Providers available¶
Lexicon currently supports 88 providers:
List of options¶
- aliyun
auth_key_idSpecify access key id for authenticationauth_secretSpecify access secret for authentication
Note
Aliyun Provider requires an access key id and access secret with full rights on dns.Better to use RAM on Aliyun cloud to create a specified user for the dns operation.The referrence for Aliyun DNS production:https://help.aliyun.com/product/29697.html
- arvancloud
auth_tokenSpecify key for authentication (api key)
- aurora
auth_api_keySpecify api key for authenticationauth_secret_keySpecify the secret key for authentication
- azure
auth_client_idSpecify the client id (aka application id) of the app registrationauth_client_secretSpecify the client secret of the app registrationauth_tenant_idSpecify the tenant id (aka directory id) of the app registrationauth_subscription_idSpecify the subscription id attached to the resource groupresource_groupSpecify the resource group hosting the dns zone to edit
Note
The Azure provider orchestrates the DNS zones hosted in a resource group for a subscriptionin Microsoft Azure Cloud. To authenticate, an App registration must be created in an AzureActive Directory. This App registration must be granted Admin for API permissions toDomain.ReadWrite.All” to this Active Directory, and must have a usable Client secret.
- cloudflare
auth_usernameSpecify email address for authentication (for global api key only)auth_tokenSpecify token for authentication (global api key or api token)zone_idSpecify the zone id (if set, api token can be scoped to the target zone)
Note
There are two ways to provide an authentication granting edition to the target CloudFlare DNS zone.
1 - A Global API key, with –auth-username and –auth-token flags.
2 - An unscoped API token (permissions Zone:Zone(read) + Zone:DNS(edit) for all zones), with –auth-token flag.
3 - A scoped API token (permissions Zone:Zone(read) + Zone:DNS(edit) for one zone), with –auth-token and –zone-id flags.Finding zone_id value is explained in CloudFlareDoc
- cloudns
auth_idSpecify user id for authenticationauth_subidSpecify subuser id for authenticationauth_subuserSpecify subuser name for authenticationauth_passwordSpecify password for authenticationweightSpecify the srv record weightportSpecify the srv record port
- cloudxns
auth_usernameSpecify api-key for authenticationauth_tokenSpecify secret-key for authentication
- conoha
auth_regionSpecify region. if empty, region ‘tyo1’ will be used.auth_tokenSpecify token for authentication. if empty, the username and password will be used to create a token.auth_usernameSpecify api username for authentication. only used if –auth-token is empty.auth_passwordSpecify api user password for authentication. only used if –auth-token is empty.auth_tenant_idSpecify tenand id for authentication. only used if –auth-token is empty.
- constellix
auth_usernameSpecify the api key username for authenticationauth_tokenSpecify secret key for authenticate=
- ddns
auth_tokenSpecify the key used in format <alg>:<key_id>:<secret>ddns_serverSpecify ip of the ddns server
- devnomads
auth_tokenSpecify token for authentication.
- digitalocean
auth_tokenSpecify token for authentication
- dinahosting
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
- directadmin
auth_passwordSpecify password for authentication (or login key for two-factor authentication)auth_usernameSpecify username for authenticationendpointSpecify the directadmin endpoint
- dnsimple
auth_tokenSpecify api token for authenticationauth_usernameSpecify email address for authenticationauth_passwordSpecify password for authenticationauth_2faSpecify two-factor auth token (otp) to use with email/password authentication
- dnsmadeeasy
auth_usernameSpecify username for authenticationauth_tokenSpecify token for authentication
- dnspark
auth_usernameSpecify api key for authenticationauth_tokenSpecify token for authentication
- dnspod
auth_usernameSpecify api id for authenticationauth_tokenSpecify token for authentication
- dnsservices
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
- dreamhost
auth_tokenSpecify api key for authentication
- duckdns
auth_tokenSpecify the account token for authentication
- dynu
auth_tokenSpecify api key for authentication
- easydns
auth_usernameSpecify username for authenticationauth_tokenSpecify token for authentication
- easyname
auth_usernameSpecify username used to authenticateauth_passwordSpecify password used to authenticate
Note
A provider for Easyname DNS.
