LogoDomain Collective
Login

Prerequisites

API requirements and setup for each supported registrar

Prerequisites for Domain Collective

Before you can start using Domain Collective, you'll need to enable API access with your domain registrar. This guide explains the requirements for each supported registrar.

Overview

Domain Collective connects to your registrar using official APIs. Each registrar has different requirements for API access:

RegistrarAPI TypeAuthenticationSpecial Requirements
GoDaddyREST APIAPI Key + SecretProduction API access
NamecheapXML APIAPI Key + UsernameIP whitelisting required
GandiREST APIPersonal Access TokenToken expires after 1 year

No minimum domain requirements! Unlike some services, Domain Collective works with any number of domains - even just one.

GoDaddy API Setup

Requirements

  • Active GoDaddy account
  • At least one domain (no minimum requirement)
  • Production API access

How to Get API Credentials

  1. Visit GoDaddy Developer Portal

  2. Create API Keys

    • Click "API Keys" in the navigation
    • Click "Create New API Key"
    • Name your key (e.g., "Domain Collective")
    • Select Production environment
    • Click "Next"

  3. Save Your Credentials

    • API Key: Copy and save securely
    • API Secret: Copy immediately (shown only once!)
    • Customer ID: Found in your GoDaddy account settings

Important: The API Secret is only shown once. Save it immediately in a secure location!

Testing Access

You can test your GoDaddy API access using:

  • OTE (test) environment with customer ID: 1234
  • Production environment with your actual customer ID

Namecheap API Setup

Requirements

  • Active Namecheap account
  • At least one domain (no minimum requirement)
  • Static IP address for whitelisting

How to Enable API Access

  1. Enable API in Account

    • Log into your Namecheap account
    • Go to Profile → Tools → API Access
    • Click "Enable API Access"

  2. Whitelist Your IP

    • Find your IP address (visit whatismyip.com)
    • Add your IP to the whitelist in API settings
    • Save the changes

  3. Get Your Credentials

    • Username: Your Namecheap username
    • API Key: Found in API Access Management page
    • Save both securely

Sandbox Available: Namecheap offers a sandbox environment at sandbox.namecheap.com for testing.

Common Issues

  • IP not whitelisted: Most common error - ensure your current IP is in the whitelist
  • API not enabled: Check that API access is enabled in your account
  • Wrong username: Use your account username, not email

Gandi API Setup

Requirements

  • Active Gandi account
  • At least one domain (no minimum requirement)
  • Personal Access Token (PAT)

How to Create a Personal Access Token

  1. Access Account Settings

    • Log into your Gandi account
    • Click on your username (top right)
    • Select "User settings" or "Security"

  2. Create Personal Access Token

    • Navigate to "Security" → "Personal Access Tokens"
    • Click "Create a token"
    • Name your token (e.g., "Domain Collective")
    • Set expiration (max 1 year)
    • Select required scopes:
      • domain:read - View domains
      • domain:write - Manage domains
      • dns:read - View DNS records
      • dns:write - Manage DNS records

  3. Save Your Token

    • Copy the generated token immediately
    • Store it securely
    • The token won't be shown again!

Token Expiry: Gandi PATs expire after a maximum of 1 year. You'll need to generate a new token before expiry to maintain access.

Token Management

  • You can have multiple active tokens
  • Tokens can be revoked anytime from your account
  • Set a reminder for token renewal before expiry

Security Best Practices

Protecting Your Credentials

  1. Never share API credentials

    • Treat them like passwords
    • Don't commit to git repositories
    • Don't share in emails or messages

  2. Use strong authentication

    • Enable 2FA on your registrar accounts
    • Use unique passwords for each service

  3. Monitor API usage

    • Check API logs in your registrar dashboard
    • Look for unexpected activity

  4. Rotate credentials regularly

    • Update API keys periodically
    • Remove old/unused API keys

Domain Collective Security

Domain Collective protects your credentials by:

  • Encrypting all credentials before storage
  • Using HTTPS for all API communications
  • Never logging sensitive data
  • Isolating user data in the database

Verification Checklist

Before adding an integration, verify:

GoDaddy

  • API Key obtained from developer portal
  • API Secret saved securely
  • Customer ID noted
  • Production environment selected

Namecheap

  • API access enabled in account
  • Current IP address whitelisted
  • Username and API Key saved
  • Test with sandbox if needed

Gandi

  • Personal Access Token created
  • Required scopes selected
  • Token saved securely
  • Expiry date noted for renewal

Troubleshooting

"Invalid Credentials" Error

  • Double-check API key/secret/token
  • Ensure no extra spaces when pasting
  • Verify production vs test environment

"Unauthorized" Error

  • Check IP whitelisting (Namecheap)
  • Verify API access is enabled
  • Ensure token hasn't expired (Gandi)

"No Domains Found"

  • Verify domains exist in account
  • Check API scopes/permissions
  • Try manual sync after waiting

Getting Help

If you're having trouble setting up API access:

  1. Check registrar documentation

  2. Contact registrar support

    • They can help enable API access
    • Verify account permissions

  3. Reach out to us

Once you have your API credentials, you're ready to add your first integration →

IntroductionYour First Integration