How to Use the ElasticDomain API
The API lets you automate scans, retrieve domain data, and integrate domain intelligence into your own tools. Here is how to get started.
How to Use the ElasticDomain API
ElasticDomain exposes a REST API that lets you automate everything you can do in the UI — adding domains, triggering scans, fetching results, managing workspaces, and more.
Authentication
Getting Your API Key
- Log in to ElasticDomain.
- Go to Settings → API Keys.
- Click Generate New Key.
- Copy and store the key securely — it will not be shown again.
Sending the API Key
Include the key in every request as a Bearer token:
Authorization: Bearer YOUR_API_KEY
All requests must use HTTPS.
Base URL
https://elasticdomain.com/api/v1
Request Format
- Request bodies are JSON (Content-Type: application/json)
- All responses are JSON
- Timestamps are ISO 8601 UTC
- Errors return { "error": "...", "code": "..." } with appropriate HTTP status codes
Core Endpoints
List Domains
GET /api/v1/domains
Returns all domains in your account. Supports ?workspaceId= filter and ?page= / ?limit= pagination.
Add a Domain
POST /api/v1/domains
Body: { "domain": "newdomain.com", "type": "OWNED", "workspaceId": "ws_xyz" }
Costs 1 credit per domain.
Trigger a Scan
POST /api/v1/domains/{domainId}/scan
Body: { "scanType": "full" }
Scan types and credit costs:
- full: 250 credits (WHOIS + SSL + DNS + Security + Uptime + Tech)
- quick: 2 credits (WHOIS + SSL only)
- seo: 1,500 credits
- port: 600 credits
- ssl: 1 credit
The response includes a scanId you can poll for status.
Get Scan Results
GET /api/v1/scans/{scanId}
Returns scan status (pending, running, complete, failed) and results when complete.
WHOIS Lookup
GET /api/v1/tools/whois?domain=example.com
Costs 1 credit. Returns parsed WHOIS data directly from the registry via TCP port 43.
DNS Lookup
GET /api/v1/tools/dns?domain=example.com&type=A
Costs 1 credit. Query types: A, AAAA, MX, NS, TXT, CNAME, SOA, CAA. Uses resolvers 8.8.8.8 and 1.1.1.1.
SSL Check
GET /api/v1/tools/ssl?domain=example.com
Costs 1 credit. Returns certificate details via the native Node.js TLS module.
Rate Limits
- 100 requests per minute per API key
- 1,000 requests per hour per account
- Scans are credit-limited, not rate-limited
When rate limited, the API returns HTTP 429 with a Retry-After header.
Code Examples
cURL
curl -X GET "https://elasticdomain.com/api/v1/domains" -H "Authorization: Bearer YOUR_API_KEY"
JavaScript/TypeScript
const res = await fetch('https://elasticdomain.com/api/v1/domains', { headers: { 'Authorization': 'Bearer ' + process.env.ELASTICDOMAIN_API_KEY } }); const { domains } = await res.json();
Python
import requests r = requests.get('https://elasticdomain.com/api/v1/domains', headers={'Authorization': 'Bearer YOUR_API_KEY'}) domains = r.json()['domains']
CI/CD Integration Example
Trigger a scan after deploying to production:
After deploying your app, POST to /api/v1/domains/{id}/scan with scanType "full" to immediately verify your production domain's health, SSL, and DNS are all correct post-deployment.
Security Best Practices
- Store API keys in environment variables, never in code
- Create separate keys per environment (dev, staging, prod)
- Use minimum required scopes
- Rotate keys every 90 days
- Never commit keys to Git