## GET /api/v2/domains/{id}/nameservers **Get domain nameservers** Return current nameservers plus action gates for changing them. Get `{id}` from `GET /api/v2/domains` `data[].id`. `actions.canChangeNameservers.allowed` is false during transfer, pending/suspended states, or when a registry-lock unlock flow is required. If `registrarLock.unlockAction` is non-null, call that action before changing nameservers. `dnssecAutoWillBeBlocked` is the server-composed warning for automatic DNSSEC: when true, a nameserver update will pause DNSSEC automation for the 72-hour cooldown window. HostUp-managed delegation normally uses `primary.ns.hostup.se` and `secondary.ns.hostup.se`; when automatic DNSSEC is active on that delegation, callers should prefer `/api/v2/domains/{id}/dnssec-auto` over manual DS/KEY writes. ### Related Endpoints - `POST /api/v2/domains/{id}/nameservers`: Update domain nameservers - `POST /api/v2/domains/nameservers/validate`: Validate nameservers - `POST /api/v2/domains/nameservers/lookup`: Look up current nameservers ### Headers - `Accept`: application/json - `Authorization`: Bearer YOUR_API_KEY - Required API scope: `read:domains` ### Parameters - `id` (path, string, required): Public domain ID from `GET /api/v2/domains` `data[].id`. Do not invent this value; use the exact ID returned by the referenced API response. Example: `dom_01hxa3b4c5d6e7f8g9h0j1k2m3` ### Request Example ```bash curl -X GET "https://cloud.hostup.se/api/v2/domains/dom_01hxa3b4c5d6e7f8g9h0j1k2m3/nameservers" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Accept: application/json" ``` ### Response Schema - `nameservers` (array, optional) Example: `["primary.ns.hostup.se","secondary.ns.hostup.se"]` - `registrarLock` (object, optional) - `registrarLock.enabled` (boolean,null, required) Example: `false` - `registrarLock.requiresRegistryUnlockFlow` (boolean, required): True for domains whose lock must be removed through the unlock request flow before nameservers can change. Example: `false` - `registrarLock.unlockAction` (object | null, required) Example: `null` - `registrarLock.unlockAction.method` (string, required) Example: `POST` Allowed values: POST - `registrarLock.unlockAction.href` (string, required) Example: `/api/v2/domains/dom_01hxa3b4c5d6e7f8g9h0j1k2m3/actions/request-unlock` - `actions` (object, optional) - `actions.canChangeNameservers` (object, required) - `actions.canChangeNameservers.allowed` (boolean, required) Example: `true` - `actions.canChangeNameservers.reason` (string,null, required) Example: `null` - `actions.canChangeNameservers.code` (string,null, optional): Machine-readable reason code when an action is blocked. Example: `pending_order` - `dnssecAutoWillBeBlocked` (boolean, optional): True when changing nameservers now will pause automatic DNSSEC management for the cooldown window. Example: `false` ### Responses #### 200 - Domain nameserver state. ```json { "nameservers": [ "primary.ns.hostup.se", "secondary.ns.hostup.se" ], "registrarLock": { "enabled": false, "requiresRegistryUnlockFlow": true, "unlockAction": { "method": "POST", "href": "/api/v2/domains/dom_01hxa3b4c5d6e7f8g9h0j1k2m3/actions/request-unlock" } }, "actions": { "canChangeNameservers": { "allowed": true, "reason": null } }, "dnssecAutoWillBeBlocked": true } ``` #### 400 - Invalid request. The response body is an RFC 7807 Problem Details document. ```json { "type": "https://developer.hostup.se/errors/invalid_request", "title": "Invalid request", "status": 400, "detail": "The request body failed validation.", "code": "invalid_request", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z", "errors": [ { "pointer": "/items/0/domainName", "detail": "`domainName` is required.", "code": "invalid_request" } ] } ``` #### 401 - Unauthorized. Authentication is required. ```json { "type": "https://developer.hostup.se/errors/unauthorized", "title": "Unauthorized", "status": 401, "detail": "Authentication is required.", "code": "unauthorized", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 403 - Forbidden. The caller lacks a required scope or does not own the resource. ```json { "type": "https://developer.hostup.se/errors/forbidden", "title": "Forbidden", "status": 403, "detail": "The caller lacks a required scope or does not own the resource.", "code": "forbidden", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 404 - Not found. The resource does not exist or is not owned by the caller. ```json { "type": "https://developer.hostup.se/errors/not_found", "title": "Not found", "status": 404, "detail": "The requested resource could not be found.", "code": "not_found", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 429 - Rate limited. Retry after the limit resets. 429 responses include `Retry-After` seconds plus `X-RateLimit-*` headers. ```json { "type": "https://developer.hostup.se/errors/rate_limit_exceeded", "title": "Too many requests", "status": 429, "detail": "Too many requests. Retry after the limit resets.", "code": "rate_limit_exceeded", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 500 - Internal error. Retry later or contact support if the issue persists. ```json { "type": "https://developer.hostup.se/errors/internal_error", "title": "Internal server error", "status": 500, "detail": "An unexpected error occurred. Retry later or contact support if the issue persists.", "code": "internal_error", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ```