprecated and has been replaced by the SRV record.

Copy CodeCreates an ALIAS record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "aliasrecord.example.com", "type": "ALIAS",   "answers": [ { "answer": [ "arecord.example.com" ] } ] }' https://api.nsone.net/v1/zones/example.com/aliasrecord.example.com/ALIAS

ALIAS is an NS1-specific record type. It is a pseudo-record that works like a CNAME record, but can be used safely at the zone apex because it always resolves to A (or AAAA) record(s). Resolution to the target is a completely internal process—DNS recursors making the query will not be able to differentiate between an ALIAS record and a “real” A (or AAAA) record. When queried, an ALIAS record will always return one or more A or AAAA records. Since ALIAS is a pseudo-record, the query result will never contain ALIAS. There is no good reason to use an ALIAS record outside of the zone apex. Since it requires an extra external lookup, resolution can be slower than a CNAME or linked record. Refer to this article for more information.

Copy CodeCreates a CAA record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "caarecord.example.com", "type": "CAA", "answers": [ { "answer": [ 0, "tag", "value" ] }   ] }' https://api.nsone.net/v1/zones/example.com/caarecord.example.com/CAA

(RFC 6844) Domain owners can use DNS Certification Authority Authorization (CAA) records to specify which certificate authorities (CAs) are allowed to issue SSL certificates for their domains. A single domain may contain multiple CAA records. The CAA record prevents an unauthorized CA from issuing an SSL certificate for your domain—in other words, only the CA(s) authorized in the CAA record can issue an SSL certificate for your domain. CAA records specify the following fields:

CAA <flags> <tag> <value>

where

  • flags is an unsigned integer between 0 and 255
  • tag is a non-zero sequence of US-ASCII letters and numbers in lowercase.
  • value is the <character-string> encoding of the value field.

For example:

$ORIGIN example.com @ CAA 0 issue "ca.example.net" @ CAA 0 iodef "mailto:[email protected]" @ CAA 0 iodef "http://iodef.example.com/"

Copy CodeCreates a CERT record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "certrecord.example.com", "type": "CERT", "answers": [ { "answer": [ 3, 0, 0, "dGVzda==" ] }   ] }' https://api.nsone.net/v1/zones/example.com/certrecord.example.com/CERT

(RFC 4398, 6944) CERT resource records provide a space in the DNS for certificates and related certificate revocation lists (CRLs). These certificates verify the authenticity of the sending and receiving parties. The CRLs identify the certificates that are no longer valid.

Copy CodeCreates a CNAME record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "cnamerecord.example.com", "type": "CNAME",   "answers": [ { "answer": [ "arecord.example.com" ] } ] }' https://api.nsone.net/v1/zones/example.com/cnamerecord.example.com/CNAME

(RFC 1034, 2181) A Canonical Name (CNAME) record maps one domain name (an alias) to another (the canonical name). There may be only one such canonical name for any one alias. That name should generally be a name that exists elsewhere in the DNS, though there are some rare applications for aliases with the accompanying canonical name undefined in the DNS. An alias name (label of a CNAME record) may, if DNSSEC is in use, have SIG, NXT, and KEY RRs, but may have no other data. Refer to this article for more information.

Copy CodeCreates a DNAME record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "example.com", "type": "DNAME",   "answers": [ { "answer": [ "newzone.net" ] } ] }' https://api.nsone.net/v1/zones/example.com/example.com/DNAME

(RFC 6672) As opposed to a CNAME record which maps only a single node, a DNAME record is used to redirect an entire subsection (or subtree) of the DNS namespace to another domain. Once implemented, all names that end with a particular suffix are redirected to another part of the DNS.

Copy CodeCreates a HINFO record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "hinforecord.example.com", "type": "HINFO", "answers": [ { "answer": [ "fancy", "potato" ] } ] }' https://api.nsone.net/v1/zones/example.com/hinforecord.example.com/HINFO

(RFC 1035) Host information (HINFO) records are used to associate general information about a host’s CPU and OS with the host’s domain name. For example, if www.example.com was running Ubuntu 16.04 with a 3.2 GHz Intel CPU, this information can be made publicly available by creating an HINFO record with “PC-Intel-3200mhz” and “Ubuntu 16.04” in the CPU and OS fields, respectively. This information is used by services like FTP to determine the correct procedures for connecting to hosts based on their configuration.

Copy CodeCreates a NAPTR record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "naptrrecord.example.com", "type": "NAPTR", "answers": [ { "answer": [ 1, 2, "S", "http", "replace/me/i", "hi" ] } ] }' https://api.nsone.net/v1/zones/example.com/naptrrecord.example.com/NAPTR

(RFC 3403) Naming Authority Pointer (NAPTR) records are most commonly used with internet telephony (or VoIP) services. It can be used to map telephone numbers and email addresses for VoIP users to SIP servers via SRV records to initiate calls.

Copy CodeCreates an NS record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "nsrecord.example.com", "type": "NS",   "answers": [ { "answer": [ "arecord.example.com" ] } ] }' https://api.nsone.net/v1/zones/example.com/nsrecord.example.com/NS

(RFC 1035) Typically configured with your registrar, Name server (NS) records are used to delegate a domain or subdomain to a set of name servers. Name servers, such as NS1, hold all the other DNS records for your domain and tell all the other computers connected to the internet what records your domain holds. Therefore, setting the NS record is a critical step in getting your domains and servers online.

Copy CodeCreates an RP record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "rprecord.example.com", "type": "RP",   "answers": [ { "answer": [ "bob.example.com", "alice.example.com"] } ] }' https://api.nsone.net/v1/zones/example.com/rprecord.example.com/RP

(RFC 1183) Typically, the "responsible person" record contains information about the person responsible for the domain. It is usually an email address where the "@" sign is replaced by a period (.).

Copy CodeCreates an SPF record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "spfrecord.example.com", "type": "SPF",  "answers": [ { "answer": [ "v=spf1", "ip4:1.2.3.4", "include:example.com", "-all" ] } ] }' https://api.nsone.net/v1/zones/example.com/spfrecord.example.com/SPF

(RFC 4408, 7208) Sender Policy Framework (SPF) records are used during email verification to prevent your domain name from being used by spammers or malicious users. Simply creating an SPF record on your main domain with the content: v=spf1 ip4:11.11.11.11 a -all (replacing 11.11.11.11 with your mail server’s IP address) will tell email receivers that your mail server is the only server allowed to send emails from your domain. All emails received from other servers are to be rejected or marked as spam. If you have multiple mail servers, you can add another ip4:x.x.x.x after the previous one to allow another IP address. Note: The SPF record is still supported, but shouldn’t be used in new configurations. Instead, making a TXT record with the same content is the more accepted practice today. Commonly, mail servers will define both an SPF and a TXT record for the most compatibility.

Copy CodeCreates an SRV record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "srvrecord.example.com", "type": "SRV",  "answers": [ { "answer": [ 1, 1, 80, "srvrecord.example.com" ] } ] }' https://api.nsone.net/v1/zones/example.com/srvrecord.example.com/SRV

(RFC 2782) Service locator (SRV) records are a way to use DNS to locate services for a specific domain. SRV records allow for built-in load balancing of multiple servers using the priority and weight values in the records. SRV record parameters include:

  • service is the name of a service, such as SIP or XMPP. Underscore required.
  • proto is the protocol in use for the service. Normally either TCP or UDP. Underscore required.
  • domainname is the FQDN of the domain using the service.
  • ttl is the time-to-live for the DNS record.
  • priority is the priority of the target. A lower number indicates a higher preference.
  • weight is the weight of the target. A higher number indicates a higher preference.
  • target is the hostname of the server which is hosting the service.

You can verify the record has been created correctly using the dig tool as shown in this example:

test:~ test$ dig srv _www._tcp.zone.example @dns1.p08.nsone.net +short 1 100 80 www.zone.example. test:~ test

Copy CodeCreates a TXT record

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "zone": "example.com", "domain": "txtrecord.example.com", "type": "TXT",  "answers": [ { "answer": [ "some", "text", "here" ] } ] }' https://api.nsone.net/v1/zones/example.com/txtrecord.example.com/TXT

(RFC 1035) Text (TXT) records allow you to contain any text-based information on a domain or subdomain. Applications can use this to collect information about a service—typically, SPF records, DomainKeys, and DKIM (two other email verification processes). Usage with SPF can be read about above in the SPF Records section. TXT records may contain any information up to 255 characters per string. A zone may container multiple TXT records.

Example URL:

https://api.nsone.net/v1/zones/example.com/mail.example.com/MX

Example Request:

{
  "answers": [
    {
      "answer": [
        10,
        "1.2.3.4"
      ],
      "meta": {
        "up": { feed: "520533b89f782d5b1a10a854" }
      }
    }
  ],
  "type": "MX",
  "domain": "mail.example.com",
  "zone": "example.com"
}

Example Response:

{
  "id": "52053b569f782d5b1a10a85a",
  "networks": [0],
  "type": "MX",
  "feeds": [],
  "customer": 1004,
  "domain": "mail.example.com",
  "zone": "example.com",
  "answers": [
    {
      "id": "52053b569f782d5b1a10a859",
      "feeds": [
        {
          "source": "a53252f9e583c6708331a1daeb172e12",
          "feed": "520533b89f782d5b1a10a854"
        }
      ],
      "answer": [
        10,
        "1.2.3.4"
      ],
      "meta": {
        "up": { feed: "520533b89f782d5b1a10a854" }
      }
    }
  ],
  "regions": {},
  "meta": {},
  "filters": [],
  "ttl": 3600,
  "use_client_subnet": true
}
Expand Code Examples

POST /v1/zones/:zone/:domain/:type

POSTUpdate a record

Modifies configuration details for an existing DNS record.

Path Parameters:

ParameterTypeDescription
zonestring(Required) Name of the zone within which this record is located. (ex. example.com)
domainstring(Required) Domain name (ex. www.example.com)
typestring(Required) The type of record whose details you are requesting (ex. A).

Copy CodeDisable use of edns-client-subnet data for a record

curl -X POST -H 'X-NSONE-Key: qACMD09OJXBxT7XOuRs8' -d '{"use_client_subnet":false}' https://api.nsone.net/v1/zones/example.com/example.com/A

Request URL:

https://api.nsone.net/v1/zones/:zone/:domain/:type

Example URL:

https://api.nsone.net/v1/zones/example.com/mail.example.com/MX

Example Request:

{
  "answers": [
    {
      "answer": [
        10,
        "1.2.3.4"
      ]
    },
    {
      "answer": [
        20,
        "5.6.7.8"
      ]
    }
  ]
}

Example Response:

{
  "id": "52053b569f782d5b1a10a85a",
  "networks": [0],
  "type": "MX",
  "feeds": [],
  "tier": 1,
  "customer": 1004,
  "domain": "mail.example.com",
  "zone": "example.com",
  "answers": [
    {
      "id": "52053c239f782d5b1a10a85e",
      "answer": [
        10,
        "1.2.3.4"
      ]
    },
    {
      "id": "52053c239f782d5b1a10a85f",
      "answer": [
        20,
        "5.6.7.8"
      ]
    }
  ],
  "regions": {},
  "meta": {},
  "filters": [],
  "ttl": 3600,
  "use_client_subnet": true
}
Expand Code Examples

DELETE /v1/zones/:zone/:domain/:type

DELETEDelete a record

Removes an existing record and all associated answers and configuration details. We will no longer respond for this record once it is deleted, and it cannot be recovered, so use caution. Note: This operation deletes all answers associated with the domain and record type. If you want to delete individual answers, do a POSToperation to update the record's answers list. This method has no response other than the HTTP status code.

Request URL:

https://api.nsone.net/v1/zones/:zone/:domain/:type

Example URL:

https://api.nsone.net/v1/zones/example.com/mail.example.com/MX

Parameter

Type

Description

Required?

zone

String

The zone name

Yes

domain

String

The domain name

Yes

type

String

The record type

Yes

 

GET /v1/metatypes

GETView available metadata

Returns a list of available metadata fields for use in configuring records, including descriptions (in HTML).

Request URL:

https://api.nsone.net/v1/metatypes

Example Response:

{
  "georegion": {
    "desc": "Geographic region(s) associated with the answer or\n    region, e.g., the rough geographic location of the datacenter\n    where your server resides.  Each region must be a string, one of\n    'US-EAST', 'US-CENTRAL', 'US-WEST', 'EUROPE', 'ASIAPAC',\n    'SOUTH-AMERICA', 'AFRICA'.  The \"georegion\" value may be a single\n    region string, or a list of several such strings to associate an\n    answer/region with multiple geographic regions.",
    "category": "geographical",
    "shortdesc": "Geographic region"
  },
  "up": {
    "desc": "This boolean value indicates \"upness\" of answers or\n    regions.  If true (or 1), the answer/region is \"up\".  If false (or\n    0) it is \"down\".",
    "category": "status",
    "shortdesc": "Up/down"
  },
  ...
}
Expand Code Examples

GET /v1/filtertypes

GETView available filters

Returns a list of available FILTERS for use in configuring dynamic records, including descriptions (in HTML), configuration options, and metadata inputs used by the filter, along with any restrictions on record types where the filter may be used.

Request URL:

https://api.nsone.net/v1/filtertypes

Example Response:

{
  "up": {
    "desc": "This filter eliminates all answers where the <code>up</code> metadata field is not <code>\"1\"</code>.",
    "config": {},
    "inputs": ["up"],
    "tier": 2,
    "shortdesc": "Removes \"down\" answers"
  },
  "sticky_region": {
    "desc": "This filter first sorts regions uniquely depending on\n        the IP address of the requester, and then groups all answers\n        together by region.  The same requester always gets the same\n        ordering of regions, but answers within each region may be in\n        any order.  You can use this filter with another one like\n        <span class=\"filtername-2\">SELECT_FIRST_REGION</span> to always\n        give a user answers from the same region.  Note that this\n        filter does <i>not</i> do any geotargeting or GSLB: it sorts\n        regions randomly but consistently for each user.  Answers with\n        no region defined are considered to be in the same (empty)\n        region.",
    "config": {},
    "inputs": [],
    "tier": 2,
    "shortdesc": "Make regions \"sticky\""
  },
  "select_first_n": {
    "desc": "This filter eliminates all but the first <code>N</code>\n        answers from the list.  Use this with filters like <span\n        class=\"filtername-2\">SHUFFLE</span> or <span\n        class=\"filtername-2\">SHUFFLE_WEIGHTED</span> to implement round\n        robin or weighted round robin.",
    "config": {
      "N": {
        "desc": "Number of answers to keep",
        "type": "number",
        "shortdesc": "Number of answers",
        "validator": "number",
        "required": false,
        "default": "1"
      }
    },
    "inputs": [],
    "tier": 2,
    "shortdesc": "Return the first \"N\" answers"
  },
  ...
}
Expand Code Examples

GET /v1/metatypes/geo

GETView available geographic metadata

Returns a list of available geographic metadata used by the “Geo-target Country” and “Geo-fence Country” filters . Note that the response will be long. The example response below is truncated for readability.

Request URL:

https://api.nsone.net/v1/metatypes/geo

Example Response:

{
    "subdivisions": {
	    ...
        "CA": [
            "MB",
            "NB",
            "NL",
            ...
            "YT",
            "ON",
            "BC"
        ],
        "RU": [
            "KOS",
            "SE",
            "IN",
            ...
            "LEN",
            "NGR",
            "SA"
        ],
		...
        "US": [
            "NM",
            "ND",
            "LA",
            ...
            "GU",
            "NY",
            "NV"
        ],
		...
	},
	 "countries": [
        "AD",
        "AE",
        "AF",
        ...
        "ZA",
        "ZM",
        "ZW"
    ]
}
Expand Code Examples

DNS views (DDI only)

GET /v1/views/

GETList all DNS views

Returned all available DNS views. Optionally, you can specify a set of views to skip or specify a maximum number of views to return.

Query Parameters:

offsetstringNumber of DNS views to skip in the returned list.
limitstringMaximum number of views to return. A value of 0 indicates no limit.

Copy CodeReturns a list of all available DNS views

curl -X GET -H "X-NSONE-Key: $API_KEY"  https://api.mycompany.net/v1/views

Example Response:

[
  {
    "name": "string",
    "read_acls": [
      "string"
    ],
    "update_acls": [
      "string"
    ],
    "zones": [
      "string"
    ],
    "networks": [
      0
    ],
    "preference": 0
  }
]
Expand Code Examples

GET /v1/views/:name

GETView DNS view details

Returns configuration details about the specific DNS View.

Path Parameters:

namestring(Required) Name of the DNS view

Copy CodeReturns DNS View details

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/views/{view_name}

Example Response:

{
  "name": "string",
  "read_acls": [
    "string"
  ],
  "update_acls": [
    "string"
  ],
  "zones": [
    "string"
  ],
  "networks": [
    0
  ],
  "preference": 0
}
Expand Code Examples

PUT /v1/views/:name

PUTCreate a DNS view

You must include a JSON body in the request with the associated zones, ACLs, and networks. An empty array of ACLs implies that all will be denied.

Defined in RFC 8499, the term DNS view (aka split-horizon, split-view DNS, etc.) is a configuration for a DNS server that allows it to serve one set of data to one group of clients (e.g. internal employees), and a different set of data to another group of clients (e.g. public internet).

In the NS1 DDI platform, users can create access control lists (ACLs) that define a group of clients (by IP address, TSIG key, and/or GSS-TSIG identity). One or more ACLs are attached to a DNS view which is configured to either allow or deny those clients access for queries and updates.

Common use cases include creating an internal (corporate) view and an external (public) view, attaching ACLs that point IP addresses within your organization to the internal view and all other clients to the external view. This allows the internal or corporate user to view internal specific resources that are not viewable to the public audience.

Note: Access to features including DNS views and ACLs requires NS1 DDI version 3.0 or later.

Path Parameters:

namestring(Required) Name of the DNS view you are creating.


Request Body Parameters:

read_aclsarray of stringsList of ACL names used with "read" permissions (multiple ACLs separated by a comma). The order of the ACLs determines how they are processed.
update_aclsarray of stringsList of ACL names used with "update" permissions (multiple ACLs separated by a comma). The order of the ACLs determines how they are processed.
zonesarray of stringsList of zone names (unique strings) specified upon zone creation. If you did not specify a name during zone creation, the name defaults to match the FQDN.
networksarray of integers(optional) Networks is an array of positive integers corresponding to the service definition(s) to which the zone is published.
preferenceintegerDetermines the view order. Preference is a unique value that indicates the priority of this view. This can be any value greater than 0 where a value of 1 indicates top priority.

Copy CodeCreates a new DNS view

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"read_acls":["{read_acls}"],"update_acls":["{update_acls}"],"zones": ["{zone_names}"],"networks": [{networks}],"preference":{pref_number} }' https://api.mycompany.net/v1/views/{view_name}

Example Request:

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"filters":{},"read_acls":["private_net","staging_net"],"update_acls":[],"zones":["mycompany.local","mycompany.net"],"networks":[1],"preference":0}' https://api.mycompany.net/v1/views/internal_view

Example Response:

{"name":"internal_view","networks":[1],"preference":0,"read_acls":["private_net","staging_net"],"update_acls":[],"zones":["mycompany.local","mycompany.net"]}

Example Request:

{
  "read_acls": [
    "SF_office",
    "LA_office"
  ],
  "zones": [
    "example.com"
  ],
  "networks": [
    1,
    2
  ]
}

Example Response:

{
  "name": "string",
  "read_acls": [
    "string"
  ],
  "update_acls": [
    "string"
  ],
  "zones": [
    "string"
  ],
  "networks": [
    0
  ],
  "preference": 0
}
Expand Code Examples

POST /v1/views/:name

POSTEdit a DNS view

Modifies a DNS view. You must include a JSON body in the request which may contain the associated zones, ACLs, and networks. An empty array of ACLs implies that all will be denied.

