EPP¶
About¶
The 2022 registry platform has standardised on the globally adopted Extensible Provisioning Protocol (EPP).
EPP communication between the Registrar and the Registry allows the Registrar to manage domain, host and contact objects without using the web portal.
EPP is a protected service, to access the service Registrars require both an EPP account (see Portal Accounts) and TLS Client Certificate.
Registrars must ensure that EPP requests meet EPP standards as defined by the following:
The registry parses all incoming requests using a validating XML parser that reads the XML and validates XML syntax before processing the request.
Transport Security¶
Communication to the EPP server is only possible via an authenticated encrypted mTLS connection over TCP/IP port 700.
To connect to each IRS environment you will need a single TLS Client Certificate signed by the related Intermediate Issuing CA.
NZRS Root CA (2012)
InternetNZ IRS Production Issuing CA
InternetNZ IRS OTE Issuing CA
The EPP servers currently support connections via the following protocols.
TLSv1.2
Note
Only one certificate will be issued per IRS environment
Client Certificates¶
To obtain a client certificate you will need to generate a Private key and CSR (Certificate signing request) and email registry support with only the CSR attached.
Private Key
The private key must be generated within the following constraints.
Key Size: 4096 to 8192 bits.
Algorithm: RSA
Warning
Your private key is your own, do not send it to registry support
CSR
The Certificate Request must be generated within the folling constraints.
Signature: SHA256 Signature.
Certificate Common Name (CN): environment.regid.registrarname.epp.
Note
The regid in the request is the primary registrar id, not secondary id’s
Tip
Example CN format for prod and ote for registrar id 1234 with the name yourtradingname
prod.1234.yourtradingname.epp
ote.1234.yourtradingname.epp
The name can contain the
.characterThe name cannot contain a space
The entire CN string cannot exceed 64 characters
The trading name can be abbreviated version of the full trading name
The filename of the request should be the CN string with the extension
.crt
InternetNZ will return a signed client certificate which you will need to use to establish an SSL connection to the respective EPP server.
IP Allowlisting¶
EPP has a dedicated IP Allowlist, these can only be configured by the portal.
Servers and Ports¶
Interface |
Server/URL |
IP |
Port |
TCP/UDP: |
Description |
|---|---|---|---|---|---|
Portal |
103.70.24.0 |
443 |
TCP |
HTTP over TLS |
|
EPP |
epp.irs.net.nz |
103.70.24.1 |
700 |
TCP |
EPP over mTLS |
TBR |
tbr.irs.net.nz |
103.70.24.2 |
700 |
TCP |
TBR over mTLS |
WHOIS |
whois.irs.net.nz |
103.70.24.3 |
43 |
TCP |
WHOIS |
Namespaces and Schemas¶
Namespace |
Scheme |
XSD extensions supported by IRS: |
|---|---|---|
EPP |
epp-1.0, eppall-1.0, and eppcom-1.0 - RFC 5730 |
|
Domain |
domain-1.0 - RFC 5731 |
|
Host |
host-1.0 - RFC 5732 |
|
Contact |
contact-1.0 - RFC 5733 |
|
Registry Fee Extension 0.9 |
#fee-0.9 - RFC Draft: brown-epp-fees |
|
Registry Fee Extension 0.11 |
fee-0.11 - RFC Draft: regext-epp-fees |
|
IDN |
idn-1.0 - RFC Draft: eppext-idnmap |
|
Launch Phase Mapping |
launch-1.0 - RFC Draft: regext-launchphase |
|
Domain Registry Grace Period |
rgp-1.0 - RFC 3915 |
|
DNSSEC |
secDNS-1.1 - RFC 5910 |
Note
Fee 0.9 is an earlier version of the Fee extension and 0.11 is the latest version
The following are the Fury-specific custom extensions:
Namespace |
Scheme |
Fury extensions supported by IRS: |
|---|---|---|
Fury Generic properties |
fury 2.0 - Generic properties |
|
Fury Registry Fee Extension |
fury-rgp-1.0 - RGP |
EPP Commands¶
The following EPP commands can be used by registrars to query and update objects in IRS production and OTE environments:
Please also see the EPP code examples in the Portal Help section and in the IRS Registrar Guide 8.0 avaialble here
login¶
This command is to establish a session with an EPP server.
