Application Programming Interface (API) Keys
An API (Application Programming Interface) Key is a secret code that you can use to identify yourself to ARIN when you interact with us. You create an API Key in ARIN Online, and then use the key in interactions with ARIN outside of ARIN Online. Multiple interactions may be performed with the same API key, and you may deactivate/create API keys at will.
Your API Key can be used for the following interactions with ARIN:
- To submit version 5 email templates to ARIN
- To conduct RESTful Registration actions with ARIN (REG-RWS)
- To access reports and downloads, such as Bulk Whois
Creating and Managing API keys
You create API keys through your ARIN Online account. To create an API key, log in to your ARIN Online account and click on the "WEB ACCOUNT" link in the left navigation bar. In the API Key Management section, click “Create API Key”. Your API key will be issued automatically.
You can manage your API keys on the Web Account page when logged into your ARIN Online account. You have multiple functions at your disposal. For example, you can create multiple API keys to locally track specific requests or to access reports - or you can use one API key for all your requests. The API key does not expire, but can be deactivated at any time. You can also associate the API key with an email address, though this is not recommended. While this prevents you from having to change your automated provisioning system, it is not as secure as stating the API key in your submission.
Using API keys
ARIN’s RESTful Provisioning system leverages modern application interfaces and provides even stronger authentication. RESTful calls require the use of an API key. In order for your RESTful call to be considered, your ARIN Online account must be linked to a POC authoritative to make the request.
With the release of the Registration RESTful Web Service (REG-RWS) and version 5 Templates in 2011, ARIN has incorporated the use of API keys into these interface mechanisms so that we can identify your submissions with greater accuracy and reliability.
However, ARIN understands that template changes can cause complications for customers who need to adapt their automated systems to these new templates. To provide backwards compatibility, ARIN provides two mechanisms by which you can send older version 4 templates to ARIN (which have been available for many years).
Option 1: Use an API Key with version 4 templates (recommended)
To use version 4 templates in conjunction with your API key, simply place your API key anywhere in the subject line or mail-from address of your email template requests. You do NOT need to associate your email address with your API key.
Option 2: Associate email address to an API key
If you choose this approach, any version 4 templates sent to ARIN to be considered to have been sent by the holder of the associated API Key.
There are some very important points to keep in mind, should you decide to use this mechanism to send templates to ARIN:
- You must submit all email request templates from this associated email address
- This email account can be the same, or different, from one(s) displayed in ARIN's Whois, and need not be associated with your ARIN Point of Contact (POC) record
- It is not necessary to place the API key anywhere in the submission
- Using this method has the equivalent security properties as traditional mail-from authentication and is not as secure as explicitly stating the API key in your request submission, especially if the email address you specify is public information such as is found on POC data within the Whois services of ARIN, other RIRs or domain registries/registrars.
Reports are available to authorized users in the “DOWNLOADS” section of ARIN Online. A RESTful HTTP request containing your API key can be used to automate the retrieval of restricted access reports, such as Bulk Whois. This means you do not have to log in to your ARIN Online account to download the report. Details can be found in the instructions or ReadMe documentation for each report.