Path Parameters:

namestring(Required) Name of the DNS view you are creating.


Request Body Parameters:

read_aclsarray of stringsList of ACL names used with "read" permissions (multiple ACLs separated by a comma). The order of the ACLs determines how they are processed.
update_aclsarray of stringsList of ACL names used with "update" permissions (multiple ACLs separated by a comma). The order of the ACLs determines how they are processed.
zonesarray of stringsList of zone names (unique strings) specified upon zone creation. If you did not specify a name during zone creation, the name defaults to match the FQDN.
networksarray of integers(optional) Networks is an array of positive integers corresponding to the service definition(s) to which the zone is published.
preferenceintegerDetermines the view order. Preference is a unique value that indicates the priority of this view. This can be any value greater than 0 where a value of 1 indicates top priority.

Copy CodeModifies a DNS view configuration

curl -X POST -H "X-NSONE-Key: $API_KEY" -d  '{"read_acls": ["{read_acls}"], "update_acls": ["{update_acls}"], "zones": ["{zone_names}"], "networks": [{networks}], "preference": {pref_number} }'  https://api.mycompany.net/v1/views/{view_name}

Example Request:

curl -X POST -H "X-NSONE-Key: $API_KEY" -d '{"filters":{},"read_acls":["private_net","staging_net"],"update_acls":["trusted_ips"],"zones":["mycompany.local","mycompany.net"],"networks":[1],"preference":0}' https://api.mycompany.net/v1/views/internal_view

Example Response:

{"name":"internal_view","networks":[1],"preference":0,"read_acls":["private_net","staging_net"],"update_acls":["trusted_ips"],"zones":["mycompany.local","mycompany.net"]}
Expand Code Examples

DELETE /v1/views/:name

DELETEDelete a DNS view

Removes an existing DNS view.

Path Parameters:

namestring(Required) Name of the DNS view you are deleting.

Copy CodeRemoves an existing DNS view.

curl -X DELETE -H "X-NSONE-Key: $API_KEY"  https://{api.mycompany.net}/v1/views/:name

Example Request:

curl -X DELETE -H "X-NSONE-Key: $API_KEY" 
https://api.mycompany.net/v1/views/internal_view
Expand Code Examples

GET /v1/config/views/preference

GETGet DNS View preference

Returns the preference number for all available views.

Copy CodeReturns the preference number for all available views

curl -X GET -H 'X-NSONE-Key: $API_KEY' https://{api.mycompany.net}/v1/config/views/preference

Example Response:

{
  "property1": 0,
  "property2": 0
}
Expand Code Examples

POST /v1/config/views/preference

POSTModify DNS View preference

Modifies preference number for the specified DNS view.

Copy CodeModifies the preference number for the specific DNS view

curl -X POST -H "X-NSONE-Key: $API_KEY" -d  '{   "{view_name}": {preference_number} }' https://{api.mycompany.net}/v1/config/views/preference

Example Request:

curl -X POST -H "X-NSONE-Key: $API_KEY" -d  '{
  "internalview": 1,
}' https://api.mycompany.net/v1/config/views/preference
Parameter

Type

Description
view_namestringName of the DNS view
preference_numberintegerDNS view order number
Expand Code Examples

Access control lists (DDI only)

GET /v1/acls

GETList all ACLs

View a list of all access control lists (ACLs).

Copy CodeReturns a list of all ACLs

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.mycompany.net/v1/acls

Example Response:

[{"name":"docker.acl","gss_tsig_identities":[],"src_prefixes":["172.18.11.0/24","127.0.0.1/32"],"tsig_keys":[]},{"name":"private_net","gss_tsig_identities":["test/[email protected]"],"src_prefixes":["172.18.11.0/24","192.168.0.11-192.168.0.56"],"tsig_keys":["my.test.key."]}]
Expand Code Examples

GET /v1/acls/{acl_name}

GETView ACL details

View details about the specified access control list (ACL).

Copy CodeReturns details about the specified ACL.

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/acls/{acl_name}

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" 
 https://api.mycompany.net/v1/acls/private_net 

Example Response:

{
  "name": "string",
  "src_prefixes": [
    "string"
  ],
  "tsig_keys": [
    "string"
  ],
  "gss_tsig_identities": [
    "string"
  ]
}
Expand Code Examples

PUT /v1/acls/{acl_name}

PUTCreate an ACL

An access control list (ACL) is a named object associated with one or more IP addresses, TSIG keys, or GSS-TSIG identities (service principals). You must specify at least one of these per ACL. One or more ACLs can be attached to a DNS view which is configured to either allow or deny those clients access for queries and updates.

Common use cases include creating an internal (corporate) view and an external (public) view, attaching ACLs that point IP addresses within your organization to the internal view and all other clients to the external view. This allows the internal or corporate user to view internal specific resources that are not viewable to the public audience.

Run the PUT command below to create one or more access control lists (ACLs).

Note: The order in which the attributes appear determines how each query is processed. From top to bottom, items of the same type (i.e. IP addresses, TSIG keys, or GSS-TSIG identity) are processed using logical “or” statements. Items of different types are processed as logical “and” statements.

Note: You can specify which clients should not be included in the ACL by entering an exclamation mark “!” before the address, subnet, or range. For example !1.0.1.100-1.0.1.200 indicates that this IP range should not be included in the ACL.

Path Parameters:

namestringName of the access control list (ACL) you are creating

Request Body Parameters:

src_prefixesarray of stringsList of prefixes (IP address, CIDR, or range). If not provided, this defaults to ["0.0.0.0/0", "::/0"]. Each prefix can have an optional ! negation mark at the begin and should be in CIDR or single-host format.
tsig_keysarray of stringsList of bound TSIG keys
gss_tsig_identitiesarray of stringsList of bound GSS-TSIG identities

Copy CodeCreate an ACL

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "src_prefixes":["{ip_range}"], "tsig-keys":["{tsig_key}"], "gss-tsig-identities":["{gss_tsig_id}"] }' https://{api.mycompany.net}/v1/acls/{acl_name}

Request URL:

https://{api.mycompany.net}/v1/acls/{acl_name}

Example Request:

{
  "src_prefixes": [
    "172.18.0.0/16",
    "!172.18.12.0/24"
  ],
  "tsig_keys": [
    "tsig3",
    "tsig4"
  ],
  "gss_tsig_identities": [
    "[email protected]",
    "[email protected]"
  ]
}

Example Response:

{
  "name": "string",
  "src_prefixes": [
    "string"
  ],
  "tsig_keys": [
    "string"
  ],
  "gss_tsig_identities": [
    "string"
  ]
}
Expand Code Examples

POST /v1/acls/{acl_name}

POSTEdit an ACL

Update an access control list (ACL). Refer to Create an access control list (ACL) for important notes and details about each parameter.

Note: The order in which the attributes appear determines how each query is processed. From top to bottom, items of the same type (i.e. IP addresses, TSIG keys, or GSS-TSIG identity) are processed using logical “or” statements. Items of different types are processed as logical “and” statements.

Note: You can specify which clients should not be included in the ACL by entering an exclamation mark “!” before the address, subnet, or range. For example !1.0.1.100-1.0.1.200 indicates that this IP range should not be included in the ACL.

Path Parameters:

namestringName of the access control list (ACL) you are modifying

Request Body Parameters:

src_prefixesarray of stringsList of prefixes (IP address, CIDR, or range). If not provided, this defaults to ["0.0.0.0/0", "::/0"]. Each prefix can have an optional ! negation mark at the begin and should be in CIDR or single-host format.
tsig_keysarray of stringsList of bound TSIG keys
gss_tsig_identitiesarray of stringsList of bound GSS-TSIG identities

Copy CodeModifies an ACL configuration

curl -X POST -H "X-NSONE-Key: $API_KEY" -d  '{ "src_prefixes":["{ip_range}"], "tsig-keys":["{tsig_key}"], "gss-tsig-identities":["{gss_tsig_id}"] }' https://api.mycompany.net/v1/acls/{acl_name}

Example Request:

{
  "src_prefixes": [
    "172.18.0.0/16",
    "!172.18.12.0/24"
  ],
  "tsig_keys": [
    "tsig3",
    "tsig4"
  ],
  "gss_tsig_identities": [
    "[email protected]",
    "[email protected]"
  ]
}

Example Response:

{
  "name": "string",
  "src_prefixes": [
    "string"
  ],
  "tsig_keys": [
    "string"
  ],
  "gss_tsig_identities": [
    "string"
  ]
}
Expand Code Examples

DELETE /v1/acls/{acl_name}

DELETEDelete an ACL

Deletes an access control list (ACL).

Copy CodeDeletes and ACL

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/acls/{acl_name}

Example Request:

curl -X DELETE -H "X-NSONE-Key: $API_KEY" 
 https://api.mycompany.net/v1/acls/private_net 
Expand Code Examples

TSIG

GET /v1/tsig

GETList TSIG keys

Returns all available TSIG keys.

Query Parameters:

offsetintegerNumber of TSIG keys to skip in the response.
limitintegerMaximum number of TSIG keys to return. A value of 0 equates to no limit.

Copy CodeReturns a list of TSIG keys

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/tsig

Example Response:

[
  {
    "name": "string",
    "algorithm": "hmac-sha1",
    "secret": "string"
  }
]
Expand Code Examples

GET /v1/tsig/:name

GETView TSIG key details

Returns details for the TSIG key specified in the path by its name.

Path Parameters:

namestringName of the TSIG key. This should be a valid domain.

Copy CodeReturns TSIG key details

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/tsig/:name

Example Response:

{
  "name": "string",
  "algorithm": "hmac-sha1",
  "secret": "string"
}
Expand Code Examples

PUT /v1/tsig/:name

PUTCreate a TSIG key

Creates a new TSIG key. Note that you must include a JSON body in the request with the algorithm and secret.

Path Parameters:

namestringName of the TSIG key you are creating. This should be a valid domain name.

Request Body Parameters:

algorithmstring (enum)(Required) TSIG key algorithm. Supported values include:"hmac-sha1", "hmac-sha224", "hmac-sha256", "hmac-sha384", "hmac-sha512", "hmac-md5"
secretstringTSIG key secret encoded into Base64.


Copy CodeCreates a new TSIG key

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{   "algorithm": "hmac-sha512",   "secret": "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw==" }' https://{api.mycompany.net}/v1/tsig/:name

Example Request:

{
  "algorithm": "hmac-sha512",
  "secret": "Ok1qR5IW1ajVka5cHPEJQIXfLyx5V3PSkFBROAzOn21JumDq6nIpoj6H8rfj5Uo+Ok55ZWQ0Wgrf302fDscHLw=="
}

Example Response:

{
  "name": "string",
  "algorithm": "hmac-sha1",
  "secret": "string"
}
Expand Code Examples

POST /v1/tsig/:name

POSTModify a TSIG key

Modifies an existing TSIG key. You must include a JSON body in the request, which may contain key algorithm and/or secret.

Path Parameters:

namestring(Required) Name of the TSIG key you are modifying. This should be a valid domain name.

Request Body Parameters:

algorithmstring (enum)TSIG key algorithm. Supported values include: "hmac-sha1" "hmac-sha224" "hmac-sha256" "hmac-sha384" "hmac-sha512" "hmac-md5"
secretstringTSIG key secret encoded into Base64.

Copy CodeEdits the specified TSIG key

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{ "algorithm": "hmac-sha1", "secret": "$TSIG_KEY" }' https://{api.mycompany.net}/v1/tsig/:name

Example Request:

{
  "algorithm": "hmac-sha1",
  "secret": "string"
}

Example Response:

{
  "name": "string",
  "algorithm": "hmac-sha1",
  "secret": "string"
}
Expand Code Examples

DELETE /v1/tsig/:name

DELETERemove a TSIG key

Deletes the TSIG key specified in the path by its name.

Path Parameters:

namestring(Required) Name of the TSIG key you are deleting.

Copy CodeRemoves the specified TSIG key

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/tsig/:name

Data Sources & Feeds

Data Sources

GET /v1/data/sourcetypes

GET View available data sources types

Returns a list of all available data source types. For any third-party data sources, you must have an account with the provider. Often, there are additional steps you must take with the provider to connect your data source — these are explained in the desc field which is HTML. Response includes any config options for the data source, required or optional; and any feed_config options for data feeds connected to the source.

Request URL:

https://api.nsone.net/v1/data/sourcetypes

Example Response:

{
  "monitis": {
    "desc": "Monitis is a monitoring solution.  To use this data source,\n    first create a new \"URL\" contact in your Monitis account with the NSONE\n    Feed URL.  When creating data feeds, set the \"Test Name\" field to\n    the name of the test in Monitis.  Make sure you set the \"Notify when\n    back up\" rule in Monitis for all your connected tests.  Data feeds from\n    this source update the <code>up</code> metadata field.",
    "config": {
      "api_key": {
        "desc": "Your Monitis API Key (in your Monitis dashboard, click Account, API Key)",
        "type": "text",
        "shortdesc": "Monitis API Key",
        "validator": "text",
        "required": true,
        "default": null
      },
      "secret_key": {
        "desc": "Your Monitis Secret Key (in your Monitis dashboard, click Account, API Key)",
        "type": "text",
        "shortdesc": "Monitis Secret Key",
        "validator": "text",
        "required": true,
        "default": null
      }
    },
    "feed_config": {
      "test_name": {
        "desc": "The name of the test in Monitis that corresponds to this feed",
        "type": "text",
        "shortdesc": "Test Name",
        "validator": "text",
        "required": true,
        "default": null
      }
    },
    "shortdesc": "Monitis Alert Notification"
  },
  "cloudwatch": {
    "desc": "Amazon Cloudwatch is a monitoring solution for Amazon\n    Web Services.  You must configure your Cloudwatch alarms to\n    publish messages to a Simple Notification Service (SNS) topic for\n    your NSONE Feed.  First, in the SNS console, create a topic for\n    your alarms; then create an HTTPS subscription for the topic with\n    your NSONE Feed URL.  Do not associate your Data Source with more\n    than one topic in SNS (you can always create another Data Source).\n    Ensure your Cloudwatch alarms send notifications to this SNS topic\n    and specify the Alarm Name of a Cloudwatch alarm when creating a\n    new Data Feed.  Data feeds from this source update the\n    <code>up</code> metadata field.",
    "config": {},
    "feed_config": {
      "alarm_name": {
        "desc": "The name of the Cloudwatch Alarm that corresponds to this feed",
        "type": "text",
        "shortdesc": "Alarm Name",
        "validator": "text",
        "required": true,
        "default": null
      }
    },
    "shortdesc": "Cloudwatch Alarm Notification"
  },
  "nsone_v1": {
    "desc": "The native NSONE data source, our own API.  Requires\n    normal NSONE API authentication via the <code>X-NSONE-Key</code>\n    header when sending requests to the Feed URL.  The body of your\n    data feed request must be a JSON object containing <b>either</b>\n    simple key/value pairs as in any normal record/region/answer\n    metadata table, e.g. <code>{\"up\": true}</code>, in which case the\n    updated values will be applied to <b>all</b> data feeds associated\n    with this data source; <b>or</b>, an object where keys match the\n    <code>label</code> for data feeds from this source, and values are\n    metadata update tables.  Data feeds from this source may update\n    any metadata field.",
    "config": {},
    "feed_config": {
      "label": {
        "desc": "Short/simple label for the service this feed is\n              for, like a server name, facility name, etc.",
        "type": "text",
        "shortdesc": "Label",
        "validator": "text",
        "required": true,
        "default": null
      }
    },
    "shortdesc": "NSONE Data Feed API v1"
  },
  ...
}
Expand Code Examples

GET /v1/data/sources

GET View active data sources

Returns a list of all connected data sources, and for each data source, all connected feeds including connected metadata table destinations.

Request URL:

https://api.nsone.net/v1/data/sources

Example Request:

[
  {
    "name": "string",
    "sourcetype": "string",
    "config": {
      "property1": "string",
      "property2": "string"
    },
    "feeds": [],
    "id": "abfa2a71776ae5246724dce7b53c4371"
  }
]
Expand Code Examples

GET /v1/data/sources/:sourceid

GET View a single data source

Returns the details for a single data source — including configuration details, all connected data feeds, and, within each connected data feed, any associated metadata table (destinations).

Path parameters:

sourceIDstring(Required) Unique identifier for the data source

Copy CodeReturns details for the specified data source

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/data/sources/:sourceid

Request URL:

https://api.nsone.net/v1/data/sources/:sourceid

Example URL:

https://api.nsone.net/v1/data/sources/f443e609c9a9182b3dab56b7abd74546

Example Response:

{
  "sourcetype": "rackspace",
  "id": "f443e609c9a9182b3dab56b7abd74546",
  "config": {
    "webhook_token": "none"
  },
  "feeds": [
    {
      "destinations": [],
      "id": "520849a99f782d5b1a10a86d",
      "data": {
        "up": "false"
      },
      "config": {
        "entity_id": "enAAAAA",
        "alarm_id": "alAAAA"
      },
      "name": "server.example.com alert"
    }
  ],
  "name": "My Rackspace Source",
  "status": "ok"
}
Expand Code Examples

PUT /v1/data/sources

PUT Connect a new data source

Creates a new data source. You may create multiple data sources of the same type (e.g., to correspond to different accounts with a data provider). The config for the source must contain fields corresponding to the config description in /data/sourcetypes for the sourcetype you specify. Some data sources are immediately connected; others enter a pending state awaiting activity from the data source, e.g., a verification request. See the documentation for the source from /data/sourcetypes.

Path parameters:

namestringName of the data source
sourcetypestringType of data source
configobjectConfiguration property name and value based on the source type. This object must contain fields that correspond to the config description in /data/sourcetypes for the sourcetype specified.

Copy CodeConnect a Catchpoint data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "catchpoint", "name": "catchpoint source", "config": {} }' https://api.nsone.net/v1/data/sources

Copy CodeConnect a Cloudwatch data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"sourcetype":"cloudwatch", "name":"My Cloudwatch Topic", "config":{}}' https://api.nsone.net/v1/data/sources

After creating the Cloudwatch data source in NSONE, create an SNS topic in your Amazon account, connect any alerts you want to feed to NSONE to that topic, and create an HTTPS subscription for the topic with the NSONE Feed URL (https://api.nsone.net/v1/feed/:feedid). New data feeds for this source should specify the Alarm Name of a Cloudwatch alarm.

