SwishDNS API – SwishDNS

Built for modern DNS automation

The SwishDNS API gives you direct programmatic access to your DNS platform, so you can manage zones, publish records, enable DNSSEC, verify configuration health and integrate DNS changes into your operational workflows without relying on manual dashboard updates alone.

Website Base URL

https://swishdns.net

Use this for customer-facing pages such as signup, dashboard access, documentation and support.

API Base URL

https://api.swishhost.net/swishdns

Use this base URL for authenticated programmatic requests to the SwishDNS API.

Why use the SwishDNS API?

Automate routine changes

Update records, manage zones and validate changes from scripts, deployment processes and internal tooling.

Operate with more confidence

Use diagnostics, propagation and sync endpoints to check whether your zones are delegated, healthy and in sync.

Secure machine access

Create, rotate and revoke API keys without exposing account passwords to infrastructure or automation systems.

Authentication

SwishDNS supports two authentication methods depending on the type of client and workflow.

JWT Bearer Tokens

Best for interactive user sessions, dashboard-linked tools and authenticated account workflows.

Authorization: Bearer <jwt_token>

Obtain a JWT by authenticating through the SwishDNS login endpoint.

API Keys

Best for scripts, backend services, deployment automation, monitoring and infrastructure integrations.

X-API-Key: sdns_your_api_key_here

API keys can be created and managed from the SwishDNS dashboard.

Using API Keys

API keys are designed for machine access and operational safety. They can be created, rotated, revoked and deleted from your dashboard so automation can authenticate without sharing the full account password.

Best for

CI/CD pipelines
Deployment hooks
DNS automation scripts
Infrastructure orchestration
Monitoring and operational tooling

Security notes

API keys are only shown once when created or rotated
Store them in a secret manager or environment variable
Rotate keys regularly as part of operational hygiene
Revoke compromised or unused keys immediately
Never embed keys in frontend code or public repositories

Example request with API key

curl -H "X-API-Key: sdns_your_api_key_here" \
  https://api.swishhost.net/swishdns/zones/

Example request with JWT

curl -H "Authorization: Bearer your_jwt_token_here" \
  https://api.swishhost.net/swishdns/account/me

What you can manage through the API

Zones and records

Create zones, import existing configurations, manage DNS records and export zone data when needed.

DNSSEC and diagnostics

Enable DNSSEC, retrieve registrar-ready DS information and verify setup, delegation, health and sync state.

Account and billing

Manage sessions, review activity, create API keys and access subscription and invoice workflows programmatically.

Response format

SwishDNS endpoints return JSON responses. Success responses usually return resource data or a standard message object, while validation and operational failures return descriptive error details.

Typical success message

{
  "message": "Operation completed successfully",
  "success": true
}

Typical error response

{
  "detail": "Descriptive error message"
}

Endpoint reference

All endpoints below are relative to: https://api.swishhost.net/swishdns

Authentication endpoints

POST /auth/registerCreate account

Register a new SwishDNS user account.
POST /auth/loginIssue JWT

Authenticate with email and password to receive a bearer token.
POST /auth/verify-emailEmail verification

Verify an email address using the verification token.
POST /auth/resend-verificationVerification resend

Resend a verification email for an unverified account.
POST /auth/forgot-passwordPassword reset request

Request a password reset email.
POST /auth/reset-passwordPassword reset completion

Reset a password using a valid reset token.
POST /auth/change-passwordAuthenticated password change

Change the current account password while authenticated.
POST /auth/logoutEnd current session

Log out of the active session.
POST /auth/logout-allEnd all sessions

Log out of all sessions for the account.
GET /auth/sessionsList sessions

Return all sessions associated with the authenticated account.
DELETE /auth/sessions/{session_id}Revoke one session

Revoke a specific session by session ID.

Account endpoints

GET /account/meAccount profile

Retrieve current account details.
PUT /account/meUpdate profile

Update email address and full name.
DELETE /account/meDelete account

Delete the current account.
GET /account/activityAccount activity log

Review recent account and security-related events.
GET /account/security-eventsSecurity event log

Return security-scoped account events.

API key endpoints

GET /account/api-keysList API keys

Return all API keys for the authenticated account.
POST /account/api-keysCreate API key

Create a new API key. The plaintext key is only returned once.
GET /account/api-keys/{key_id}Get API key

Return metadata for a single API key.
PATCH /account/api-keys/{key_id}Update API key

Update API key metadata such as name or expiry.
DELETE /account/api-keys/{key_id}Delete API key

Permanently delete an API key.
POST /account/api-keys/{key_id}/rotateRotate secret

Replace the current API key secret with a new one. The new plaintext key is only returned once.
POST /account/api-keys/{key_id}/revokeRevoke access

Immediately revoke an API key so it can no longer authenticate requests.