- euserv
auth_usernameSpecify email address for authenticationauth_passwordSpecify password for authentication
- exoscale
auth_keySpecify api key for authenticationauth_secretSpecify api secret for authentication
- flexibleengine
auth_tokenSpecify token for authenticationzone_idSpecify the zone id
- gandi
auth_tokenSpecify gandi api key or personal access tokenapi_protocol(optional) specify gandi api protocol to use: rpc (default) or rest
- gehirn
auth_tokenSpecify access token for authenticationauth_secretSpecify access secret for authentication
- glesys
auth_usernameSpecify username (cl12345)auth_tokenSpecify api key
- godaddy
auth_keySpecify the key to access the apiauth_secretSpecify the secret to access the api
- googleclouddns
auth_service_account_infospecify the service account info in the google json format:can be either the path of a file prefixed by ‘file::’ (eg.file::/tmp/service_account_info.json)or the base64 encoded content of this file prefixed by ‘base64::’(eg. base64::eyjhbgcioyj…)
Note
The Google Cloud DNS provider requires the JSON file which contains the service account info to connect to the API.This service account must own the project role DNS > DNS administrator for the project associated to the DNS zone.You can create a new service account, associate a private key, and download its info through this url:https://console.cloud.google.com/iam-admin/serviceaccounts?authuser=2
- gransy
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
Note
DNS manipulation provider for Gransy sites subreg.cz, regtons.com and regnames.eu.
- gratisdns
auth_usernameSpecify email address for authenticationauth_passwordSpecify password for authentication
- henet
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
Note
- A provider for Hurricane Electric DNS.
- NOTE: THIS DOES NOT WORK WITH 2-FACTOR AUTHENTICATION.
YOU MUST DISABLE IT IF YOU’D LIKE TO USE THIS PROVIDER.
- hetzner
auth_tokenSpecify hetzner dns api token
- hostingde
auth_tokenSpecify api key for authentication
- hover
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authenticationauth_totp_secretSpecify base32-encoded shared secret to generate an otp for authentication
- infoblox
auth_userSpecify the user to access the infoblox wapiauth_pswSpecify the password to access the infoblox wapiib_viewSpecify dns view to manage at the infobloxib_hostSpecify infoblox host exposing the wapi
- infomaniak
auth_tokenSpecify the token
Note
Infomaniak Provider requires a token with domain scope.It can be generated for your Infomaniak account on the following URL:https://manager.infomaniak.com/v3/infomaniak-api
- internetbs
auth_keySpecify api key for authenticationauth_passwordSpecify password for authentication
- inwx
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
- ionos
api_keyIonos api key: public prefix + period + key proper
- joker
auth_tokenSpecify the api key to connect to the joker.com api
Note
The Joker.com provider requires a valid token for authentication.You can create one in the section ‘Manage Joker.com API access keys’ of ‘My Profile’ in your Joker.com account.
- linode
auth_tokenSpecify api key for authentication
- linode4
auth_tokenSpecify api key for authentication
- localzone
filenameSpecify location of zone master file
- luadns
auth_usernameSpecify email address for authenticationauth_tokenSpecify token for authentication
- memset
auth_tokenSpecify api key for authentication
- misaka
auth_tokenSpecify token for authentication
- mythicbeasts
auth_usernameSpecify api credentials usernameauth_passwordSpecify api credentials passwordauth_tokenSpecify api token for authentication
Note
There are two ways to provide an authentication granting access to the Mythic Beasts API1 - With your API credentials (user/password), using –auth-username and –auth-password flags.2 - With an API token, using –auth-token flags.These credentials and tokens must be generated using the Mythic Beasts API v2.
- namecheap
auth_tokenSpecify api token for authenticationauth_usernameSpecify username for authenticationauth_client_ipClient ip address to send to namecheap api callsauth_sandboxWhether to use the sandbox server
- namecom
auth_usernameSpecify a usernameauth_tokenSpecify an api token
- namesilo
auth_tokenSpecify key for authentication
- netcup
auth_customer_idSpecify customer number for authenticationauth_api_keySpecify api key for authenticationauth_api_passwordSpecify api password for authentication
- nfsn
auth_usernameSpecify username used to authenticateauth_tokenSpecify token used to authenticate
- njalla
auth_tokenSpecify api token for authentication
- nsone
auth_tokenSpecify token for authentication
- oci
auth_config_fileThe full path including filename to an oci configuration file.auth_profileThe name of the profile to use (case-sensitive).auth_userThe ocid of the user calling the api.auth_tenancyThe ocid of your tenancy.auth_fingerprintThe fingerprint for the public key that was added to the calling user.auth_key_contentThe full content of the calling user’s private signing key in pem format.auth_key_fileThe full path including filename to the calling user’s private signing key in pem format.auth_pass_phraseIf the private key is encrypted, the pass phrase must be provided.auth_regionAn oci region identifier. select the closest region for best performance.auth_typeValid options are ‘api_key’ (default) or ‘instance_principal’.