Copy CodeConnect a Datadog data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "datadog", "name": "datadog source", "config": {} }' https://api.nsone.net/v1/data/sources

Copy CodeConnect a New Relic data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "newrelic_webhook", "name": "newrelic_webhook source", "config": { "account_id": 1 } }' https://api.nsone.net/v1/data/sources

Copy CodeConnect an NS1 monitoring webhook

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "nsone_monitoring", "name": "nsone_monitoring source", "config": {} }' https://api.nsone.net/v1/data/sources

Copy CodeConnect a native NS1 data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "nsone_v1", "name": "nsone_v1 source", "config": {} }' https://api.nsone.net/v1/data/sources

Copy CodeConnect a Pingdom data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "pingdom", "name": "pingdom source", "config": {} }' https://api.nsone.net/v1/data/sources

Copy CodeConnect a Rackspace data source

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{ "sourcetype": "rackspace", "name": "rackspace source", "config": { "webhook_token": "abcd1234" }}' https://api.nsone.net/v1/data/sources

Request URL:

https://api.nsone.net/v1/data/sources

Example Response:

{
  "name": "string",
  "sourcetype": "string",
  "config": {
    "property1": "string",
    "property2": "string"
  },
  "feeds": [],
  "id": "abfa2a71776ae5246724dce7b53c4371"
}
Expand Code Examples

POST /v1/data/sources/:sourceid

POST Edit a data source

Modifies basic details or configuration of a data source. You must include a JSON body in the request. You may update name and config details.

Path parameters:

sourceIDstring(Required) Unique identifier for the data source you are modifying

Copy CodeEdits the specified data source

curl -X POST -H 'X-NSONE-Key: $API_KEY' -d '{ "name": "string", "sourcetype": "string", "config": { "property1": "string", "property2": "string" }, "feeds": [] }' https://api.nsone.net/v1/data/sources/:sourceid

Request URL:

https://api.nsone.net/v1/data/sources/:sourceid

Example URL:

https://api.nsone.net/v1/data/sources/0e308ec0266d9127d166e0cbd7ceffda

Example Request:

{
  "name": "Monitor.us New Name"
}

Example Response:

{
  "sourcetype": "monitor_us",
  "id": "0e308ec0266d9127d166e0cbd7ceffda",
  "config": {
    "api_key": "15PSVFCXA377TGUY0FJA7T9VZY",
    "secret_key": "47AOG8ATA1QNUC3H3UH2DRBXYZ"
  },
  "feeds": [],
  "name": "Monitor.us New Name",
  "status": "ok"
}
Expand Code Examples

DELETE /v1/data/sources/:sourceid

DELETE Delete a data source

Removes an existing data source and all connected feeds from the source. By extension, all metadata tables connected to those feeds will no longer receive updates. We will no longer accept updates on the Feed URL for this data source. This method has no response other than the HTTP status code.

Path parameters:

sourceIDstring(Required) Unique identifier of the data source

Copy CodeDeletes the specified data source

curl -X DELETE -H 'X-NSONE-Key: $API_KEY' https://api.nsone.net/v1/data/sources/:sourceid

Request URL:

https://api.nsone.net/v1/data/sources/:sourceid

Example URL:

https://api.nsone.net/v1/data/sources/0e308ec0266d9127d166e0cbd7ceffda

Data Feeds

GET https://api.nsone.net/v1/data/feeds/:sourceid

GETView active data feeds for a source

Returns all data feeds connected to a source. Includes config details for each feed which match the feed_config specification from /data/sourcetypes, and also includes a list of metadata tables that are destinations for each feed.

Request URL:

https://api.nsone.net/v1/data/feeds/:sourceid

Example URL:

https://api.nsone.net/v1/data/feeds/0e308ec0266d9127d166e0cbd7ceffda

Example Response:

[
  {
    "destinations": [
      {
        "destid": "520519509f782d58bb4df418",
        "desttype": "answer",
        "record": "520519509f782d58bb4df419"
      }
    ],
    "id": "520533b89f782d5b1a10a851",
    "data": {
      "up": "true"
    },
    "config": {
      "label": "server-1"
    },
    "name": "Server 1 Feed"
  },
  {
    "destinations": [
      {
        "destid": "5205338e9f782d5b1a10a84e",
        "desttype": "answer",
        "record": "520519509f782d58bb4df419"
      }
    ],
    "id": "520533c09f782d5b1a10a852",
    "data": {
      "up": "true"
    },
    "config": {
      "label": "server-2"
    },
    "name": "Server 2 Feed"
  },
  {
    "destinations": [
      {
        "destid": "5205338e9f782d5b1a10a84f",
        "desttype": "answer",
        "record": "520519509f782d58bb4df419"
      }
    ],
    "id": "520533dc9f782d5b1a10a854",
    "data": {
      "up": "false"
    },
    "config": {
      "label": "server-8"
    },
    "name": "Server 8 Feed"
  },
  {
    "destinations": [
      {
        "destid": "5205338e9f782d5b1a10a850",
        "desttype": "answer",
        "record": "520519509f782d58bb4df419"
      }
    ],
    "id": "520533e49f782d5b1a10a855",
    "data": {
      "up": "true"
    },
    "config": {
      "label": "server-9"
    },
    "name": "Server 9 Feed"
  }
]

ParameterTypeDescriptionRequired?
sourceidStringYes
Expand Code Examples

GET https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

GETView data feed details

Returns the details of a single data feed, including config details and any recordregion, or answer metadata table destinations.

Request URL:

https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

Example URL:

https://api.nsone.net/v1/data/feeds/0e308ec0266d9127d166e0cbd7ceffda/520533c09f782d5b1a10a852

Example Response:

{
  "destinations": [
    {
      "destid": "5205338e9f782d5b1a10a84e",
      "desttype": "answer",
      "record": "520519509f782d58bb4df419"
    }
  ],
  "id": "520533c09f782d5b1a10a852",
  "data": {
    "up": "true"
  },
  "config": {
    "label": "server-2"
  },
  "name": "Server 2 Feed"
}

ParameterTypeDescriptionRequired?
sourceidStringYes
feedidStringYes
Expand Code Examples

PUT https://api.nsone.net/v1/data/feeds/:sourceid

PUTConnect a new data feed to a data source

Given an existing data source, connects a new data feed to the source with a given (freeform) name and config matching the specification in feed_config from /data/sourcetypes. In this example, we connect a Rackspace Cloud Monitoring Alarm (using the Rackspace Alarm id and Entity id for the Alarm). To subsequently connect the feed to destinations (such as record answers), you should modify the record to connect a specific metadata key (which the feed is compatible with) via a feed pointer object to this feed id. See the documention for /zones/:zone/:domain/:type.

Copy CodeConnect a feed from a Rackspace data source

curl -X PUT -H 'X-NSONE-Key: qACMD09OJXBxT7XOuRs8' -d '{"name":"server.example.com alert", "config":{"entity_id":"enAAAAA", "alarm_id":"alAAAAA"}}' https://api.nsone.net/v1/data/feeds/f443e609c9a9182b3dab56b7abd744342

You must have already connected a Rackspace Cloud Monitoring data source. In this example we specify Cloud Monitoring Entity and Alarm ids — we can also optionally specify a Check id.

Request URL:

https://api.nsone.net/v1/data/feeds/:sourceid

Example URL:

https://api.nsone.net/v1/data/feeds/0e308ec0266d9127d166e0cbd7ceffda

Example Request:

{
  "config": {
    "alarm_id": "a1AAAAA",
    "entity_id": "enAAAAA"
  },
  "name": "server.example.com alert"
}

Example Response:

{
  "destinations": [ ],
  "id": "5208fd909f782d3d253d62ae",
  "data": { },
  "config": {
    "entity_id": "enAAAAA",
    "alarm_id": "a1AAAAA"
  },
  "name": "server.example.com alert"
}
Expand Code Examples

POST https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

POSTModify a data feed

You may update name or config.

To connect the feed to destinations (such as record answers), you should instead modify the record to connect a specific metadata key (which the feed is compatible with) via a feed pointer object to this feed id. See the documention for /zones/:zone/:domain/:type.

Request URL:

https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

Example URL:

https://api.nsone.net/v1/data/feeds/0e308ec0266d9127d166e0cbd7ceffda/5208fd909f782d3d253d62ae

Example Request:

{
  "name": "new name"
}

Example Response:

{
  "destinations": [
    {
      "destid": "us-east",
      "desttype": "region",
      "record": "520519509f782d58bb4df419"
    },
    {
      "destid": "520519509f782d58bb4df418",
      "desttype": "answer",
      "record": "520519509f782d58bb4df419"
    }
  ],
  "id": "5208fd909f782d3d253d62ae",
  "config": {
    "entity_id": "enAAAAA",
    "alarm_id": "a1AAAAA"
  },
  "name": "new name"
}

ParameterTypeDescriptionRequired?
sourceidStringYes
feedidStringYes
Expand Code Examples

DELETE https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

DELETEDisconnect a data feed

The feed will be disconnected from the data source and all attached destination metadata tables. The data source will not be removed and updates to remaining connected data feeds will still be processed.

Request URL:

https://api.nsone.net/v1/data/feeds/:sourceid/:feedid

Example URL:

https://api.nsone.net/v1/data/feeds/0e308ec0266d9127d166e0cbd7ceffda/5208fd909f782d3d253d62ae

ParameterTypeDescriptionRequired?
sourceidStringYes
feedidStringYes

POST https://api.nsone.net/v1/feed/:sourceid

POSTPublish data from a data source

This is the Feed URL for a data source. Many data sources connect directly to this URL to feed data to NSONE, and in general you must configure them to do so according to the instructions for the data source (see /data/sourcetypes). The request sent to this URL depends on the type of the data source — usually, each data source has its own request protocol. For convenience, this URL accepts GETPUT, and POST requests, but POST is preferred.

You can feed data to the Feed URL directly for your NSONE API data sources (sourcetype of nsone_v1), as shown in the example.

Updates sent to the Feed URL that match any data feeds connected to the data source are applied to all destinations in the feeds and pushed out to our DNS network instantly.



Copy CodePush an update to an NS1 API data feed

curl -X POST -H 'X-NSONE-Key: qACMD09OJXBxT7XOuRs8' -d '{"server-1": {"up":false}, "server-2": {"up":true}}' https://api.nsone.net/v1/feed/a53252f9e583c6708331a1daeb172e12

In this case we assume two data feeds already exist for an NSONE API data source. The data feeds have labels server-1 and server-2 (we might connect them to answers representing those servers in some DNS records). This update tells NSONE that server-1 is down, and server-2 is up. Any records which have their up meta key connected to one of these feeds will be affected.

Request URL:

https://api.nsone.net/v1/feed/:sourceid

Example URL:

https://api.nsone.net/v1/feed/0e308ec0266d9127d166e0cbd7ceffda

Example Request:

{
  "server-1": {
    "up": false
  },
  "server-2": {
    "up": true
  }
}

ParameterTypeDescriptionRequired?
sourceidStringYes
Expand Code Examples

Filter Chain

Filters

Cost

The cost filter examines the “cost” metadata field, and sorts all the answers in the record based on that value from lowest to highest. By default it does not eliminate any answers.

Input Metadata

Type

cost

Positive float

Config Option

Type

Required?

Default

Explanation

eliminate

boolean

no

false

If enabled, rather than sorting and returning all answers, the cost filter will find the answer with the lowest cost value and return only that, eliminating all others. (If there are multiple answers tied for lowest cost, it will return all of them.)

Note: any answers that do not have any associated cost metadata will always be considered last. The filter will always put them at the end of the sort order, and they will always be eliminated by the “eliminate” option (unless there are no answers with cost metadata, in which case the filter will do nothing)

Geofence Country

The geofence_country filter eliminates answers which are not in the same country (and, if applicable, US state or Canadian province) as the requester.

Input Metadata

Type

country

2 character ISO code (“US”, “GB”, “JP”, etc), or list of several countries

us_state

2 character state code (“NY”, “CA”, “IL”, “CT”, etc), or list of several states

ca_province

2 character province code (“QC”, “ON”, “MB”, etc), or list of several provinces

subdivisionISO-3166-2 code for a country and subdivisions

Config Option

Type

Required?

Default

Explanation

remove_no_location

boolean

no

true

If any answers have a location matching the requester, then eliminate all answers without any location. If set to false, then answers without location are kept instead.

Example Request:

GET   https://api.nsone.net/v1/zones/:zone/:domain/:type

Example Response:

{
    "domain": "legacy.geo1.testing",
    "use_client_subnet": true,
    "answers": [
        {
            "answer": [
                "3.3.3.3"
            ],
            "meta": {
                "ca_province": [
                    "ON",
                    "QC"
                ],
                "us_state": [
                    "NY",
                    "NJ",
                    "PA",
                    "CT"
                ]
            },
            "id": "5e81fd228fdbc30af7d9a332"
        },
        {
            "answer": [
                "4.4.4.4"
            ],
            "meta": {
                "ca_province": [
                    "AB",
                    "BC"
                ],
                "us_state": [
                    "CA",
                    "OR",
                    "WA"
                ]
            },
            "id": "5e81fd228fdbc30af7d9a333"
        }
    ],
    "meta": {},
    "link": null,
    "filters": [
        {
            "filter": "geofence_country",
            "config": {
                "remove_no_location": "1"
            }
        }
    ],
    "ttl": 3600,
    "tier": 3,
    "override_ttl": false,
    "zone": "geo1.testing",
    "id": "5e81fd228fdbc30af7d9a334",
    "networks": [
        0
    ],
    "regions": {},
    "type": "A"
}

Example Response:

{
    "domain": "new.geo1.testing",
    "use_client_subnet": true,
    "answers": [
        {
            "answer": [
                "1.1.1.1"
            ],
            "meta": {
                "subdivisions": {
                    "RU": [
                        "MOS"
                    ]
                }
            },
            "id": "5e81fd108fdbc30d0806422e"
        },
        {
            "answer": [
                "2.2.2.2"
            ],
            "meta": {
                "subdivisions": {
                    "US": [
                        "NY"
                    ]
                }
            },
            "id": "5e81fd108fdbc30d0806422f"
        }
    ],
    "meta": {},
    "link": null,
    "filters": [
        {
            "filter": "geofence_country",
            "config": {
                "remove_no_location": "1"
            }
        }
    ],
    "ttl": 3600,
    "tier": 3,
    "override_ttl": false,
    "zone": "geo1.testing",
    "id": "5e81fd108fdbc30d08064230",
    "networks": [
        0
    ],
    "regions": {},
    "type": "A"
}
Expand Code Examples

Geofence Regional

The geofence_regional filter eliminates answers which are not in the same geographical region (e.g., Europe, Asiapac, or US-East) as the requester.

Input Metadata

Type

georegion

One of “US-EAST”, “US-WEST”, “US-CENTRAL”, “EUROPE”, “SOUTH-AMERICA”, “AFRICA”, “ASIAPAC”; or a list of several of these

Config Option

Type

Required?

Default

Explanation

remove_no_georegion

boolean

no

true

If any answers have a georegion matching the requester, then eliminate all answers without any georegion. If set to false, then answers without georegion are kept instead.

Geotarget Country

The geotarget_country filter sorts answers by distance to the country (and, if applicable, US state or Canadian province) of the requester.

Input Metadata

Type

country

2 character ISO code (“US”, “GB”, “JP”, etc), or list of several countries

us_state

2 character state code (“NY”, “CA”, “IL”, “CT”, etc), or list of several states

ca_province

2 character province code (“QC”, “ON”, “MB”, etc), or list of several provinces

subdivisionISO-3166-2 code for a country and subdivisions

Example Request:

GET   https://api.nsone.net/v1/zones/:zone/:domain/:type

Example Response:

{
    "domain": "legacy.geo1.testing",
    "use_client_subnet": true,
    "answers": [
        {
            "answer": [
                "3.3.3.3"
            ],
            "meta": {
                "ca_province": [
                    "ON",
                    "QC"
                ],
                "us_state": [
                    "NY",
                    "NJ",
                    "PA",
                    "CT"
                ]
            },
            "id": "5e81fd228fdbc30af7d9a332"
        },
        {
            "answer": [
                "4.4.4.4"
            ],
            "meta": {
                "ca_province": [
                    "AB",
                    "BC"
                ],
                "us_state": [
                    "CA",
                    "OR",
                    "WA"
                ]
            },
            "id": "5e81fd228fdbc30af7d9a333"
        }
    ],
    "meta": {},
    "link": null,
    "filters": [
        {
            "filter": "geotarget_country",
            "config": {
            }
        }
    ],
    "ttl": 3600,
    "tier": 3,
    "override_ttl": false,
    "zone": "geo1.testing",
    "id": "5e81fd228fdbc30af7d9a334",
    "networks": [
        0
    ],
    "regions": {},
    "type": "A"
}

Example Response:

{
    "domain": "new.geo1.testing",
    "use_client_subnet": true,
    "answers": [
        {
            "answer": [
                "1.1.1.1"
            ],
            "meta": {
                "subdivisions": {
                    "RU": [
                        "MOS"
                    ]
                }
            },
            "id": "5e81fd108fdbc30d0806422e"
        },
        {
            "answer": [
                "2.2.2.2"
            ],
            "meta": {
                "subdivisions": {
                    "US": [
                        "NY"
                    ]
                }
            },
            "id": "5e81fd108fdbc30d0806422f"
        }
    ],
    "meta": {},
    "link": null,
    "filters": [
        {
            "filter": "geotarget_country",
            "config": {
            }
        }
    ],
    "ttl": 3600,
    "tier": 3,
    "override_ttl": false,
    "zone": "geo1.testing",
    "id": "5e81fd108fdbc30d08064230",
    "networks": [
        0
    ],
    "regions": {},
    "type": "A"
}
Expand Code Examples

Geotarget Latlong

The geotarget_latlong filter sorts answers by distance to the requester based on latitude and longitude.

Input Metadata

Type

latitude

Float between -90 and 90

longitude

Float between -180 and 180

Geotarget Regional

The geotarget_regional filter sorts answers by distance to the geographical region (e.g., Europe, Asiapac, or US-East) of the requester.

Input Metadata

Type

georegion

One of “US-EAST”, “US-WEST”, “US-CENTRAL”, “EUROPE”, “SOUTH-AMERICA”, “AFRICA”, “ASIAPAC”; or a list of several of these

Netfence ASN

The netfence_asn filter eliminates answers whose ASN does not match the ASN of the requester’s IP.

Input Metadata

Type

asn

List of integers

Config Option

Type

Required?

Default

Explanation

remove_no_asn

boolean

no

true

If any answers have an ASN matching the requester, then eliminate all answers without any ASN. If set to false, then answers without ASN are kept instead.

Netfence Prefix

The netfence_prefix filter eliminates answers whose list of ip prefixes does not match the requester’s IP.

Input Metadata

Type

ip_prefixes

List of strings

Config Option

Type

Required?

Default

Explanation

remove_no_ip_prefixes

boolean

no

true

If any answers have an ip prefix matching the requester, then eliminate all answers without any ip prefix. If set to false, then answers without ip prefix are kept instead.

Priority

The priority filter examines the “priority” metadata field, and finds the lowest priority value from among all answers. It then returns all the answers that have exactly that priority value.

Input Metadata

Type

priority

Unsigned (non-negative) int - should be between 0 and 5. By default, lower numbers correspond to a higher “priority” - an answer with a priority of 0 will be picked over one with a priority of 1.

Config Option

Type

Required?

Default

Explanation

eliminate

boolean

no

true

If enabled, rather than sorting and returning all answers, the priority filter will just find the answer with the lowest priority value and return only that, eliminating all others. (If there are multiple answers tied for highest priority, it will return all of them.)

If this is set to “false”, then the filter sorts the answers rather than eliminating them, just like the Cost filter does.