Zone endpoints

POST /zones/Create zone

Create a new DNS zone.
GET /zones/List zones

List all zones owned by the authenticated account.
GET /zones/{zone_id}Zone detail

Retrieve details for a specific zone.
PATCH /zones/{zone_id}Rename zone

Update a zone name.
DELETE /zones/{zone_id}Delete zone

Delete a zone and its records.
POST /zones/importImport zone file

Import a BIND-style zone file into SwishDNS.
GET /zones/{zone_id}/exportExport zone file

Export a zone in zone file format.
GET /zones/{zone_id}/nameserversNameserver assignment

Return the authoritative nameservers for the zone.
GET /zones/{zone_id}/statusOperational status

Return publish and agent status for the zone.
POST /zones/{zone_id}/reloadPublish zone

Publish the zone to SwishDNS DNS agents.
GET /zones/{zone_id}/activityZone activity log

Return operational activity for a zone.

Zone diagnostics endpoints

GET /zones/{zone_id}/setup-checkSetup readiness

Check subscription, records, delegation, health and setup readiness.
GET /zones/{zone_id}/delegation-checkDelegation verification

Compare public delegation against expected SwishDNS nameservers.
GET /zones/{zone_id}/health-checkAuthoritative health

Check authoritative nameserver reachability and SOA visibility.
GET /zones/{zone_id}/propagationPropagation state

Check public resolver visibility and authoritative state.
GET /zones/{zone_id}/sync-statusSync verification

Check whether the authoritative nameservers are in sync.

DNSSEC endpoints

GET /zones/{zone_id}/dnssecDNSSEC status

Return DNSSEC state, DS availability and public key metadata.
POST /zones/{zone_id}/dnssec/enableEnable DNSSEC

Enable DNSSEC for a zone.
POST /zones/{zone_id}/dnssec/disableDisable DNSSEC

Disable DNSSEC for a zone.
GET /zones/{zone_id}/dnssec/ds-recordDS record details

Return registrar-ready DS record metadata for the zone.

DNS record endpoints

GET /zones/{zone_id}/recordsList records

List DNS records within a zone with search and filtering support.
POST /zones/{zone_id}/recordsCreate record

Create a new DNS record within a zone.
GET /zones/{zone_id}/records/{record_id}Get record

Retrieve a single DNS record.
PUT /zones/{zone_id}/records/{record_id}Replace record

Replace an existing record with a complete new payload.
PATCH /zones/{zone_id}/records/{record_id}Update record

Partially update an existing record.
DELETE /zones/{zone_id}/records/{record_id}Delete record

Delete a DNS record.
POST /records/validateValidate payload

Validate a DNS record payload before creation or update.

Billing endpoints

POST /billing/subscribeCreate checkout session

Start the SwishDNS subscription checkout flow.
POST /billing/portalOpen billing portal

Create access to the billing portal for subscription management.
GET /billing/subscriptionSubscription status

Return current subscription information for the authenticated account.
POST /billing/cancelCancel at period end

Mark the subscription to cancel at the end of the billing cycle.
POST /billing/reactivateReactivate subscription

Resume automatic renewal after a scheduled cancellation.
GET /billing/invoicesList invoices

Return invoices associated with the customer account.
GET /billing/invoices/{invoice_id}Invoice detail

Return details and hosted links for an individual invoice.

Operational notes

Authoritative platform

SwishDNS serves authoritative DNS across multiple nameservers, with diagnostics and sync visibility to help customers confirm operational readiness and published state.

argent.dns.swishhost.net
verde.dns.swishhost.net
ruby.dns.swishhost.net

Recommended usage

Use JWT authentication for interactive account workflows
Use API keys for server-side automation and integrations
Validate record payloads before submitting changes
Use diagnostics and DNSSEC endpoints to verify operational readiness
Treat account and API key endpoints as security-sensitive operations

Typical use cases

Provision zones for new customer domains
Update records during deployments
Check propagation after operational changes
Enable DNSSEC and retrieve DS information
Integrate DNS control into internal systems

Need API access?

Sign in to your SwishDNS dashboard to create API keys, manage zones and begin automating your DNS workflows. Whether you are running one domain or building larger operational tooling, the SwishDNS API is designed to give you secure, practical control over authoritative DNS.

Open API Keys Open Dashboard