API-First DNS Automation

Connect your users’ domains in seconds, not support tickets.

DNS.GLOBAL is the headless DNS automation API that lets any SaaS app deploy DNS records to a user’s domain — without them touching their registrar’s control panel.

Start Building — Free View Documentation →

DNS setup is where onboarding goes to die.

Every SaaS app with custom domains faces the same problem: asking users to log into their registrar, find DNS settings, and manually add CNAME and TXT records. The result? Abandoned setups, confused users, and an inbox full of support tickets.

47%

of users abandon custom domain setup when it requires manual DNS changes*

3.2x

more support tickets generated by manual DNS configuration*

12 min

average time to complete manual DNS setup (if the user finishes at all)*

*Industry estimates based on SaaS onboarding research.

Three API calls. Zero DNS knowledge required.

Your backend mints a session, the user authorizes, and we handle the rest.

Detect the DNS provider

Your user enters their domain. DNS.GLOBAL queries NS records, SOA, and WHOIS to identify the DNS provider with a confidence score. No guessing — if we're not sure, we ask the user to confirm.

POST /v1/detect
{
  "provider": "cloudflare",
  "confidence": 0.92
}

Authorize via OAuth or API key

DNS.GLOBAL opens a secure OAuth popup (or accepts an API key) directly with the user's DNS provider. We never see or store their registrar password. Credentials are discarded after records are verified.

auth.cloudflare.com

Authorize DNS.GLOBAL

Zone.DNS:Read · Zone.DNS:Edit

CFGDIOOVHR53

Authorize

Deploy records and verify propagation

DNS.GLOBAL generates a change plan, shows the user exactly what will happen (including conflicts), and deploys after confirmation. We verify propagation by querying authoritative nameservers directly. Your webhook fires when it's done.

Change Plan✓ Verified

CREATECNAME shop → edge.dns.global

CREATETXT _dns-verify → tok_8f2a

MERGETXT _acme-challenge

Phase 1: Six providers, millions of domains.

Full automation for the providers that cover the majority of your users. Detection + manual fallback for everyone else.

Cloudflare

Full Automation

OAuth 2.0 · Batch API · CNAME flattening

GoDaddy

Full Automation

Domain Connect + OAuth · Largest registrar

IONOS (1&1)

Full Automation

Domain Connect · Major EU provider

OVH

Full Automation

API Key auth · Strong in EU market

Route 53 (AWS)

Full Automation

AWS SigV4 · Atomic batch operations

Squarespace

Detection + Manual

Ex-Google Domains · Full automation planned

Can’t find your provider? DNS.GLOBAL falls back to structured copy-paste instructions with verification polling — your user still gets a guided experience.

See the full provider roadmap →

Built for developers who want control.

API-First Architecture

The REST API is the source of truth. The web widget, native SDKs, and hosted links are all thin layers on top. Build any UX you want.

Transparent Change Plans

Before any DNS write, DNS.GLOBAL produces a change plan showing every add, update, and merge — including conflicts. Your user approves before anything changes.

Record Ownership Tracking

Every record we deploy is tagged with provenance metadata. Disconnect only removes what we created. We never delete records we didn't place.

Native iOS & Android SDKs

Swift and Kotlin packages wrapping the REST API with system browser OAuth (ASWebAuthenticationSession / AuthTabIntent). No WebView, no hacks.

Signed Webhooks

HMAC-SHA256 signed payloads with replay protection, exponential retry, dead-letter visibility, and idempotency keys. Know the moment a domain is connected.

Fully Async Operations

Every mutating action returns an operation ID. Poll or wait for webhooks. Idempotency keys prevent duplicate operations from mobile retries or network failures.

Four API calls. That’s it.

A complete domain connection, start to finish.

# 1. Create a session (server-to-server)
curl -X POST https://api.dns.global/v1/sessions \
  -H "Authorization: Bearer sk_live_your_secret_key" \
  -d '{ "user_id": "user_456", "domain": "shop.example.com" }'

# 2. Detect provider
curl -X POST https://api.dns.global/v1/detect \
  -H "Authorization: Bearer sess_abc123..." \
  -d '{ "domain": "shop.example.com" }'

# 3. Initiate connection (returns operation_id)
curl -X POST https://api.dns.global/v1/domain-connections \
  -H "Authorization: Bearer sess_abc123..." \
  -d '{ "domain": "shop.example.com", "provider": "cloudflare" }'

# 4. Poll for completion
curl https://api.dns.global/v1/operations/op_xyz789 \
  -H "Authorization: Bearer sess_abc123..."

Read the Quickstart Guide →Full API Reference →

DNS.GLOBAL vs Entri — open beats opaque.

	Entri	DNS.GLOBAL
Architecture	Widget-first, browser-only	API-first — widget, native SDKs, hosted links are all layers over one API
Change visibility	“Records will be configured”	Full change plan with conflict detection before any write
Record ownership	Not documented	Provenance tracking — safe disconnect, never deletes records it didn't create
Native mobile	WebView-based	Native SDKs with system browser OAuth, Universal Links
Audit trail	Dashboard status checks	Full operation log, correlation IDs, replayable webhook events
Self-hosted option	SaaS only	Self-hosted on Enterprise tier (Phase 3)
Starting price	Published tiers starting ~$249/mo	$99/mo for 100 auto connections/month

Entri is a solid product with 50+ providers. DNS.GLOBAL is for teams that want full API control, transparent operations, and native mobile support from day one. We’re building in the open.

Explore provider coverage →

Simple pricing that scales with you.

Free

10 connections

Startup

$99/mo

100/mo

Growth

$249/mo

1,000/mo

Enterprise

Custom

Unlimited

See Full Pricing & Calculator →

Stop losing users to DNS setup.

Get your API key in 60 seconds. First 10 connections are free.

No credit card required. Free tier includes 10 automatic connections.