Note: any answers that do not have any associated priority metadata will always be considered last. They will always be eliminated (unless no answers have priority metadata, in which case the filter will do nothing), and the “sort” option will always put them at the end of the sort order.

Pulsar

The Pulsar filter sorts answers based on real-time routing data. Each answer is associated with a specific jobid, which is tied to a job that gathers statistics and telemetry that is used to rate the answer.

The Pulsar filter requires the “pulsar” input metadata field, which is a custom data structure. It always must be a dictionary, nested inside a list. The fields of the dictionary are as follows:

Parameter

Type

Description

Example

Required?    

job_id

string

The string ID of the pulsar job to be associated with this record.

‘abc123’

Yes

granularities

List of strings    

Specifies whether to use “geo”, “geo_asn” or both. We recommend using both.

Only 3 possible values: [‘geo’], [‘asn’], or [‘geo_asn’]    

Yes

bias

string

The bias to be associated with this answer - when Pulsar is comparing different latencies, it will apply this modifier to this answer to prioritize or de-prioritize it. Must take the form of a mathematical operator (one of ‘+’, ‘-’, or ‘*’) followed by a number which must be a positive float. The ‘+’ and ‘-’ operators add or subtract the specified number of milliseconds to the answer’s latency, and the ‘*’ operator scales the answer’s latency by the specified amount.

‘+10’, ‘-55’, ‘*0.5’, ‘*2’    

No

a5m_cutoff

float

The 5 minute availability cutoff to be associated with this answer. If availability of the Pulsar job associated with this answer over the last 5 minutes is lower than this value, this answer will be excluded from consideration. Must be a float between 0 and 1 (inclusive).

0.9

No

Config Option

Type

Required?

Default

Explanation

sort_descending

boolean

no

false

If enabled, the Pulsar filter sorts answers in descending order, from highest to lowest (instead of from lowest to highest). This is useful if the Pulsar metric you are routing with is best when maximized.

Example Request:

Example:
“meta”: {
	“pulsar”: [
		{
			“jobid”: “abc123”,
			“granularities”: [“geo”, “geo_asn”],
			“bias”: “+30”,
			“a5m_cutoff”: 0.85
}
]
}

Expand Code Examples

Pulsar Stabilize

The pulsar_stabilize filter analyzes real-time routing data, just like the Pulsar filter, but instead of sorting answers, it eliminates all answers that are a certain amount worse than the best answer. Therefore, all answers that perform “reasonably close” to best are kept, and what exactly constitutes “reasonably” can be configured by the user. All answers that aren’t eliminated are kept in the same order as before, so the results of any previous filters are maintained.

The pulsar_stabilize filter requires the “pulsar” input metadata field, which is a custom data structure. It always must be a dictionary, nested inside a list. The fields of the dictionary are as follows:

Parameter

Type

Description

Example

Required?    

job_id

string

The string ID of the Pulsar job to be associated with this record.

‘abc123’

Yes

granularities    

List of strings    

Specifies whether to use “geo”, “geo_asn” or both. We recommend using both.

Only 3 possible values: [‘geo’], [‘asn’], or [‘geo_asn’]    

Yes

bias

string

The bias to be associated with this answer - when Pulsar is comparing different latencies, it will apply this modifier to this answer to prioritize or de-prioritize it. Must take the form of a mathematical operator (one of ‘+’, ‘-’, or ‘*’) followed by a number which must be a positive float. The ‘+’ and ‘-’ operators add or subtract the specified number of milliseconds to the answer’s latency, and the ‘*’ operator scales the answer’s latency by the specified amount.

‘+10’, ‘-55’, ‘*0.5’, ‘*2’    

No

a5m_cutoff

float

The 5 minute availability cutoff to be associated with this answer. If availability of the Pulsar job associated with this answer over the last 5 minutes is lower than this value, this answer will be excluded from consideration. Must be a float between 0 and 1 (inclusive).

0.9

No

Config Option

Type

Required? 

Default 

Explanation

stabilization_threshold 

string

yes

Defines the threshold to use to decide which answers are kept. This is a string, which must contain a positive int, optionally followed with a ‘%’ sign. (E.x.: ‘100’, ‘30%’) If the value is just an int, then the cutoff value is calculated as the value (e.g., latency) of the best performing answer, plus this number of milliseconds. If the value is a percentage, then the cutoff will be the value of the best performing answer, plus that percentage of itself. (So if the stabilization_threshold is ‘30%’, the cutoff will be 130% of the best answer’s latency.)

sort_descending

boolean 

no

false

If enabled, the pulsar_stabilize filter bases the cutoff on the highest answer instead of the lowest, and removes all answers below that cutoff instead of above. The cutoff will be the pulsar value of the highest answer, minus whatever amount is specified by the stabilization_threshold, instead of plus like normal.


Example Request:

Example:
“meta”: {
	“pulsar”: [
		{
			“jobid”: “abc123”,
			“granularities”: [“geo”, “geo_asn”],
			“bias”: “+30”,
			“a5m_cutoff”: 0.85
}
]
}

Config Option

Type

Required?

Default

Explanation

stabilization_threshold

string

yes

Defines the threshold to use to decide which answers are kept. This is a string, which must contain a positive int, optionally followed with a ‘%’ sign. (E.x.: ‘100’, ‘30%’) If the value is just an int, then the cutoff value is calculated as the value (e.g., latency) of the best performing answer, plus this number of milliseconds. If the value is a percentage, then the cutoff will be the value of the best performing answer, plus that percentage of itself. (So if the stabilization_threshold is ‘30%’, the cutoff will be 130% of the best answer’s latency.)

sort_descending

boolean

no

false

If enabled, the pulsar_stabilize filter bases the cutoff on the highest answer instead of the lowest, and removes all answers below that cutoff instead of above. The cutoff will be the pulsar value of the highest answer, minus whatever amount is specified by the stabilization_threshold, instead of plus like normal.

Expand Code Examples

Select First N

The select_first_n filter eliminates all answers except for the first N, where N is specified in the filter config.

Config Option

Type

Required?

Default

Explanation

N

int

no

1

The number of answers to keep. All answers after the first N answers will be eliminated.    

Select First Region

The select_first_region filter simply returns all answers in the same region as the first answer. There is no metadata input or filter config. In the portal this is called “select first group”.

Shed Load

The shed_load filter proportionally eliminates or keeps answers based on how the load (or another selected metric) compares to the answer’s configured low and high watermarks. If the metric is lower than the low water mark, the answer will ALWAYS be kept. If the metric is higher than the high water mark, the answer will ALWAYS be removed. If the metric is between the low and high watermarks, it will be randomly kept or discarded with a probability based on where it is relative to the watermarks. (e.g., exactly halfway between the watermarks means a 50% chance of being discarded, a low watermark of 10 with a high watermark of 20 and a metric of 12 means a 20% chance of being discarded, etc)

Config Option

Type

Required?

Default

Explanation

metric

String - one of ‘loadavg’, ‘connections’, or ‘requests’

yes

‘loadavg’

The metadata field to use with the low/high watermark to determine load to shed. Allows logic to be based on average load, number of connections, or number of requests.


Input Metadata

Type

low_watermark

float

high_watermark

float

loadavg

float

connections

int

requests

int

Shuffle

 The shuffle filter randomly sorts the answers. There is no metadata input or filter config.

Sticky Shuffle

The sticky filter sorts answers uniquely based on the IP address of the requester. This means that while different requesters get random orderings of answers, the same requester always gets the same results.

Sticky Region

The sticky filter sorts regions uniquely based on the IP address of the requester. This ensures that the same requester always gets an answer from the same region.

Config Option

Type

Required?

Default

Explanation

sticky_by_network

bool

no

false

Apply stickiness by subnet rather than individual IP (/24 for IPv4 or /56 for IPv6). Useful to help ensure users load balanced across multiple recursors get the same answer.

Up

The up filter eliminates all answers where the “up” metadata field is false or missing

Input Metadata

Type

up

‘true’, ‘false’, ‘1’, ‘0’, or int or boolean

Weighted Shuffle

The weighted_shuffle filter shuffles answers randomly based on their “weight”. Answers with higher weight will be first more often.

Input Metadata

Type

weight

float

Weighted Sticky Shuffle

The weighted_sticky filter shuffles answers randomly based on their “weight”, AND maintains consistency per requester like the sticky shuffle filter. Answers with higher weight will be first more often, and the same requester will consistently get the same results.

Config Option

Type

Required?

Default

Explanation

sticky_by_network

bool

no

false

Apply stickiness by subnet rather than individual IP (/24 for IPv4 or /56 for IPv6). Useful to help ensure users load balanced across multiple recursors get the same answer.

Input Metadata

Type

weight

float

Monitoring & Notifications

Monitoring Jobs

GET /v1/monitoring/jobs

GET List monitoring jobs

Returns the list of all monitoring jobs for the account, including configuration and current status details. Job status is shown per region, including the "global" region indicating the overal status of the monitoring job computed based on the status policy from the regional statuses. Status values both globally and per region include updown, and pending.

Copy CodeReturns a list of all monitoring jobs

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/monitoring/jobs

Request URL:

https://api.nsone.net/v1/monitoring/jobs

Example Response:

[
  {
    "id": "52a27d4397d5f07003fdbe7b",
    "config": {
      "host": "1.2.3.4"
    },
    "status": {
      "lga": {
        "since": 1389407609,
        "status": "up"
      },
      "global": {
        "since": 1389407609,
        "status": "up"
      },
      "sjc": {
        "since": 1389404014,
        "status": "up"
      }
    },
    "rules": [
      {
        "key": "rtt",
        "value": 100,
        "comparison": "<"
      }
    ],
    "job_type": "ping",
    "regions": [
      "lga",
      "sjc"
    ],
    "active": true,
    "frequency": 60,
    "policy": "quorum",
    "region_scope": "fixed"
  }
]
Expand Code Examples

GET /v1/monitoring/jobs/:jobid

GET View monitoring job details

Returns details for a specific monitoring jobs based on its id, including configuration and current status details. Job status is shown per region, including the "global" region indicating the overall status of the monitoring job computed based on the status policy from the regional statuses. Status values both globally and per region include up, down, and pending.

Path parameter:

jobIDstring(Required) Unique identifier for the monitoring job

Request URL:

https://api.nsone.net/v1/monitoring/jobs/:jobid

Example URL:

https://api.nsone.net/v1/monitoring/jobs/52cae678830f7809ec5c9f6b

Example Response:

{
  "notes": null,
  "name": "example.com:80",
  "notify_repeat": 0,
  "id": "52cae678830f7809ec5c9f6b",
  "region_scope": "fixed",
  "rapid_recheck": false,
  "frequency": 30,
  "job_type": "tcp",
  "notify_delay": 0,
  "notify_list": null,
  "notify_regional": false,
  "regions": [
    "ams"
  ],
  "policy": "quorum",
  "config": {
    "send": "HEAD / HTTP/1.0\r\n\r\n",
    "port": 80,
    "host": "1.2.3.4",
    "ssl": "0",
    "ipv6": false
  },
  "status": {
    "ams": {
      "since": 1389052665,
      "status": "down"
    },
    "global": {
      "since": 1389052665,
      "status": "down"
    }
  },
  "notify_failback": true,
  "rules": [
    {
      "value": "200 OK",
      "key": "output",
      "comparison": "contains"
    }
  ],
  "active": true
}
Expand Code Examples

PUT /v1/monitoring/jobs

PUT Create a new monitoring job

Initiate a new monitoring job.

Request body parameters:

namestringName of the monitoring job (for internal reference only)
activebooleanIndicates whether or not the job is actively running or temporarily disabled.
mutebooleanSet to true to stop up/down notifications related to this monitor. Note that enabling this option does not deactivate the monitor, it just stops the alerts. If enabled, you can still view the history of up/down events.
region_scopestringControls the behavior of how the job is assigned to monitoring regions. Currently, this must be set to fixed so that monitoring regions are explicitly defined.
regionsarray of stringsList of region codes in which to run the monitoring job. Available monitoring regions are provided by the /v1/monitoring/regions endpoint. the number of regions you can apply depends on your account type and billing plan.
job_typestringIndicates the type of monitoring job you are creating. A full list of available types is returned by the /moniotring/jobtypes endpoint, but can include http, ping, tcp, and dns.
frequencyintegerNumber indicating the frequency (in seconds) at which to run the monitoring job in each region. The minimum frequency depends on your account type and billing plan.
rapid_recheckbooleanUpon any apparent status change, the job is quickly re-run after one second to confirm the state change before sending the notification.
policystringPolicy for determining the monitor's global status based on the job status in all regions. May be the quorum (majority status), all (status change only when all regions are in agreement), or one (down if any region is down). Enum: "quorum", "all", "one"
notesstring or nullInternal notes to be included in any notifications about this job (e.g., instructions for operators who will receive the notifications)
rulesarray of objectsList of rules for determining failure conditions. Each rule acts on one of the outputs from the monitoring job. You must specify key (the output key), comparison (a comparison to perform on the output), and value (the value by which to compare). For example, {"key":"rtt", "comparison":"<", "value":100} indicates a rule requiring the rtt from a job to be under 100ms or it will be marked as failed. Available output keys, comparators, and value types are indicated by /monitoring/jobtypes.
keystring(Part of rules object array) Output key (e.g., "rtt")
comparisonstring(Part of rules object array) Enum: "<", ">", "<=",">=","==","!=","regex", or "contains".
valueany(Part of rules object array) Value by which to compare
notify_delayintegerTime (in seconds) after a failure to wait before sending a notification. If the job is marked "up" before this time expires, no notification is sent. Set to 0 to send a notification immediately upon failure.
notify_repeatintegerTime (in seconds) between repeat notifications of a failed job. Set to 0 to disable repeating notifications. Otherwise, the value must be at least 60 (i.e., After 60 seconds, the notification will repeat.).
notify_fallbackbooleanIf true, a notification is sent when a job returns to an "up" state.
notify_regionalbooleanIf true, notifications are sent for any regional failure (and failback if desired)
notify_liststring or nullID of the associated NS1 notification list. If no list is specified, no notifications are sent for this job.


Copy CodeCreate a new ping monitor

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"name":"1.2.3.4 Ping Check", "job_type":"ping", "region_scope":"fixed", "regions":["lga","sin","ams"], "frequency":60, "config":{"host":"1.2.3.4"}, "rules":[{"key":"loss", "comparison":"<", "value":75.0}], "notify_list":"52cc775a2db2861b55176727"}' https://api.nsone.net/v1/monitoring/jobs

This creates a simple ping job that runs in three monitoring regions: lga (New York), sin (Singapore), and ams (Amsterdam). The host is pinged from all regions each 60 seconds and a rule is configured to fail the monitor if packet loss exceeds 75%. When the job's status changes, notifications are sent to the specified notification list immediately.

Copy CodeCreate a new TCP monitor

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"name":"1.2.3.4:443 HTTPS check", "job_type":"tcp", "region_scope":"fixed", "regions":["lga"], "frequency":60, "config":{"host":"1.2.3.4", "port":443, "send":"HEAD / HTTP/1.0\r\n\r\n", "ssl":"1"}, "rules":[{"key":"output", "comparison":"contains", "value":"200 OK"}], "notify_delay":300, "notify_list":"52cc775a2db2861b55176727"}' https://api.nsone.net/v1/monitoring/jobs

This creates a simple tcp job that runs in the lga (New York) monitoring region. Every 60 seconds a TCP connection is opened to port 443 on the host; an SSL session is negotiated; and a simple HEAD request is sent. String escapes are interpreted in the send parameter. Then, if a response is returned it is tested to see if it contains "200 OK". If not or if no response is returned, the monitor fails, but a notification is only sent if the monitor remains down for 300 seconds.

Request URL:

https://api.nsone.net/v1/monitoring/jobs

Example Request:

{
  "notify_list": "52cc775a2db1561b55135327",
  "notify_regional": false,
  "notify_failback": true,
  "notify_repeat": 0,
  "notify_delay": 65,
  "rules": [
    {
      "value": "200 OK",
      "comparison": "contains",
      "key": "output"
    },
    {
      "value": 200,
      "comparison": "<=",
      "key": "connect"
    }
  ],
  "config": {
    "ssl": "1",
    "send": "HEAD / HTTP/1.0\r\n\r\n",
    "port": 443,
    "host": "1.2.3.4"
  },
  "job_type": "tcp",
  "name": "myhost.com:443 monitor",
  "active": true,
  "rapid_recheck": true,
  "region_scope": "fixed",
  "regions": [
    "lga",
    "sjc"
  ],
  "frequency": 30,
  "policy": "quorum",
  "notes": "If this monitor is down then the webserver on myhost.com:443 is down or too slow!"
}

Example Response:

{
  "status": {
    "global": {
      "since": 1389458558,
      "status": "pending"
    }
  },
  "notes": "If this monitor is down then the webserver on myhost.com:443 is down or too slow!",
  "policy": "quorum",
  "frequency": 30,
  "regions": [
    "lga",
    "sjc"
  ],
  "region_scope": "fixed",
  "active": true,
  "rapid_recheck": true,
  "name": "myhost.com:443 monitor",
  "job_type": "tcp",
  "config": {
    "ssl": "1",
    "send": "HEAD / HTTP/1.0\r\n\r\n",
    "port": 443,
    "host": "1.2.3.4"
  },
  "rules": [
    {
      "value": "200 OK",
      "comparison": "contains",
      "key": "output"
    },
    {
      "value": 200,
      "comparison": "<=",
      "key": "connect"
    }
  ],
  "notify_delay": 65,
  "notify_repeat": 0,
  "notify_failback": true,
  "notify_regional": false,
  "notify_list": "52cc775a2db1561b55135327",
  "id": "52cc79123db8711b6713554a"
}
Expand Code Examples

POST /v1/monitoring/jobs/:jobid

POST Edit a monitoring job

Change the configuration details of an existing monitoring job. See the documentation for PUT /monitoring/jobs for a detailed explanation of the input.

Path parameters:

jobIDstring(Required) Unique identifier for the monitoring job you are updating

Request body parameters:

Refer to "Create a monitoring job" endpoint (PUT v1/monitoring/jobs) for request body parameters.

Request URL:

https://api.nsone.net/v1/monitoring/jobs/:jobid

Example URL:

https://api.nsone.net/v1/monitoring/jobs/52cc79123db8711b6713554a

Example Request:

{
  "notes": "Some new notes for this job",
  "policy": "all",
  "frequency": 40
}

Example Response:

{
  "status": {
    "global": {
      "since": 1389458558,
      "status": "pending"
    }
  },
  "notes": "Some new notes for this job",
  "policy": "all",
  "frequency": 40,
  "regions": [
    "lga",
    "sjc"
  ],
  "region_scope": "fixed",
  "active": true,
  "rapid_recheck": false,
  "name": "myhost.com:443 monitor",
  "job_type": "tcp",
  "config": {
    "ssl": "1",
    "send": "HEAD / HTTP/1.0\r\n\r\n",
    "port": 443,
    "host": "1.2.3.4"
  },
  "rules": [
    {
      "value": "200 OK",
      "comparison": "contains",
      "key": "output"
    },
    {
      "value": 200,
      "comparison": "<=",
      "key": "connect"
    }
  ],
  "notify_delay": 65,
  "notify_repeat": 0,
  "notify_failback": true,
  "notify_regional": false,
  "notify_list": "52cc775a2db1561b55135327",
  "id": "52cc79123db8711b6713554a"
}
Expand Code Examples

DELETE /v1/monitoring/jobs/:jobid

DELETE Delete a monitoring job

Immediately terminates and deletes an existing monitoring job. There is no response other than the HTTP status code.