Note
Oracle Cloud Infrastructure (OCI) DNS provider
- onapp
auth_usernameSpecify email address of the onapp accountauth_tokenSpecify api key for the onapp accountauth_serverSpecify url to the onapp control panel server
Note
The OnApp provider requires your OnApp account’s email address andAPI token, which can be found on your /profile page on the Control Panel interface.The server is your dashboard URL, with format likehttps://dashboard.youronapphost.org
- online
auth_tokenSpecify private api token
- ovh
auth_entrypointSpecify the ovh entrypointauth_application_keySpecify the application keyauth_application_secretSpecify the application secretauth_consumer_keySpecify the consumer key
Note
OVH Provider requires a token with full rights on /domain/.It can be generated for your OVH account on the following URL:https://api.ovh.com/createToken/index.cgi?GET=/domain/*&PUT=/domain/*&POST=/domain/*&DELETE=/domain/
- plesk
auth_usernameSpecify username for authenticationauth_passwordSpecify password for authenticationplesk_serverSpecify url to the plesk web ui, including the port
- pointhq
auth_usernameSpecify email address for authenticationauth_tokenSpecify token for authentication
- porkbun
auth_keySpecify api key for authenticationauth_secretSpecify secret api key for authentication
Note
To authenticate with Porkbun, you need both an API key and asecret API key. These can be created at porkbun.com/account/api .
- powerdns
auth_tokenSpecify token for authenticationpdns_serverUri for powerdns serverpdns_server_idServer id to interact withpdns_disable_notifyDisable slave notifications from master
- qcloud
secret_idSpecify secret_id for authenticationsecret_keySpecify secret_key for authentication
- rackspace
auth_accountSpecify account number for authenticationauth_usernameSpecify username for authentication. only used if –auth-token is empty.auth_api_keySpecify api key for authentication. only used if –auth-token is empty.auth_tokenSpecify token for authentication. if empty, the username and api key will be used to create a token.sleep_timeNumber of seconds to wait between update requests.
- rage4
auth_usernameSpecify email address for authenticationauth_tokenSpecify token for authentication
- rcodezero
auth_tokenSpecify token for authentication
- regfish
auth_api_keySpecify api key for authentication
- route53
auth_access_keySpecify access_key for authenticationauth_access_secretSpecify access_secret for authenticationprivate_zoneIndicates what kind of hosted zone to use. if true, use only private zones. if false, use only public zoneszone_idThe aws hostedzone id to use; e.g. ‘a1b2zabcdefghi’auth_usernameAlternative way to specify the access_key for authenticationauth_tokenAlternative way to specify the access_secret for authentication
- safedns
auth_tokenSpecify the api key to authenticate with
Note
SafeDNS provider requires an API key in all interactions.You can generate one for your account on the following URL:https://my.ukfast.co.uk/applications/index.php
- sakuracloud
auth_tokenSpecify access token for authenticationauth_secretSpecify access secret for authentication
- scaleway
auth_secret_keySpecify scaleway api key
- softlayer
auth_usernameSpecify username for authenticationauth_api_keySpecify api private key for authentication
- timeweb
auth_tokenSpecify api token for authentication
- transip
auth_usernameSpecify username for authenticationauth_api_keySpecify the private key to use for api authentication, in pem format: can be either the path of the key file (eg. /tmp/key.pem) or the base64 encoded content of this file prefixed by ‘base64::’ (eg. base64::eyjhbgcioyj…)auth_key_is_globalSet this flag is the private key used is a global key with no ip whitelist restriction
- ultradns
auth_tokenSpecify token for authentication; if not set –auth-token, –auth-password are usedauth_usernameSpecify username for authenticationauth_passwordSpecify password for authentication
- valuedomain
auth_tokenSpecify youyr api token
Note
Value Domain requires a token to access its API.You can generate one for your account on the following URL:https://www.value-domain.com/vdapi/
- vercel
auth_tokenSpecify your api token
Note
Vercel provider requires a token to access its API.You can generate one for your account on the following URL:https://vercel.com/account/tokens
- vultr
auth_tokenSpecify token for authentication
- wedos
auth_usernameSpecify email address for authenticationauth_passSpecify password for wapi
- yandex
auth_tokenSpecify pdd token (https://yandex.com/dev/domain/doc/concepts/access.html)
- yandexcloud
auth_tokenSpecify the iam token (https://cloud.yandex.com/en/docs/dns/api-ref/authentication)dns_zone_idSpecify the dns zone id (can be obtained from web interface)cloud_idSpecify the cloud id (visible in the cloud selector in the web interface), might be needed if dns zone id is not setfolder_idSpecify the folder id (https://cloud.yandex.com/en/docs/resource-manager/operations/folder/get-id) might be needed if dns zone id is not set
- zeit
auth_tokenSpecify your api token
Note
Vercel provider requires a token to access its API.You can generate one for your account on the following URL:https://vercel.com/account/tokens
- zilore
auth_keySpecify the zilore api key to use
Note
Zilore API requires an API key that can be found in your Zilore profile, at the API tab.The API access is available only for paid plans.
- zonomi
auth_tokenSpecify token for authenticationauth_entrypointUse zonomi or rimuhosting api