This repository provides documentation and example scripts demonstrating how to authenticate using SSO token to perform WHOIS mail update requests.
- Python 3.8 or newer
- APNIC login account
- If you don’t have one, please register at https://login.apnic.net
- A valid Client ID for SSO authentication
- If you don’t have it, please contact the APNIC Helpdesk helpdesk@apnic.net
The authentication process consists of two steps:
-
Fetch refresh token using PKCE with authorization code flow
The refresh token can be reused to request new access tokens without requiring repeated user login.
See https://developer.okta.com/docs/guides/refresh-tokens/main/ for more details about the refresh token
See https://developer.okta.com/docs/guides/refresh-tokens/main/#example-request-for-an-authorization-code-and-refresh-token about how to fetch refresh token using PKCE with authorization code flow
-
Fetch access token using the returned refresh token
The refresh token is exchanged for a short-lived access token. The access token will be included in the email when sending WHOIS mail update requests.
cd examples
python3 -m venv venv
source ./venv/bin/activate
pip install -r requirements.txt
Note: Make sure the CLIENT_ID has been added to the config.json
python get-refresh-token-with-auth-code-flow.py
python get-access-token-by-refresh-token.py
Please see more details on https://www.apnic.net/manage-ip/using-whois/updating-whois/objects/email-updates/
Add the returned access token in the object in the mail and send to auto-dbm@apnic.net
person: Albert Brooke Crichton
address: 123 Example st.
address: 20097 Exampletown
country: AU
phone: +12 34 567890 000
fax-no: +12 34 567890 010
e-mail: abc@examplenet.com
nic-hdl: ABC123-AP
notify: abc@examplenet.com
mnt-by: MAINT-EXAMPLENET-AP
source: APNIC
token: SSO {token}