Path parameters:

jobIDstring(Required) Unique identifier for the monitoring job

Copy CodeDeletes the specified monitoring job using the jobID

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/monitoring/jobs/:jobid

Request URL:

https://api.nsone.net/v1/monitoring/jobs/:jobid

Example URL:

https://api.nsone.net/v1/monitoring/jobs/52cc79123db8711b6713554a

GET /v1/monitoring/history/:jobid

GET View history of monitoring jobs

Returns historical status details of a monitoring job (if jobid is included in the URL) or of all monitoring jobs under the account (if no jobid is specified). You may restrict the time period to show with start and end (Unix timestamps) or by specifying a period (one of 1h, 24h, or 30d); limit the number of results with limit; and restrict to results from a specific region code. You may also specify exact (a boolean, if true you must also specify start): then, the status as of the exact start and end times is computed and returned as part of the status history.

Path parameters:

jobIDstring(Required) Unique identifier for the monitoring job whose history you are requesting

Query parameters:

exactbooleanIf set to true, the exact start and end times are computed and returned as part of the status history
periodstringIndicates a specific time period for the historical results you are requesting. Enum: "1h", "24h","30d"
limitintegerMaximum number of results to return
startintegerAbsolute start time in UNIX timestamp
endintegerAbsolute end time in UNIX timestamp (defaults to current time)
regionstringRegion code (e.g, "global")


Copy CodeReturns job history for the specified job over the last 24 hours

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/monitoring/history/{jobid}?period=24h

GET /v1/monitoring/metric

GET View historical metrics for all jobs

Returns historical metrics generated by monitoring jobs such as response time, packet loss, TCP connect time, etc. The metrics in the response depend on the job type (http, ping, tcp, dns). Metrics available for each job type are returned by /monitoring/jobtypes. If you include a jobid in the URL, only metrics for that job are returned. Otherwise, metrics for all jobs are returned subject to any applied query parameters.

Path parameters:

jobIDstring(Optional) Unique identifier for the monitoring job. If entered, only the metrics for the specified job are returned. Otherwise, all historical job metrics are returned.

Query parameters:

regionstring(Optional) Region code; may be "global" or a specific region as listed in the /monitoring/regions endpoint. Note that you can only specify this parameter if you have also specified a jobID. Only metrics from the specific region are returned. If set to "global", the average value of the metric across all active regions is returned.
metricstring(Optional) Metric name (e.g., "rtt" or "connect"). Valid metric names are described by the /monitoring/jobtypes endpoint and vary based on the type of monitoring job. Only the metrics for jobs providing a matching metric name are returned.
periodstringEnum: "1h", "24h", or "30d"; The interval of time for which to return results. Response is a list of metric objects, each containing jobID, region, and metric fields. The metric field is a mapping of metric names to statistics objects including the average value of the metric over the specified period (excluding times when no data was collected) and a graph for the metric over the period.

Copy CodeReturns historical metrics for the specific job over the last 30 days

https://api.nsone.net/v1/monitoring/metric/{jobID}?period=30d

Request URL:

https://api.nsone.net/v1/monitoring/metrics/:jobid[?metric=null][&period=24h][&region=null]

Example URL:

https://api.nsone.net/v1/monitoring/metrics/52a27d4397d5f07003fdbe7b?period=30d&metric=rtt

Example Response:

[
  {
    "jobid": "52a27d4397d5f07003fdbe7b",
    "region": "global",
    "metrics": {
      "rtt": {
        "avg": 36.49545722537571,
        "graph": [
          [
            1390852209,
            36.93605295817057
          ],
          [
            1390852420,
            34.418270111083984
          ],
          [
            1390852631,
            36.07466252644857
          ],
          ...
        ]
      }
    }
  },
  {
    "jobid": "52a27d4397d5f07003fdbe7b",
    "region": "lga",
    "metrics": {
      "rtt": {
        "avg": 36.338624795277916,
        "graph": [
          [
            1390852209,
            36.93605295817057
          ],
          [
            1390852420,
            34.418270111083984
          ],
          [
            1390852631,
            36.07466252644857
          ],
          ...
        ]
      }
    }
  },
  {
    "jobid": "52a27d4397d5f07003fdbe7b",
    "region": "dal",
    "metrics": {
      "rtt": {
        "avg": 37.40758143530952,
        "graph": [
          [
            1390852209,
            36.93605295817057
          ],
          [
            1390852420,
            36.93605295817057
          ],
          [
            1390852631,
            36.93605295817057
          ],
          ...
        ]
      }
    }
  }
]
Expand Code Examples

GET /v1/monitoring/jobtypes

GET List monitoring job types

Returns the list of all available monitoring jobs types, and details of configuration options for each job type. Job types include http, ping, tcp, and dns.

Request URL:

https://api.nsone.net/v1/monitoring/jobtypes

Example Response:

{
  "http": {
    "shortdesc": "HTTP",
    "config": {
      "url": {
        "shortdesc": "URL",
        "desc": "URL to query. i.e. https://ns1.com",
        "required": true,
        "type": "string",
        "validator": "text"
      },
      "method": {
        "default": "GET",
        "required": false,
        "validator": "text",
        "shortdesc": "HTTP Method",
        "type": "string",
        "desc": "Valid methods are HEAD, GET and POST"
      },
      "idle_timeout": {
        "default": 3,
        "required": false,
        "validator": "number",
        "shortdesc": "Idle Timeout",
        "type": "number",
        "desc": "Timeout (in seconds) waiting for expected data before closing the connection."
      },
      "user_agent": {
        "default": "NS1 HTTP Monitoring Job",
        "required": false,
        "validator": "text",
        "shortdesc": "User Agent",
        "type": "string",
        "desc": "Describes the text provided in the User-Agent request header. String escapes (e.g. \"\\n\") are allowed."
      },
      "ipv6": {
        "default": false,
        "required": false,
        "validator": "checkbox",
        "shortdesc": "Connect over IPv6",
        "type": "checkbox",
        "desc": "Attempt to send/receive protocol data via IPv6"
      },
      "connect_timeout": {
        "default": 5,
        "required": false,
        "validator": "number",
        "shortdesc": "Connection Timeout",
        "type": "number",
        "desc": "Timeout (in seconds) sending query to wait for output."
      },
      "authorization": {
        "default": null,
        "required": false,
        "validator": "text",
        "shortdesc": "Authorization Header",
        "type": "string",
        "desc": "You can provide a bearer token or api key using this header. String escapes (e.g. \"\\n\") are allowed."
      }
    },
    "results": {
      "body": {
        "default": "",
        "type": "string",
        "metric": false,
        "validator": "string",
        "shortdesc": "HTTP Response Body",
        "comparators": [
          "contains"
        ],
        "desc": "String match over the response body."
      },
      "status_code": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "HTTP Status Code",
        "type": "integer",
        "desc": "HTTP Response Status Code comparison"
      }
    },
    "desc": "Do an HTTP request against a webserver."
  },
  "ping": {
    "shortdesc": "Ping (ICMP)",
    "config": {
      "count": {
        "default": 4,
        "required": false,
        "validator": "number",
        "shortdesc": "Number of packets to send",
        "type": "number",
        "desc": "Number of ICMP echo packets to send.  More take longer, but provide better RTT and packet loss statistics."
      },
      "host": {
        "shortdesc": "IP address or hostname to ping",
        "desc": "IP address or hostname to test using ICMP echo packets.",
        "required": true,
        "type": "string",
        "validator": "text"
      },
      "interval": {
        "default": 0,
        "required": false,
        "validator": "number",
        "shortdesc": "Time between packets",
        "type": "number",
        "desc": "Minimum time (in ms) to wait between sending each ICMP packet.  If less than the response time for an echo request, we will send the next packet immediately upon receiving a response."
      },
      "timeout": {
        "default": 2000,
        "required": false,
        "validator": "number",
        "shortdesc": "Ping timeout",
        "type": "number",
        "desc": "Timeout (in ms) before we mark host failed."
      },
      "ipv6": {
        "default": false,
        "required": false,
        "validator": "checkbox",
        "shortdesc": "Connect over IPv6",
        "type": "checkbox",
        "desc": "Attempt to send/receive protocol data via IPv6"
      }
    },
    "results": {
      "rtt": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "Round trip time",
        "type": "number",
        "desc": "Average round trip time (in ms) of returned pings."
      },
      "loss": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "Percent packet loss",
        "type": "number",
        "desc": "Percentage of ICMP echo packets with no response (timed out)."
      }
    },
    "desc": "Ping a host using ICMP packets."
  },
  "tcp": {
    "shortdesc": "TCP",
    "config": {
      "response_timeout": {
        "default": 1000,
        "required": false,
        "validator": "number",
        "shortdesc": "Response timeout",
        "type": "number",
        "desc": "Timeout (in ms) after connecting to wait for output."
      },
      "send": {
        "default": null,
        "required": false,
        "validator": "text",
        "shortdesc": "String to send",
        "type": "string",
        "desc": "A string to send to the host upon connecting. String escapes (e.g. \"\\n\") are allowed."
      },
      "port": {
        "shortdesc": "TCP port",
        "desc": "TCP port to connect to on host.",
        "required": true,
        "type": "number",
        "validator": "number"
      },
      "ssl": {
        "default": false,
        "required": false,
        "validator": "checkbox",
        "shortdesc": "Connect with SSL",
        "type": "checkbox",
        "desc": "Attempt to negotiate an SSL connection before sending/receiving protocol data."
      },
      "host": {
        "shortdesc": "IP address or hostname",
        "desc": "IP address or hostname to connect to.",
        "required": true,
        "type": "string",
        "validator": "text"
      },
      "ipv6": {
        "default": false,
        "required": false,
        "validator": "checkbox",
        "shortdesc": "Connect over IPv6",
        "type": "checkbox",
        "desc": "Attempt to send/receive protocol data via IPv6"
      },
      "connect_timeout": {
        "default": 2000,
        "required": false,
        "validator": "number",
        "shortdesc": "Connect timeout",
        "type": "number",
        "desc": "Timeout (in ms) before we give up trying to connect."
      }
    },
    "results": {
      "output": {
        "comparators": [
          "contains"
        ],
        "metric": false,
        "validator": "string",
        "shortdesc": "Output (if any)",
        "type": "string",
        "desc": "Output received from the connection, if any."
      },
      "connect": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "Time to connect",
        "type": "number",
        "desc": "Time (in ms) for the connection to open."
      }
    },
    "desc": "Connect to a TCP port on a host."
  },
  "dns": {
    "shortdesc": "DNS",
    "config": {
      "response_timeout": {
        "default": 2000,
        "required": false,
        "validator": "number",
        "shortdesc": "Response timeout",
        "type": "number",
        "desc": "Timeout (in ms) after sending query to wait for output."
      },
      "domain": {
        "shortdesc": "Query domain",
        "desc": "The domain name to query.",
        "required": true,
        "type": "string",
        "validator": "text"
      },
      "host": {
        "shortdesc": "Nameserver IP or hostname",
        "desc": "IP address or hostname of the nameserver to query, e.g. 8.8.8.8.",
        "required": true,
        "type": "string",
        "validator": "text"
      },
      "ipv6": {
        "default": false,
        "required": false,
        "validator": "checkbox",
        "shortdesc": "Connect over IPv6",
        "type": "checkbox",
        "desc": "Attempt to send/receive protocol data via IPv6"
      },
      "type": {
        "default": "A",
        "required": false,
        "validator": "rectype",
        "shortdesc": "Query type",
        "type": "string",
        "desc": "DNS record type to query."
      },
      "port": {
        "default": 53,
        "required": false,
        "validator": "number",
        "shortdesc": "DNS port",
        "type": "number",
        "desc": "DNS port to query on host."
      }
    },
    "results": {
      "rtt": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "Response time",
        "type": "number",
        "desc": "Average response time (in ms) of DNS responses."
      },
      "num_records": {
        "comparators": [
          "<",
          ">",
          "<=",
          ">=",
          "==",
          "!="
        ],
        "metric": false,
        "validator": "number",
        "shortdesc": "Number of records",
        "type": "number",
        "desc": "Number of records in the ANSWER section of the DNS response."
      },
      "rdata": {
        "comparators": [
          "contains"
        ],
        "metric": false,
        "validator": "string",
        "shortdesc": "Record RDATA",
        "type": "string",
        "desc": "RDATA of records in the DNS response."
      }
    },
    "desc": "Do a DNS lookup against a nameserver host."
  }
}
Expand Code Examples

GET /v1/monitoring/regions

GET List available monitoring regions

Returns the list of all available monitoring regions, including display name for the region, the region code to use when provisioning, and the list of all subnets from which monitoring traffic is generated in each region. The response below is using subnets from the documentation address blocks (RFC 5737 and RFC 3849) do not use them in your access lists.

Copy CodeReturns a list of all available monitoring regions for the account

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/monitoring/regions

Request URL:

https://api.nsone.net/v1/monitoring/regions

Example Response:

[
  {
    "name": "Dallas",
    "code": "dal",
    "subnets": [
      "192.0.2.40/29",
      "2001:db8:4009:3::/64"
    ]
  },
  {
    "name": "Singapore",
    "code": "sin",
    "subnets": [
      "198.51.100.224/29",
      "2001:db8:1000:3::/64"
    ]
  },
  {
    "name": "San Jose",
    "code": "sjc",
    "subnets": [
      "192.0.2.152/29",
      "2001:db8:400c:3::/64"
    ]
  },
  {
    "name": "New York",
    "code": "lga",
    "subnets": [
      "203.0.113.16/29",
      "2001:db8:4004:3::/64"
    ]
  },
  {
    "name": "Amsterdam",
    "code": "ams",
    "subnets": [
      "203.0.113.48/29",
      "2001:db8:e:3::/64"
    ]
  }
]
Expand Code Examples

Notification lists

GET https://api.nsone.net/v1/lists

GETList all notification lists

Returns all configured notification lists. Each list consists of a name, an id for use in connecting notification lists in monitoring jobs, and a notify_list of configured notifiers.

Request URL:

https://api.nsone.net/v1/lists

Example Response:

[
  {
    "id": "52b49af12f21574b0e0bffe7",
    "name": "Awesome List",
    "notify_list": [
      {
        "type": "email",
        "config": {
          "email": "[email protected]"
        }
      },
      {
        "type": "datafeed",
        "config": {
          "sourceid": "5872814cc08b23c697e88c054d032780"
        }
      },
      {
        "type": "user",
        "config": {
          "user": "myuser"
        }
      }
    ]
  },
  ...
]
Expand Code Examples

GET https://api.nsone.net/v1/lists/:listid

GETView notification list details

Gets the details and notifiers associated with a specific notification list.

Request URL:

https://api.nsone.net/v1/lists/:listid

Example URL:

https://api.nsone.net/v1/lists/52b49af12f21574b0e0bffe7

Example Response:

{
  "id": "52b49af12f21574b0e0bffe7",
  "name": "Awesome List",
  "notify_list": [
    {
      "type": "email",
      "config": {
        "email": "[email protected]"
      }
    },
    {
      "type": "datafeed",
      "config": {
        "sourceid": "5872814cc08b23c697e88c054d032780"
      }
    },
    {
      "type": "user",
      "config": {
        "user": "myuser"
      }
    }
  ]
}

ParameterTypeDescriptionRequired?
listidStringNotification List IDYes
Expand Code Examples

PUT https://api.nsone.net/v1/lists

PUTCreate a new notification list

Creates a new list for notifications. You may specify a freeform display name for the list. The notify_list itself is a list of notifier objects including notifier type and a config dictionary with configuration details for the given notifier type. Available notifiers are indicated in /notifytypes. All notifiers in a notification list will receive notifications whenever an event is send to the list (e.g., when a monitoring job fails).

Copy CodeCreate a new notification list that pushes to Data Feeds

curl -X PUT -H 'X-NSONE-Key: qACMD09OJXBxT7XOuRs8' -d '{"name":"Critical Notifications", "notify_list":[ {"type":"email", "config":{"email":"[email protected]"}}, {"type":"datafeed", "config":{"sourceid":"b85579edee904f0f204a6eb07b3f8a1f"}} ]}' https://api.nsone.net/v1/lists

We create a new list to receive monitoring notifications. Notifications will be sent to both an email address ([email protected]) and to an NSONE Data Source for use with NSONE's DNS metadata. To connect a datafeed notifier, the sourceid must be a nsone_monitoring Data Source. Status changes for monitors connected to this notification list will be delivered to the Data Source, and if a Data Feed is configured under the source for the monitor, then the changes will be pushed to all metadata tables connected to the Data Feed.

Request URL:

https://api.nsone.net/v1/lists

Example Request:

{
  "name": "My Notification List",
  "notify_list": [
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    },
    {
      "config": {
        "user": "myuser"
      },
      "type": "user"
    },
    {
      "config": {
        "sourceid": "01f6495ba8eb9d3ac40963db97ab5604"
      },
      "type": "datafeed"
    }
  ]
}

Example Response:

{
  "id": "52b49af12f21574b0e0bffe8",
  "name": "My Notification List",
  "notify_list": [
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    },
    {
      "config": {
        "user": "myuser"
      },
      "type": "user"
    },
    {
      "config": {
        "sourceid": "01f6495ba8eb9d3ac40963db97ab5604"
      },
      "type": "datafeed"
    }
  ]
}
Expand Code Examples

POST https://api.nsone.net/v1/lists/:listid

POSTUpdate a notification list

Add or remove entries or otherwise update a notification list.

Request URL:

https://api.nsone.net/v1/lists/:listid

Example URL:

https://api.nsone.net/v1/lists/52b49af12f21574b0e0bffe8

Example Request:

{
  "id": "52b49af12f21574b0e0bffe8",
  "name": "My Notification List",
  "notify_list": [
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    },
    {
      "config": {
        "user": "myuser"
      },
      "type": "user"
    },
    {
      "config": {
        "sourceid": "01f6495ba8eb9d3ac40963db97ab5604"
      },
      "type": "datafeed"
    },
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    }
  ]
}

Example Response:

{
  "id": "52b49af12f21574b0e0bffe8",
  "name": "My Notification List",
  "notify_list": [
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    },
    {
      "config": {
        "user": "myuser"
      },
      "type": "user"
    },
    {
      "config": {
        "sourceid": "01f6495ba8eb9d3ac40963db97ab5604"
      },
      "type": "datafeed"
    },
    {
      "config": {
        "email": "[email protected]"
      },
      "type": "email"
    }
  ]
}

ParameterTypeDescriptionRequired?
listidStringNotification List IDYes
Expand Code Examples

DELETE https://api.nsone.net/v1/lists/:listid

DELETERemove a notification list

Immediately deletes an existing notification list. Any monitoring jobs configured to notify this list will stop sending notifications until reconfigured to notify a different list. There is no response other than the HTTP status code.

Request URL:

https://api.nsone.net/v1/lists/:listid

Example URL:

https://api.nsone.net/v1/lists/52b49af12f21574b0e0bffe8

ParameterTypeDescriptionRequired?
listidStringNotification List IDYes

GET https://api.nsone.net/v1/notifytypes

GETList available notification types

Returns the list of all available notifiers for delivery of monitoring status notifications, and details of configuration options for each notification type.

Request URL:

https://api.nsone.net/v1/notifytypes

Example Response:

{
  "user": {
    "desc": "Send notification to a user according to their notification preferences.",
    "config": {
      "user": {
        "validator": "username",
        "type": "string",
        "required": true,
        "desc": "User to notify",
        "shortdesc": "Username"
      }
    },
    "shortdesc": "User"
  },
  "email": {
    "desc": "Send notification to an email address.",
    "config": {
      "email": {
        "validator": "email",
        "type": "string",
        "required": true,
        "desc": "Email address to send notification",
        "shortdesc": "Email address"
      }
    },
    "shortdesc": "Email"
  },
  "datafeed": {
    "desc": "Push notification to an NSONE Data Source to update all\n    Data Feeds connected to the Source.  This notifier only pushes\n    \"up/down\" status to the Data Feeds.  Unless you have configured\n    a Feed to act on updates from specific monitoring regions,\n    only \"global\" status will be pushed to your Feeds.",
    "config": {
      "sourceid": {
        "validator": "datasource",
        "type": "datasource",
        "required": true,
        "desc": "NSONE Data Source to receive notifications",
        "shortdesc": "NSONE Data Source"
      }
    },
    "shortdesc": "NSONE Data Feed"
  },
  ...
}
Expand Code Examples

Reporting & Statistics

QPS

GET /v1/stats/qps

GET View account-wide QPS

Returns current queries per second (QPS) for the account. Queries per second (QPS) are reported by the NS1 API for Managed DNS networks using the same method for calculating account, zone, and record-level stats: Once per minute on the minute, a new QPS value is calculated using the query count in a two minute period ending five minutes ago. This query count is divided by 120 seconds to return an average QPS for that time period. For example, an API call at 10:07:37 UTC will receive a QPS value using the query count between 10:00:00 and 10:02:00.

Request URL:

https://api.nsone.net/v1/stats/qps

Example Response:

{
  "qps": 8.2
}
Expand Code Examples

GET https://api.nsone.net/v1/stats/qps/:zone

GET Zone-level queries per second

Returns current queries per second (QPS) for a specific zone. Queries per second (QPS) are reported by the NS1 API for Managed DNS networks using the same method for calculating account, zone, and record-level stats: Once a minute on the minute, a new QPS value is calculated using the query count in a two minute period ending five minutes ago. This query count is divided by 120 seconds to return an average QPS for that time period. For example, an API call at 10:07:37 UTC will receive a QPS value using the query count between 10:00:00 and 10:02:00.

Request URL:

https://api.nsone.net/v1/stats/qps/:zone

Example URL:

https://api.nsone.net/v1/stats/qps/example.com

Example Response:

{
  "qps": 6.7
}

ParameterTypeDescriptionRequired?
zoneStringYes
Expand Code Examples

GET https://api.nsone.net/v1/stats/qps/zone/domain/type

GET Record-level queries per second

Returns current queries per second (QPS) for a specific record. Queries per second (QPS) are reported by the NS1 API for Managed DNS networks using the same method for calculating account, zone, and record-level stats: Once a minute on the minute, a new QPS value is calculated using the query count in a two minute period ending five minutes ago. This query count is divided by 120 seconds to return an average QPS for that time period. For example, an API call at 10:07:37 UTC will receive a QPS value using the query count between 10:00:00 and 10:02:00.

Request URL:

https://api.nsone.net/v1/stats/qps/:zone/:domain/:type

Example URL:

https://api.nsone.net/v1/stats/qps/example.com/www.example.com/A

Example Response:

{
  "qps": 2.3
}
ParameterTypeDescriptionRequired?
zoneStringYes
Expand Code Examples

Usage

GET /v1/stats/usage

GETView account-wide usage statistics

Returns statistics and graphs for the entire account over a given period. Stats are returned as a list of "objects" containing various stats fields that correspond to the given entity.

When querying usage stats, note the following:

  • If none of the fields are present, the response includes aggregate stats for the entire account.
  • If only the zone field is present, the response includes aggregate stats for the specified zone.
  • If domain, rectype, and zone fields are present in the object, the response includes stats for the specified record.

Querying the 1-hr usage statistics endpoint returns three data points (including a partial one) containing the number of total queries. For example, if you query the usage stats for the “testdomain.com” endpoint at 5:10 pm (ex. ['https://my.nsone.net/v1/stats/...’]), you may see the following response:

[{"graph":[[1584993600,4514354],[1584995400,4193351],[1584997200,1683636]],"records":3994,"period":"1h","zone":"testdomain.com","queries":10391341}]

The graph is an array of UNIX timestamps and counts:

  • 1584993600 = 4:00 pm (DST) , Total Queries 4514354
  • 1584995400 = 4:30 pm (DST) , Total Queries 4193351
  • 1584997200 = 5:00pm (DST) , Total Queries 1683636 (a partially-filled bucket)

To calculate the total number of queries from 4 pm to 5 pm, add the first two data points together (totaling 8,707,705 queries from 4 - 5 pm). Ignore the third (partial) bucket as this is reflects only the number of queries from 5:00 pm to 5:10 pm.

Note: NS1 recommends that you only query 1hr stats at 30-minute intervals.

Note: The option to view usage statistics by billing tier (i.e. by_tier=true/false) is no longer supported.

Query parameters

ParameterTypeDescription
periodenum(string)(Optional) Relative time. Possible values: ‘1h’, ‘24h’, ‘30d’ (default: ‘24h’)
expandboolean
(Optional) Default value is “true.” If set to true, the response includes aggregated statistics across all zones.
Note about pagination: If you have more than 1,000 zones expanded, the response will include a standard HTTP Link header that will include after and limit query parameters. The URI in the link header may be used to fetch the next page of results.
networksstring(Optional) Identifier of the network for which you want to return usage statistics. Default is * which returns the number of DNS queries for all networks combined (e.g. Managed and Dedicated networks). Other supported values include the network ID, such as 0 for NS1 Managed DNS. Note that network IDs for DDI networks are defined during initial configuration, and those for Dedicated DNS are provided to you by the NS1 support team during implementation.
after
string
(Optional) Appears in paginated responses as part of the URI-reference component of the Link header. The value is the zone after which the next page should begin. If expand is not set to true, this param is ignored.
limit
integer
(Optional) Appears in paginated responses as part of the URI-reference component of the Link header. The value indicates the maximum number of expanded zones that should appear in the response (Default: 1000; Max value: 1000). If expand is not set to true, this parameter is ignored.

Copy CodeGet account-wide zone usage for last 24 hours for all networks

curl -X GET -H 'X-NSONE-Key: $API_KEY' "https://api.nsone.net/v1/stats/usage?period=24h&networks=*"

Request URL:

https://api.nsone.net/v1/stats/usage?period=24h&expand=true&networks=0,9

GET /v1/stats/usage/:zone

GETView zone-level usage statistics

Please refer to /stats/usage for a detailed explanation of the output and query parameters. Note that by_tier (true/false) parameters are no longer supported.

When querying usage stats, note the following:

  • If none of the fields are present, the response includes aggregate stats for the entire account.
  • If only the zone field is present, the response includes aggregate stats for the specified zone.
  • If domain, rectype, and zone fields are present in the object, the response includes stats for the specified record.

Parameter

Type

Description

Required?

zone

string

Name of the zone

yes

period

enum(string)

Relative time. Possible values: '1h', '24h', '30d' (Default: '24h')

no

expandbooleanUsed to set return aggregated stats across all zones. Possible values true or false (default: false). Default value is “true.” If set to true, the response includes aggregated statistics across all records.

Note about pagination: If you have more than 1,000 records expanded, the response will include a standard HTTP Link header that will include after and limit query parameters. The URI in the link header may be used to fetch the next page of the results.
no

networks

string

Identifier of the network for which you want to return usage statistics. Default is * which returns the number of DNS queries for all networks combined (e.g. Managed and Dedicated networks). Other supported values include the network ID, such as 0 for NS1 Managed DNS. Note that network IDs for DDI networks are defined during initial configuration, and those for Dedicated DNS are provided to you by the NS1 support team during implementation.

no

afterstringAppears in paginated responses as part of the URI-reference component of the Link header. The value is the zone after which the next page should begin. If expand is not set to true, this param is ignored.no
limitintegerAppears in paginated responses as part of the URI-reference component of the Link header. The value indicates the maximum number of expanded zones that should appear in the response (Default: 1000; Max value: 1000). If expand is not set to true, this param is ignored.no

Copy CodeGet usage by zone with graphs for last 24 hours

curl -X GET -H 'X-NSONE-Key: $API_KEY' "https://api.nsone.net/v1/stats/usage/:zone?period=24h&expand=false&networks=*"

Request URL:

https://api.nsone.net/v1/stats/usage/:zone?period=24h&networks=*

Parameter

Type

Description

Required?

zone

string

Name of the zone

yes

period

enum(string)

Relative time. Possible values: '1h', '24h', '30d' (Default: '24h')

no

networks

string

Used to specify the DNS network.

Possible values: ‘*’ to return usage stats for all networks combined, or use a comma to add multiple networks (‘0 , 8’) and receive the sum usage across networks specified. (Default: 0 is NS1’s Managed DNS network)

no

GET /v1/stats/usage/:zone/:domain/:type

GETView record-level usage statistics

Please refer to /stats/usage for a detailed explanation of the output and query parameters. Note that the parameters expand (true/false) and by_tier (true/false) parameters are no longer supported.

ParameterTypeDescription
zonestring(Required) Name of the zone (usually the FQDN).
domainstring(Required) Domain name.
typestring(Required) Type of record for which you are requesting usage statistics.
periodstring (enum)Relative amount of time. Enum: '1h', '24h', '30d' (Default: '24h')

Request URL:

https://api.nsone.net/v1/stats/usage/:zone/:domain/:record[?period=24h]

Example URL:

https://api.nsone.net/v1/stats/usage/example.com/www.example.com/A?period=24h

Example Response:

[
  {
    "queries": 4,
    "zone": "example.com",
    "domain": "www.example.com"
    "rectype": "A",
    "period": "24h",
    "graph": [
      [
        1376279703,
        0
      ],
      [
        1376281516,
        0
      ],
      ...
    ]
  }
]
Expand Code Examples

Lease stats

GET /v1/stats/leases

GETView account-wide lease statistics

Returns the sum of all leases — new and renewals — for the entire account. You can export this report with the export path parameter.

Query Parameters:

ParameterType

Description

periodstring (enum)Filters the results to include only lease information related to a specified period of time prior to the current timestamp. Supported values: 24h (default) or 30d.
exportstringThe file type of the report that should be generated. Can be one of the following file types: json, xml, csv, pdf, xslx, or html.

Copy CodeReturns lease statistics for the past 24 hours

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/stats/leases?period=24h

Copy CodeExports lease report in PDF format

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/stats/leases?export=pdf

Returns a sum of all leases — new and renewals — and graphs for the specified scope group. You can export this report with the export path parameter.

Example Response:

[
  {
    "graph": [
      [
        1600086600,
        0
      ],
      [
        1600088400,
        0
      ],
      [
        1600090200,
        0
      ],
      [
        1600092000,
        0
      ],
      [
        1600093800,
        0
      ],
      [
        1600095600,
        0
      ],
      [
        1600097400,
        0
      ],
      [
        1600099200,
        0
      ],
      [
        1600101000,
        0
      ],
      [
        1600102800,
        0
      ],
      [
        1600104600,
        0
      ],
      [
        1600106400,
        0
      ],
      [
        1600108200,
        0
      ],
      [
        1600110000,
        0
      ],
      [
        1600111800,
        0
      ],
      [
        1600113600,
        0
      ],
      [
        1600115400,
        0
      ],
      [
        1600117200,
        0
      ],
      [
        1600119000,
        0
      ],
      [
        1600120800,
        0
      ],
      [
        1600122600,
        0
      ],
      [
        1600124400,
        0
      ],
      [
        1600126200,
        0
      ],
      [
        1600128000,
        0
      ],
      [
        1600129800,
        0
      ],
      [
        1600131600,
        0
      ],
      [
        1600133400,
        0
      ],
      [
        1600135200,
        0
      ],
      [
        1600137000,
        0
      ],
      [
        1600138800,
        0
      ],
      [
        1600140600,
        0
      ],
      [
        1600142400,
        0
      ],
      [
        1600144200,
        0
      ],
      [
        1600146000,
        0
      ],
      [
        1600147800,
        0
      ],
      [
        1600149600,
        0
      ],
      [
        1600151400,
        0
      ],
      [
        1600153200,
        0
      ],
      [
        1600155000,
        0
      ],
      [
        1600156800,
        0
      ],
      [
        1600158600,
        0
      ],
      [
        1600160400,
        0
      ],
      [
        1600162200,
        0
      ],
      [
        1600164000,
        0
      ],
      [
        1600165800,
        0
      ],
      [
        1600167600,
        0
      ],
      [
        1600169400,
        0
      ],
      [
        1600171200,
        4
      ],
      [
        1600173000,
        1
      ]
    ],
    "period": "24h",
    "leases": 5
  }
]
Expand Code Examples

GET /v1/stats/leases/:scopeGroupID

GETView lease statistics by scope group

Returns a sum of all leases — new and renewals — and graphs for the specified scope group. You can export this report with the export path parameter.

Path Parameters:

ParameterTypeDescription
scopeGroupIDinteger(Required) Unique identifier for the scope group.

Query Parameters:

ParameterTypeDescription
periodstring (enum)Filters the results to include only lease information related to a specified period of time prior to the current timestamp. Supported values: 24h (default) or 30d.
exportstringThe file type of the report that should be generated. Can be one of the following file types: json, xml, csv, pdf, xslx, or html.

Copy CodeReturns lease statistics within a scope group for the past 24 hours

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/stats/leases/:scopeGroupID?period=24h

Copy CodeExports a lease statistics report in PDF format

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/stats/leases?export={type}

Example Response:

[
  {
    "graph": [
      [
        1600086600,
        0
      ],
      [
        1600088400,
        0
      ],
      [
        1600090200,
        0
      ],
      [
        1600092000,
        0
      ],
      [
        1600093800,
        0
      ],
      [
        1600095600,
        0
      ],
      [
        1600097400,
        0
      ],
      [
        1600099200,
        0
      ],
      [
        1600101000,
        0
      ],
      [
        1600102800,
        0
      ],
      [
        1600104600,
        0
      ],
      [
        1600106400,
        0
      ],
      [
        1600108200,
        0
      ],
      [
        1600110000,
        0
      ],
      [
        1600111800,
        0
      ],
      [
        1600113600,
        0
      ],
      [
        1600115400,
        0
      ],
      [
        1600117200,
        0
      ],
      [
        1600119000,
        0
      ],
      [
        1600120800,
        0
      ],
      [
        1600122600,
        0
      ],
      [
        1600124400,
        0
      ],
      [
        1600126200,
        0
      ],
      [
        1600128000,
        0
      ],
      [
        1600129800,
        0
      ],
      [
        1600131600,
        0
      ],
      [
        1600133400,
        0
      ],
      [
        1600135200,
        0
      ],
      [
        1600137000,
        0
      ],
      [
        1600138800,
        0
      ],
      [
        1600140600,
        0
      ],
      [
        1600142400,
        0
      ],
      [
        1600144200,
        0
      ],
      [
        1600146000,
        0
      ],
      [
        1600147800,
        0
      ],
      [
        1600149600,
        0
      ],
      [
        1600151400,
        0
      ],
      [
        1600153200,
        0
      ],
      [
        1600155000,
        0
      ],
      [
        1600156800,
        0
      ],
      [
        1600158600,
        0
      ],
      [
        1600160400,
        0
      ],
      [
        1600162200,
        0
      ],
      [
        1600164000,
        0
      ],
      [
        1600165800,
        0
      ],
      [
        1600167600,
        0
      ],
      [
        1600169400,
        0
      ],
      [
        1600171200,
        4
      ],
      [
        1600173000,
        1
      ]
    ],
    "period": "24h",
    "scope_group_id": 1,
    "leases": 5
  }
]
Expand Code Examples

GET /v1/stats/lps

GETView account-wide peak LPS

Returns current leases per second (LPS) for all scope groups. Optionally, you can specify a period of time by which to filter results.

Peak LPS is the maximum number of average leases calculated at 30-minute intervals in a 24-hour period and at 12-hour intervals in a 30-day period.

  • 90th percentile markers: shows 90% of the time, the usage is below this amount
  • 95th percentile markers: shows 95% of the time, the usage is below this amount

You can export this report with the export path parameter.

Query Parameters:

ParameterTypeDescription
periodstring (enum)Filters the results to include only lease information related to a specified period of time prior to the current timestamp. Supported values: 24h (default) or 30d.
exportstringThe file type of the report that should be generated. Can be one of the following file types: json, xml, csv, pdf, xslx, or html.

Copy CodeReturns LPS statistics for the past 24 hours

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/stats/lps?period=24h

Copy CodeExports LPS statistics report in PDF format

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/stats/lps?export=PDF

Example Response:

[
  {
    "graph": [
      [
        1600086600,
        0
      ],
      [
        1600088400,
        0
      ],
      [
        1600090200,
        0
      ],
      [
        1600092000,
        0
      ],
      [
        1600093800,
        0
      ],
      [
        1600095600,
        0
      ],
      [
        1600097400,
        0
      ],
      [
        1600099200,
        0
      ],
      [
        1600101000,
        0
      ],
      [
        1600102800,
        0
      ],
      [
        1600104600,
        0
      ],
      [
        1600106400,
        0
      ],
      [
        1600108200,
        0
      ],
      [
        1600110000,
        0
      ],
      [
        1600111800,
        0
      ],
      [
        1600113600,
        0
      ],
      [
        1600115400,
        0
      ],
      [
        1600117200,
        0
      ],
      [
        1600119000,
        0
      ],
      [
        1600120800,
        0
      ],
      [
        1600122600,
        0
      ],
      [
        1600124400,
        0
      ],
      [
        1600126200,
        0
      ],
      [
        1600128000,
        0
      ],
      [
        1600129800,
        0
      ],
      [
        1600131600,
        0
      ],
      [
        1600133400,
        0
      ],
      [
        1600135200,
        0
      ],
      [
        1600137000,
        0
      ],
      [
        1600138800,
        0
      ],
      [
        1600140600,
        0
      ],
      [
        1600142400,
        0
      ],
      [
        1600144200,
        0
      ],
      [
        1600146000,
        0
      ],
      [
        1600147800,
        0
      ],
      [
        1600149600,
        0
      ],
      [
        1600151400,
        0
      ],
      [
        1600153200,
        0
      ],
      [
        1600155000,
        0
      ],
      [
        1600156800,
        0
      ],
      [
        1600158600,
        0
      ],
      [
        1600160400,
        0
      ],
      [
        1600162200,
        0
      ],
      [
        1600164000,
        0
      ],
      [
        1600165800,
        0
      ],
      [
        1600167600,
        0
      ],
      [
        1600169400,
        0
      ],
      [
        1600171200,
        4
      ],
      [
        1600173000,
        1
      ]
    ],
    "period": "24h",
    "aggregation": "peak"
  }
]
Expand Code Examples

GET /v1/stats/lps/:scopeGroupID

GETView peak LPS by scope group

Returns current leases per second (LPS) for the specified scope group — optionally, within the specified time range.

Peak LPS is the maximum number of average leases calculated at 30 minute intervals in a 24h period and at 12h intervals in a 30 day period for a specified scope group.

  • 90th percentile markers: shows 90% of the time, the usage is below this amount.
  • 95th percentile markers: shows 95% of the time, the usage is below this amount.

You can export this report with the export path parameter.

Path Parameters:

ParameterTypeDescription
scopeGroupIDinteger(Required) Unique identifier for the scope group.
exportstringThe file type of the report that should be generated. Can be one of the following file types: json, xml, csv, pdf, xslx, or html.

Copy CodeExports report for peak LPS by scope group in PDF format

curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/stats/lps/:scopeGroupID?export=pdf

Scheduled Reports

GET /v1/reporter/scheduled-reports

GETView all scheduled reports

Retrieves a list of all scheduled reports and their details.

Copy CodeReturns details about scheduled reports

$ curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/reporter/scheduled-reports

PUT /v1/reporter/scheduled-reports

PUTCreate a new scheduled report

Creates a new scheduled report. The parameters available to you will depend on the report_type that you specify.

Request Body Parameters:

ParameterTypeDescription
report_typestring(Required) Type of scheduled report. Select from the following types:
lpsGraph with leases per second over a given period for all scope groups.
lps_by_scopegroupGraph with leases per second over a given period for a specific scope group. Requires a scope group ID in the parameters object.
lease_usageGraph with number of leases over a given period for all scope groups.
lease_usage_by_scopegroupGraph with number of leases over a given period of a specific scope group. Requires a scope group ID in the parameters object.
lease_historyAny active leases, optionally filtered by scopeGroupId, scopeId, includeInvalid, offset, and limit. Add these filters in the parameters object.
scopegroup_usageScope group report for a specific scope group; includes total, reserved, fulfilled, leased, and number of free leases for IPv4 and IPv6. Requires a scope group ID in the parameters object.
network_utilizationReport of network usage by network ID; includes total, used, and free IPv4 and IPv6 addresses. Requires a network ID in the parameters object.
activity_logLast operations or activities, optionally filtered by userId, resourceType, action, resourceId, start and end UNIX timestamps, and limit.
report_namestringName of the scheduled report
export_typestringThe file type in which reports are generated and emailed. Must be one of the following:json,csv,xml,html,xslx,pdf
start_datetimestringThe ISO 8601-format date and time that the report was added to a schedule
repeatobjectHow often the scheduled report should be repeated, formatted as a cron expression (minutes, hours, day_of_month, month, and day_of_week are the available cron properties)
endobjectWhen the report should stop running
  • type (string): Specifies whether the report should run until it is deleted, after a certain number of runs, or on a specific date. Possible values: never, after_repeats, or on_datetime.
  • after_repeats (integer): Specifies the number of reports that should be generated before the reports are no longer generated
  • on_datetime (string): A UNIX timestamp upon which the report should no longer be generated
emailsarray of stringsThe list of email addresses to which the reports should be emailed
parametersobjectParameters that are specific to certain reports. For example, for an activity log report, use this object to filter by userId, resourceType, and other supported parameters. You must include the report_type as the key for the object. For example:
 ”parameters”: {
 “activity_log”: {
 “userId”: “myuser”,
 “action”: “delete”
 }
 }

Copy CodeCreates a new scheduled report

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{"report_type": "network_utilization","repeat": {"minutes": 16,"hours": 11},"end": {"type": "never"},"start_datetime": "2016-10-22T08:12:01Z","report_name": "Network Utilization","emails": ["[email protected]"],"export_type": "pdf","parameters": {"network_utilization": {"networkId": 1}} } https://{api.mycompany.net}/v1/reporter/scheduled-reports

Example Request:

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d  '{
    "report_type": "network_utilization",
    "repeat": {
        "minutes": 16,
        "hours": 11
    },
    "end": {
        "type": "never"
    },
    "start_datetime": "2016-10-22T08:12:01Z",
    "report_name": "Network Utilization",
    "emails": ["[email protected]"],
    "export_type": "pdf",
    "parameters": {
        "network_utilization": {
            "networkId": 1
        }
    }
} https://{api.mycompany.net}/v1/reporter/scheduled-reports
Expand Code Examples

GET /v1/reporter/scheduled-reports/:reportID

GETRetrieve a scheduled report by ID

Retrieves the details about a specific report whose ID you include. You can learn more about the report, like its name, when it was created, when it last ran, and other important data.

Path Parameters:

ParameterTypeDescription
reportIDintegerReport ID number; this number is automatically generated by the system, starting at `1`.

Copy CodeReturns details for the specified report

$ curl -X GET -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/reporter/scheduled-reports/:reportID

POST /v1/reporter/scheduled-reports/:reportID

POSTModify a scheduled report

Modifies the details of a scheduled report. The parameters that are required vary depending on the type of report you want to generate.

Path Parameters:

ParameterTypeDescription
reportIDintegerReport ID number


Request Body Parameters:

ParameterTypeDescription
report_typestring(Required) Type of scheduled report. Select from the following types:
lpsGraph with leases per second over a given period for all scope groups.
lps_by_scopegroupGraph with leases per second over a given period for a specific scope group. Requires a scope group ID in the parameters object.
lease_usageGraph with number of leases over a given period for all scope groups.
lease_usage_by_scopegroupGraph with number of leases over a given period of a specific scope group. Requires a scope group ID in the parameters object.
lease_historyAny active leases, optionally filtered by scopeGroupId, scopeId, includeInvalid, offset, and limit. Add these filters in the parameters object.
scopegroup_usageScope group report for a specific scope group; includes total, reserved, fulfilled, leased, and number of free leases for IPv4 and IPv6. Requires a scope group ID in the parameters object.
network_utilizationReport of network usage by network ID; includes total, used, and free IPv4 and IPv6 addresses. Requires a network ID in the parameters object.
activity_logLast operations or activities, optionally filtered by userId, resourceType, action, resourceId, start and end UNIX timestamps, and limit.
report_namestringName of the scheduled report
export_typestringThe file type in which reports are generated and emailed. Must be one of the following:json,csv,xml,html,xslx,pdf
createdstringThe ISO 8601-format date and time when the report was created
last_runstringThe ISO 8601-format date and time that the report last ran
next_runstringThe ISO 8601-format date and time that the report is next scheduled to run
start_datetimestringThe ISO 8601-format date and time that the report was added to a schedule
last_statusstringStatus of the last run (none, success, or fail)
repeatobjectHow often the scheduled report should be repeated, formatted as a cron expression (minutes, hours, day_of_month, month, and day_of_week are the available cron properties)
endobjectWhen the report should stop running
  • type (string): Specifies whether the report should run until it is deleted, after a certain number of runs, or on a specific date. Possible values: never, after_repeats, or on_datetime.
  • after_repeats (integer): Specifies the number of reports that should be generated before the reports are no longer generated
  • on_datetime (string): A UNIX timestamp upon which the report should no longer be generated
emailsarray of stringsThe list of email addresses to which the reports should be emailed
parametersobjectParameters that are specific to certain reports. For example, for an activity log report, use this object to filter by userId, resourceType, and other supported parameters. You must include the report_type as the key for the object. For example:
”parameters”: {
 “activity_log”: {
 “userId”: “myuser”,
 “action”: “delete”
}
}

Copy CodeEdits the specified scheduled report

curl -X POST -H 'X-NSONE-Key: $API_KEY' -d '{"report_name": "Weekly Network Utilization Report"}' https://{api.mycompany.net}/v1/reporter/scheduled-reports/2

DELETE /v1/reporter/scheduled-reports/:reportID

DELETEDelete a scheduled report

Deletes a scheduled report based on the specified report ID. The report is deleted immediately.

Path Parameters:

ParameterTypeDescription
reportIDinteger(Required) Report ID number of the report you want to delete


Copy CodeDeletes the specified scheduled report

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://{api.mycompany.net}/v1/reporter/scheduled-reports/:reportID

Pulsar

Applications

A Pulsar application is a collection of jobs (resources being measured). Pulsar references the application ID (appID) to determines which jobs should record a measurement upon each impression.

GET /v1/pulsar/apps

GET List Pulsar applications

Returns all Pulsar applications in your account.

Copy CodeReturns a list of all Pulsar applications

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps

GET /v1/pulsar/apps/:appID

GET View application details

Returns details for a single Pulsar application. Specify the appID (auto-generated during app creation) in the request URL.

ParameterType
Description
Required?
appIDStringID of the Pulsar app
Yes

Copy CodeReturns details for the specified Pulsar application

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/<appID>

PUT /v1/pulsar/apps

PUT Create a Pulsar application

A Pulsar app is a collection of Pulsar jobs. Pulsar references the app ID to view all available jobs before making routing decisions. Use this command to create a new Pulsar application—auto-generating an app ID.

Note: Record the appID generated in the response. You will need this when creating Pulsar jobs associated with this app.

Copy CodeCreate a Pulsar application

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{ "name": "<string>", "active": <boo>, "browser_wait_millis": <int>, "jobs_per_transaction": <int>, "default_config": { "http": <boo>, "https": <boo>, "request_timeout_millis": <int>, "job_timeout_millis": <int>, "use_xhr": <boo>, "static_values": <boo> } }' https://api.nsone.net/v1/pulsar/apps

Example Request:

{
  "name": "string",
  "active": true,
  "browser_wait_millis": 0,
  "jobs_per_transaction": 0,
  "default_config": {
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true
  }
}

Example Response:

{
  "customer": 0,
  "appid": "x4f12h0",
  "name": "ACME Pulsar Tag",
  "active": true,
  "token": 0,
  "browser_wait_millis": 0,
  "jobs_per_transaction": 0,
  "default_config": {
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "blend_metric_weights": {
      "timestamp": 0,
      "weights": [
        {
          "name": "string",
          "weight": 0,
          "default_value": 0,
          "maximize": false
        }
      ]
    }
  },
  "community": true
}
ParameterType

Description

namestringname of the Pulsar application (ex. ACME Pulsar tag)
activebooleanIndicates whether or not this application is currently active and usable for routing
browser_wait_millisintegerIndicates the amount of time a browser should wait before running measurements
jobs_per_transactionintegerNumber of jobs to measure per user impression
default_configobjectDefault job configuration suboptions
httpbooleanIndicates whether or not to use HTTP in measurements
httpsbooleanIndicates whether or not to use HTTPS in measurements
request_timeout_millisintegerMaximum timeout per request
job_timeoutt_millisintegerMaximum timeout per job
use_xhrbooleanIndicates whether or not to use XmlHttpRequest (XHR) when taking measurements
static_valuesbooleanIndicates whether or not to skip aggregation for this job's measurements
Expand Code Examples

POST /v1/pulsar/apps/{appID}

POST Modify an application

Modifies the specified Pulsar application.

ParameterTypeDescription
appIDstringUnique identifier for the Pulsar application
namestringDescriptive name for this Pulsar app
activebooleanIndicates whether or not this application is currently active and usable for traffic steering
browser_wait_millisintegerThe amount of time (in milliseconds) the browser should wait before running measurements
jobs_per_transactionintegerNumber of jobs to measure per user impression
default_configobjectDefault job configuration. If a field is present here and not on a specific job associated with this application, the default value specified here is used.
httpbooleanIndicates whether or not to use HTTP in measurements
httpsbooleanIndicates whether or not to use HTTPS in measurements
request_timeout_millisintegerMaximum timeout per request
job_timeout_millisintegerMaximum timeout per job
use_xhrbooleanWhether to use XMLHttpRequest (XHR) when taking measurements
static_valuesbooleanIndicates whether or not to skip aggregation for this job's measurements

Copy CodeEdits the Pulsar application

curl -X POST -H "X-NSONE-Key: $API_KEY" -d '{ "name": "<string>", "active": <boo>, "browser_wait_millis": <int>, "jobs_per_transaction": <int>, "default_config": { "http": <boo>, "https": <boo>, "request_timeout_millis": <int>, "job_timeout_millis": <int>, "use_xhr": <boo>, "static_values": <boo> } } ' https://my.nsone.net/v1/pulsar/apps/{appID}

Example Request:

{
  "name": "string",
  "active": true,
  "browser_wait_millis": 0,
  "jobs_per_transaction": 0,
  "default_config": {
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true
  }
}

Example Response:

{
  "customer": 0,
  "appid": "string",
  "name": "string",
  "active": true,
  "token": 0,
  "browser_wait_millis": 0,
  "jobs_per_transaction": 0,
  "default_config": {
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true,
    "blend_metric_weights": {
      "timestamp": 0,
      "weights": [
        {
          "name": "string",
          "weight": 0,
          "default_value": 0,
          "maximize": false
        }
      ]
    }
  },
  "community": true
}
ParameterTypeDescription
appID
string
Unique identifier for the Pulsar application
name
string
Descriptive name for this Pulsar app
active
boolean
Indicates whether or not this application is currently active and usable for traffic steering
browser_wait_millis
integer
The amount of time (in milliseconds) the browser should wait before running measurements
jobs_per_transaction
integer
Number of jobs to measure per user impression
default_config
object
Default job configuration. If a field is present here and not on a specific job associated with this application, the default value specified here is used.
http
boolean
Indicates whether or not to use HTTP in measurements
https
boolean
Indicates whether or not to use HTTPS in measurements
request_timeout_millis
integer
Maximum timeout per request
job_timeout_millis
integer
Maximum timeout per job
use_xhr
boolean
Whether to use XMLHttpRequest (XHR) when taking measurements
static_values
boolean
Indicates whether or not to skip aggregation for this job's measurements
Expand Code Examples

DELETE /v1/pulsar/apps/{appID}

DELETE Delete a Pulsar application

Deletes a Pulsar application specified in the request URL (via appID).

Copy CodeDeletes a Pulsar application

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/{appID}

Jobs

A pulsar job measures a specific metric (e.g. latency) from a particular resource (e.g. CDN, data center, cloud, etc).

GET /v1/pulsar/apps/:appID/jobs

GETList jobs within an app

Returns a list of all Pulsar jobs in an app. A job corresponds to a resource (CDN, data center, cloud, etc.) being measured. The resource hosts an asset used to measure availability and latency. The jobID is applied to an answer within the DNS resource record.

ParameterTypeDescription
Required?
appID
String
ID of the Pulsar App
Yes

Copy CodeReturns a list of all jobs within the specified Pulsar application.

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/:appID/jobs

GET /v1/pulsar/apps/:appID/jobs/:jobID

GETView job details

Returns configuration details for the specified job via the unique jobID. You must also specify the application with which this job is associated (using the unique appID) in the request URL.

ParameterType
Description
Required?
appIDString
ID of the Pulsar app
Yes
jobID
String
IF of the Pulsar job
Yes

Copy CodeReturns details about the specified Pulsar job

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/:appID/jobs/:jobID

Example Response:

{
  "customer": 0,
  "appid": "string",
  "jobid": "string",
  "name": "string",
  "typeid": "latency",
  "active": true,
  "community": true,
  "shared": true,
  "config": {
    "host": "string",
    "url_path": "string",
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true,
    "blend_metric_weights": {
      "timestamp": 0,
      "weights": [
        {
          "name": "string",
          "weight": 0,
          "default_value": 0,
          "maximize": false
        }
      ]
    }
  }
}

ParameterTypeDescriptionRequired?
appIDStringID of the Pulsar appYes
jobIDStringIF of the Pulsar jobYes
Expand Code Examples

PUT /v1/pulsar/apps/{appId}/jobs

PUTCreate a Pulsar job

A job is an object corresponding to a resource (CDN, data center, cloud, etc.). The resource hosts an asset used to measure availability and latency. The jobID is applied to an endpoint via the answer metadata. Use this command to create a Puslar job within your app—auto-generating a jobID.

Note: Record the jobID value (ex. d45ma0) in the response. You will need to apply the jobID to the answer metadata.

Copy CodeCreate a Pulsar job associated with a Pulsar application

curl -X PUT -H 'X-NSONE-Key: $API_KEY' -d '{"name": "<string>", "typeid": "<string>", "active": <boo>, "shared": <boo>, "config": {"host": "<string>", "url_path": "<string>", "http": <boo>, "https": <boo>, "request_timeout_millis": <int>, "job_timeout_millis": <int>, "use_xhr": <boo>, "static_values": <boo>} }' https://api.nsone.net/v1/pulsar/apps/{appId}/jobs

Example Request:

{
  "name": "string",
  "typeid": "latency",
  "active": true,
  "shared": true,
  "config": {
    "host": "string",
    "url_path": "string",
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true
  }
}

Example Response:

{
  "customer": 0,
  "appid": "string",
  "jobid": "string",
  "name": "string",
  "typeid": "latency",
  "active": true,
  "community": true,
  "shared": true,
  "config": {
    "host": "string",
    "url_path": "string",
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true,
    "blend_metric_weights": {
      "timestamp": 0,
      "weights": [
        {
          "name": "string",
          "weight": 0,
          "default_value": 0,
          "maximize": false
        }
      ]
    }
  }
}
ParameterTypeDescription
namestringName of the Pulsar job. Typically, this is the name of the CDN or endpoint
typeidstringSpecifies the type of Pulsar job — either latency or custom
activebooleanIndicates whether or not the Pulsar job is currently active and usable for routing
sharedbooleanIndicates whether or not this job is visible and usable to other customers
configobjectIncludes several sub-options related to job configuration
hoststringHostname where the resource is located
url_pathstringURL path to be appended to the host
httpbooleanIndicates whether or not to use HTTP in measurements
httpsbooleanIndicates whether or not to use HTTPS in measurements
request_timeout_millisintegerMaximum timeout per request
job_timeout_millisintegerMaximum timeout per request
use_xhrbooleanIndicates whether or not to use XmlHttpRequest (XHR) when taking measurements
static_valuesbooleanIndicates whether or not to skip aggregation for this job's measurements
Expand Code Examples

POST /v1/pulsar/apps/{appID}/jobs/{jobID}

POSTModify a Pulsar job

Modifies an existing Pulsar job configuration. Note that you must specify the unique jobID and the associated appID in the URL path.

Copy CodeEdits a Pulsar job

curl -X POST -H "X-NSONE-Key: $API_KEY" -d  '{ "name": "<string>", "typeid": "<string>", "active": <boo>, "shared": <boo>, "config": {"host": "<string>", "url_path": "<string>", "http": <boo>, "https": <boo>, "request_timeout_millis": <int>, "job_timeout_millis": <int>, "use_xhr": <boo>, "static_values": <boo>} }'  https://api.nsone.net/v1/pulsar/apps/{appID}/jobs/{jobID}

Example Request:

{
  "name": "string",
  "typeid": "latency",
  "active": true,
  "shared": true,
  "config": {
    "host": "string",
    "url_path": "string",
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true
  }
}

Example Response:

{
  "customer": 0,
  "appid": "string",
  "jobid": "string",
  "name": "string",
  "typeid": "latency",
  "active": true,
  "community": true,
  "shared": true,
  "config": {
    "host": "string",
    "url_path": "string",
    "http": true,
    "https": true,
    "request_timeout_millis": 0,
    "job_timeout_millis": 0,
    "use_xhr": true,
    "static_values": true,
    "blend_metric_weights": {
      "timestamp": 0,
      "weights": [
        {
          "name": "string",
          "weight": 0,
          "default_value": 0,
          "maximize": false
        }
      ]
    }
  }
}
ParameterTypeDescription
appIDstringUnique identifier for the Pulsar application
jobIDstringUnique identifier for the Pulsar job (typically, this is the name of the target CDN/endpoint)
namestringDescriptive name for the Pulsar job
typeidstringIndicates the type of Pulsar job—either "latency" or "custom"
activebooleanIndicates whether or not this Pulsar job is currently active and usable for routing
sharedbooleanIndicates whether or not this job is visible and usable to other customers
configobjectContains several configuration options for this Pulsar job
hoststringHostname where the resource being measured is located
url_pathstringURL path to be appended to the host
httpbooleanIndicates whether or not to use HTTP in measurements
httpsbooleanIndicates whether or not to use HTTPS in measurements
request_timeout_millisintegerMaximum timeout per request
job_timeout_millisintegerMaximum timeout per job
use_xhrbooleanIndicates whether or not to use XmlHttpRequest (XHR) in measurements
static_valuesbooleanIndicates whether or not to skip aggregation for this job's measurements
Expand Code Examples

DELETE /v1/pulsar/apps/{appID}/jobs/{jobID}

DELETEDelete a Pulsar job

Deletes the specified Pulsar job. Note that you must include the jobID and the associated appID in the URL path.

Copy CodeDeletes the specified Pulsar job

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/{appID}/jobs/{jobID}

Performance Data

The various performance data endpoints use a common set of parameters to filter & group query results. These parameters can be directly specified to tightly filter results (e.x., setting “geo=US” will restrict the query to only return results from the US). Alternatively, some parameters can be set to a wildcard to group answers based on that parameter (e.x., setting “geo=*” will return a separate set of results for every geo value that exists).

Parameter

Type

Description

Example

Wildcard enabled

start

Number

Absolute start time in UNIX timestamp. Any data from before this time will be excluded. Defaults to 1 hour before current time

1527163200 (corresponds to 5/24/2018 12:00:00 GMT)

No

end

Number

Absolute end time in UNIX timestamp. Any data from after this time will be excluded. Defaults to current time.

1527163200 (corresponds to 5/24/2018 12:00:00 GMT)

No

period

String

Can be used instead of start & end time. If set, will set end time to current time and start time to whatever time is specified by this period. If start time is set, period is ignored

‘30m’, ‘1h’, ‘30d’

No

geo

String

Geographic region. Will filter data to only include results from the specified region. Must be either a 2 letter ISO country code, or US states can also be specified with the format ‘US_NY’

‘US’, ‘FR’, ‘GR’, ‘JP’, ‘US_NY’

Yes

asn

Number

Specifies an Autonomous System Number to filter for

1234

Yes

agg

String

Specifies a method to use to aggregate data. When there are multiple categories of data being grouped into one (e.x., you query for all geo rather than individual geo regions), this determines how the different data series are combined. (‘p50’ means “estimated 50th percentile”, ‘p75’ is estimated 75th percentile, etc)

‘avg’, ‘max’, ‘min’, ‘p50’, ‘p75’, ‘p90’, ‘p95’, ‘p99’, ‘p999’

No

GET /v1/pulsar/apps/:appID/jobs/:jobID/data

GETView aggregated performance data

Returns historical and live data.

Note: If you receive a "400" response, ensure the start and end times do not overlap and/or that the time range is greater than 30 days.

Path Parameters:

ParameterTypeDescription
appIDstringThe unique ID of the Pulsar application that you are running
jobIDstringThe unique ID of the Pulsar job that you use to collect latency or custom data

Query Parameters:

Parameter

TypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).
aggstringSpecifies which aggregation method to use. Possible values are: avg, max, min, p50, p75, p90, p95, and p99. Default is p50.

Copy CodeReturns aggregated performance data

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/:appID/jobs/:jobID/data

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/1j17urd/jobs/816kab/data?start=1430032020000&end=1451433600000&period=24h&geo=US&asn=12345&agg=p95

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/1j17urd/jobs/816kab/data?start=1617670314&end=1620428400&geo=CA&asn=12345&agg=p50
Expand Code Examples

Availability

Allowed parameters: start, end, period, geo, asn

GET /v1/pulsar/apps/:appID/jobs/:jobID/availability

GETView availability data

Returns availability score per resource over time.

Path Parameters:

ParameterTypeDescription
appIDstringThe unique ID of the Pulsar application that you are running
jobIDstringThe unique ID of the Pulsar job that you use to collect latency or custom data

Query Parameters:

Parameter

TypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).
aggstringSpecifies which aggregation method to use. Possible values are: avg, max, min, p50, p75, p90, p95, and p99. Default is p50.

Copy CodeReturns availability data

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/:appID/jobs/:jobID/availability

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/1j17urd/jobs/816kab/availability?start=1430032020000&end=1451433600000&period=24h&geo=US&asn=12345&agg=p95

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/apps/1j17urd/jobs/816kab/availability?period=1h&geo=CA&asn=12345&agg=p50
Expand Code Examples

Decisions

Allowed parameters: start, end, period, geo, asn

GET /v1/pulsar/query/decision/customer

GETView decisions for account

NOTE

As of 13 May 2021, the Pulsar team has introduced a simplified way to access decision data. See the new endpoint to learn more about the changes.

Returns total count of Pulsar decisions for the account — optionally, within a specified time range or other filter specified in the query.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Query Parameters:

Parameter

TypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).

Copy CodeQueries account decisions

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Narrows results by start and end dates, geographical location, and ASN

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer?start=1523000000&end=1523500000&geo=US&asn=12345

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer?period=1h&geo=US&asn=12345
Expand Code Examples

GET /v1/pulsar/query/decision/customer/undetermined

GETView insufficient decision data for account

NOTE

As of 13 May 2021, the Pulsar team has introduced a simplified way to access decision data. See the new endpoint to learn more about the changes.

Returns total count of insufficient data where Pulsar could not make a decision — optionally, within a specified time range or other filter.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Query Parameters:

Parameter

TypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).

Copy CodeReturns total count of instances of insufficient Pulsar data

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer/undetermined?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Narrowed down by a start and end time, geographic region, and ASN.

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer/undetermined?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer/undetermined?start=1523000000&end=1523500000&geo=US&asn=12345

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/customer/undetermined?period=1h&geo=US&asn=12345
Expand Code Examples

GET /v1/pulsar/query/decision/record/:domain/:record

GETView decisions for record

NOTE

As of 13 May 2021, the Pulsar team has introduced a simplified way to access decision data. See the new endpoint to learn more about the changes.

Returns count of Pulsar decisions per resource for a specific record.

Path Parameters:

ParameterTypeDescription
domainstringRequired. Specifies the domain to which the record belongs.
recordstringRequired. Specifies the record associated with the decision.

Query Parameters:

Parameter

TypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).

Copy CodeRetrieves decisions for a specified record

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/:domain/:record?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Narrows results by a start and end time, geographical location, and autonomous system number (ASN)

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/:domain/:record?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/undetermined/www.example.com/A?start=1523000000&end=1523500000&geo=US&asn=12345

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/undetermined/www.example.com/A?period=1h&geo=US&asn=12345
Expand Code Examples

GET /v1/pulsar/query/decision/record/undetermined/:domain/:record

GETView insufficient decision data for record

NOTE

As of 13 May 2021, the Pulsar team has introduced a simplified way to access decision data. See the new endpoint to learn more about the changes.

Returns count of insufficient data where Pulsar could not make a decision for a specific record — optionally, within a specified time range or other filter.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Path Parameters:

domainstringRequired. Specifies the domain to which the record belongs.
recordstringRequired. Specifies the record associated with the decision.


Query Parameters:

startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US).
asnintegerFilters results by an autonomous system number (ASN).


Copy CodeReturns insufficient decision data

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/undetermined/{domain}/{record}?start={start_time}&end={end_time}&geo={geography}&asn={asn}

Narrowed down to a start and end time, geographic area, and ASN.

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/undetermined/www.example.com/A?start=1523000000&end=1523500000&geo=US&asn=12345

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decision/record/undetermined/www.example.com/A?period=1h&geo=US&asn=12345
Expand Code Examples

GET /v1/pulsar/query/decisions

GETView Pulsar decision data

NOTE

As of 13 May 2021, the Pulsar team has introduced this endpoint as a simplified way to access decision data. The existing endpoints still function as they always have; this endpoint provides the same functionality in a single endpoint.

Returns total count of Pulsar decisions — optionally, within a specified time range or other filter specified in the query.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both. Optionally, you can filter further by using the query parameters in the list below.

Query Parameters:

ParameterTypeDescription
startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to a two-letter ISO code for the geographic location for which you want to filter (for example, US). If filtering by asn, you must select a geographic location first.
areastringFilters results according to the geographic location. You can supply one of the following types of filters:

  • A US state (such as US_NY)
  • A country code (such as US)
  • A continent (such as R_AS)
  • Worldwide results (GLOBAL)
asnstringFilters results by an autonomous system number (ASN). You can provide a single ASN or comma-separated list. You must specify a geographic location (geo) before you can filter by ASN.
recordstringFilters results by associated records (either a single record or a comma-separated list). Record type must also be included, in this format: www.test.com_CNAME
resultstringFilters results by result code (for example, return only OK decisions).
aggstringList of other fields to group results (for example, "area,jobid")
graphbooleanIf set to true, returns results in a list grouped by timestamp. This list tells you how many decisions were made per timestamp. If set to false, returns a list of totals.

Copy CodeSample request that includes some of the query parameters

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decisions?start={start_time}&end={end_time}&area={geography}&asn={asn}

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decisions?start=1523000000&end=1523500000&geo=US&asn=12345&graph=true

Example Request:

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/decisions?period=1h&geo=CA&asn=12345&record=www.example.com_A
Expand Code Examples

Route Maps

GET /v1/pulsar/routemaps/create

GETCreate a route map

Creates a new route map in the database for processing.

NOTE: This operation only creates the route map metadata. The response to this GET request contains a temporary pre-signed URL where you must upload the route map file. Even though invocation of this endpoint creates a record in the database, it is defined as a GET request because it returns a URL. Note that the initial status for the route map will appear as "uploading" until the route map is uploaded via the PUT request.

Query Parameters:

namestringName for the route map you are creating (e.g. "West Coast")


Copy CodeCreates a new route map (using the specified name)

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/create?name={name}

This command creates a new route map with the name specified in the query. The response includes a URL to which you must upload the route map file to complete the process.

Example Response:

{
  "customer": 0,
  "status": "uploading",
  "name": "example",
  "created": 0,
  "url": "https://s3.amazonaws.com/pulsar-routemap-uploads/example.json?...",
  "mapid": 0,
  "modified": 0
}
Expand Code Examples

PUT {aws_url}

PUTUpload a route map

After executing the GET command to create the route map metadata, the response includes an AWS URL (e.g. https://s3.amazonaws.com/pulsar-routemap-uploads/example.json?...) to which you must upload the route map file. Copy and paste that URL into the PUT command to upload the route map file.

Copy CodeUploads the route map file to the specified URL

curl -X PUT -L -H "Content-Length: {file_size}" -H "Client-Encoding: UTF-8" -T "{file}" "{aws_url}"

GET /v1/pulsar/routemaps

GETList all route maps

Returns a list of all current route maps — including metadata such as each route map's mapID —associated with the account.

Copy CodeReturns all route maps associated with the account

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps

Example Response:

[
  {
    "customer": 0,
    "mapid": 0,
    "name": "string",
    "status": "uploading",
    "created": 0,
    "modified": 0
  }
]
Expand Code Examples

GET /v1/pulsar/routemaps/:mapID

GETView route map details

Returns metadata for the route map specified in the path by its unique map ID.

Path Parameters:

mapIDinteger(Required) Unique identifier for the route map.


Copy CodeReturns metadata for the specified route map

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/:mapID

Example Response:

{
  "customer": 0,
  "mapid": 0,
  "name": "string",
  "status": "uploading",
  "created": 0,
  "modified": 0
}
Expand Code Examples

GET /v1/pulsar/routemaps/:mapID/replace

GETReplace a route map

Replaces the data for the associated route map and returns an S3 pre-signed URL. You must perform a second step to this process by uploading the new map file to the URL returned in the response to this request. Note that you can only replace data for a route map that is in the ready state.

Copy CodeReplaces route map data

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/:mapID/replace

POST /v1/pulsar/routemaps/:mapID/meta

POSTUpdate route map metadata

Modifies the metadata for the specified route map. Currently, users can modify only the name of the route map.

Copy CodeUpdates the name of the route map

curl -X PUT -H "X-NSONE-Key: $API_KEY" -d '{"name": "stringt"}'https://api.nsone.net/v1/pulsar/routemaps/:mapID/meta

Example Response:

{
  "customer": 0,
  "mapid": 0,
  "name": "string",
  "status": "uploading",
  "created": 0,
  "modified": 0
}
Expand Code Examples

DELETE /v1/pulsar/routemaps/:mapID

DELETEDelete a route map

Deletes the route map metadata for the given mapid. The status of the route map changes to delete pending. Once the Route Map status has been changed, it's no longer considered for decisions.


Copy CodeDeletes route map metadata

curl -X DELETE -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/:mapID

GET /v1/pulsar/query/routemap/hit/customer

GETView all route map hits

Returns the total count of Pulsar route map hits for the entire account — optionally, within a specified time range. In response to a client request, the route map looks up the requester's IP address in the map file. A "hit" represents an instance in which the IP address is found within the map (as opposed to a "miss" where the IP address is not found). A high ratio of hits to misses indicates that the route map provides sufficient coverage of IP addresses querying it.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Query Parameters:

startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to the geographic location (ex. US)
mapIDintegerUnique identifier for a specific route map by which to filter results.


Copy CodeReturns all route map hits for the account

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/routemap/hit/customer

Copy CodeReturns route map hits for a single route map

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/hit/customer?mapID={mapID}

Copy CodeReturns all route map hits for the last 24 hours

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/routemaps/hit/customer?period=24h

GET /v1/pulsar/query/routemap/miss/customer

GETView all route map misses

Returns the total count of Pulsar route map misses for the entire account — optionally, within a specified time range. In response to a client request, the route map looks up the requester's IP address in the map file. A "miss" represents an instance in which the IP address is not found within the map (as opposed to a "hit" where the IP address is found). A high ratio of hits to misses indicates that the route map provides sufficient coverage of IP addresses querying it.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Query Parameters:

startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to the geographic location (ex. US)
mapIDintegerUnique identifier for a specific route map by which to filter results.


Copy CodeReturns all route map misses for the account

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/routemap/miss/customer

GET /v1/pulsar/query/routemap/hit/record/:domain/:record

GETView route map hits by record

Returns the total count of Pulsar route map hits for the specified record (within the specified domain) — optionally, within a specified time range. In response to a client request, the route map looks up the requester's IP address in the map file. A "hit" represents an instance in which the IP address is found within the map (as opposed to a "miss" where the IP address is not found). A high ratio of hits to misses indicates that the route map provides sufficient coverage of IP addresses querying it.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Path Parameters:

domainstring(Required) Specifies the domain to which the record belongs.
recordstring(Required) Name of the record associated with the decision.


Query Parameters:

startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to the geographic location (ex. US)
mapIDintegerUnique identifier for a specific route map by which to filter results.


Copy CodeReturns route map hits for the specified record

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/routemap/hit/record/:domain/:record

GET /v1/pulsar/query/routemap/miss/record/:domain/:record

GETView route map misses by record

Returns the total count of Pulsar route map misses for the specified record (within the specified domain) — optionally, within a specified time range. In response to a client request, the route map looks up the requester's IP address in the map file. A "miss" represents an instance in which the IP address is not found within the map (as opposed to a "hit" where the IP address is found). A high ratio of hits to misses indicates that the route map provides sufficient coverage of IP addresses querying it.

The time range is specified using start and end parameters. Alternatively, you can provide a period of time (from the current timestamp) by which you want to filter results. Note that you can either specify a start/end or a period — but not both.

Path Parameters:

domainstring(Required) Specifies the domain to which the record belongs.
recordstring(Required) Name of the record associated with the decision.


Query Parameters:

startintegerDatetime expression (absolute or relative) for the beginning of the time range by which to filter results.
endintegerDatetime expression (absolute or relative) for the end of the time range by which to filter results.
periodstringIndicates a period of time from the current timestamp by which to filter results. For example, a value of 24h will return results for the last 24 hours from the current time.
geostringFilters results according to the geographic location (ex. US)
mapIDintegerUnique identifier for a specific route map by which to filter results.


Copy CodeReturns route map misses for the specified record

curl -X GET -H "X-NSONE-Key: $API_KEY" https://api.nsone.net/v1/pulsar/query/routemap/miss/record/:domain/:record

NS1 DDI Configuration

Note: When using the API documentation to manage your Enterprise DDI configuration, you must replace the domain in the example URLs with your own domain (ex. http://api.mycompany.net).

Download Resources

NS1 Customer Success enables customers to download Docker container images for Private DNS and Enterprise DDI. Container images are available via download using an API key created in my.nsone.net.

Operations

Operations endpoints are performed by operator users. Operator users perform special system administrative tasks such as bootstrapping, managing services, and managing tenant organizations.

POST /v1/ops/bootstrap

POSTBootstrap the first operator user

When no operator users exist in the main database, the bootstrap endpoint is enabled. This is the only endpoint which does not require authentication. Note: Bootstrap can only be performed once. If the returned API key is lost, the system must be deployed again.

Request URL:

https://:apidomain/v1/ops/bootstrap

Example URL:

https://api.mycompany.net/v1/ops/bootstrap

Example Request:

{
	"user": "root",
	"name": "root user",
	"email": "[email protected]",
	"password": "rootpassword"
}

Example Response:

{
"two_factor_auth": { "secret": "2FASECRET", "type": "totp" },
"name": "root user",
"id": "5b11aABCDEFG1373d",
"user": "root",
"key": "APIKEY",
"last_access": "2018-06-01T19:56:56.604228",
"password": "L0R3M1PSUm",
"email": "[email protected]"
}
Expand Code Examples

GET /v1/ops/operators

GETView all operator users

Returns a list of all operator users in the system.

GET /v1/ops/operator/:operator-id

GETView operator details

Returns information about the operator user.

Request URL:

https://api.mycompany.net/v1/ops/operators/:operator-id

Example Response:

{
    "two_factor_auth": {
        "secret": "ENCRYPTED2FASECRET==",
        "type": "totp"
    },
    "password": "ENCRYPTEDpassword",
    "name": "Operator User",
    "id": "5d4OPERATORID3df",
    "user": "operator",
    "key": "ENCRYPEDapikey",
    "last_access": "2019-08-05T18:23:53.278277",
    "email": "[email protected]"
}
Expand Code Examples

PUT /v1/ops/operators

PUTCreate a new operator user

Create a new operator user for the system. In addition to creating other operators, organizations, and services; operators can act as administrators on behalf of any organization in the system where users within a tenant organization only have access to that organization’s resources (e.g. zones, records, API keys, etc.).

Example Request:

{
	"user": "operator",
	"name": "Operator Name",
	"email": "[email protected]",
	"password": "operatorpassword"
}

Example Response:

{
"two_factor_auth": { "secret": "2FASECRET", "type": "totp" },
"name": "Operator User",
"id": "5b11aABCDEFG1373d",
"user": "operator",
"key": "APIKEY",
"last_access": "2018-06-01T19:56:56.604228",
"password": "L0R3M1PSUm",
"email": "[email protected]"
}