Request:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
epp-1.0.xsd">
<command>
<login>
<clID>user_epp</clID>
<pw>password</pw>
<options><version>1.0</version>
<lang>en</lang></options>
<svcs>
<objURI>urn:ietf:params:xml:ns:epp-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:domain-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:contact-1.0</objURI>
<svcExtension>
<extURI>urn:ietf:params:xml:ns:fury-rgp-1.0</extURI>
<extURI>urn:ietf:params:xml:ns:fury-2.0</extURI>
<extURI>urn:ietf:params:xml:ns:idn-1.0</extURI>
<extURI>urn:ietf:params:xml:ns:secDNS-1.1</extURI>
<extURI>urn:ietf:params:xml:ns:launch-1.0</extURI>
<extURI>urn:ietf:params:xml:ns:mark-1.0</extURI>
<extURI>urn:ietf:params:xml:ns:signedMark-1.0</extURI>
<extURI>http://www.w3.org/2000/09/xmldsig#</extURI>
<extURI>urn:ietf:params:xml:ns:rgp-1.0</extURI>
<extURI>urn:ietf:params:xml:ns:fee-0.11</extURI>
</svcExtension>
</svcs>
</login>
<clTRID>ABC-54321</clTRID>
</command>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<login> |
1 |
command element |
<clID> |
1 |
client identifier assigned to client by the server. Same as registrar id in IRS |
<pw> |
1 |
registrar’s plain text password |
<newPW> |
0-1 |
optional - a new password to change the current login password |
<options> |
1 |
contains the following 2 child elements |
<version> |
1 |
the protocol version to be used for the command |
<lang> |
1 |
contains text response language to be used for the command or ongoing server commands |
<svcs> |
1 |
contains services used. Contains following child elements |
<objURI> |
1-n |
Namespace URIs representing the objects to be managed during the session |
<svcExtension> |
0-1 |
optional element containing extURI elements |
<extURI> |
1-n |
element identifying object extensions during session |
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<trID>
<clTRID>ABC-54321</clTRID>
<svTRID>CIRA-000055043942-0000000001</svTRID>
</trID>
</response>
</epp>
domain:check¶
This command is to check whether a domain name is available for registration.
Request:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<check>
<domain:check xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>domain.nz</domain:name>
<domain:name>otherdomain.nz</domain:name>
</domain:check>
</check>
<clTRID>ABC-12345</clTRID>
</command>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<domain:check> |
1 |
identifies namespace and domain schema location |
<domain:name> |
1-15 |
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:chkData>
<domain:cd>
<domain:name avail="true">domain.nz</domain:name>
</domain:cd>
<domain:cd>
<domain:name avail="false">otherdomain.nz</domain:name>
</domain:cd>
</domain:chkData>
</resData>
<trID>
<svTRID>CIRA-000054882110-0000000002</svTRID>
</trID>
</response>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<domain:chkData> |
1 |
identifies namespace and domain schema location |
<domain:cd> |
1-15 |
checked data record element with one child element |
<domain:name avail=” ”> |
1-15 |
contains domain name of queried object with an attribute ʻavailʼ: =true => is available =false => is not available |
domain:create¶
This command is used to create a new domain name.
.nz Business Rules
A .nz domain must have 1 registrant contact, 1 administrative contact and 1 technical contact. There is an optional billing contact which can also be added.
A .nz domain name can have a registration period between 1 and 10 years.
A .nz domain name can have 0 or from 2 to 13 Host objects.
An Authentication code “authcode” must be provided with the registration request.
Request:
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<command>
<create>
<domain:create>
<domain:name>anewdomain.nz</domain:name>
<domain:period unit="y">1</domain:period>
<domain:ns>
<domain:hostObj>ns1.first.nz</domain:hostObj>
<domain:hostObj>ns2.first.nz</domain:hostObj>
</domain:ns>
<domain:registrant>con1234</domain:registrant>
<domain:contact type="admin">con1234</domain:contact>
<domain:contact type="tech">con1234</domain:contact>
<domain:authInfo>
<domain:pw>BdqqKh22NEg3dHz7</domain:pw>
</domain:authInfo>
</domain:create>
</create>
<clTRID>ABC-12345</clTRID>
</command>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<domain:create> |
1 |
|
<domain:name> |
1 |
|
<domain:period unit=”y”> |
1-Oct |
|
<domain:ns> |
0-1 |
|
<domain:hostObj> |
Feb-13 |
|
<domain:registrant> |
1 |
|
<domain:contact type=”admin”> |
1 |
|
<domain:contact type=”tech”> |
1 |
|
<domain:contact type=”billing”> |
0-n |
optional |
<domain:authInfo> |
1 |
|
<domain:pw> |
1 |
auth-code |
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:creData>
<domain:name>anewdomain.nz</domain:name>
<domain:crDate>2023-03-16T04:17:17.009Z</domain:crDate>
<domain:exDate>2024-03-16T04:17:17.009Z</domain:exDate>
</domain:creData>
</resData>
<extension>
<fee:creData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="true" grace-period="P1D">18.00</fee:fee>
<fee:balance>-432.00</fee:balance>
</fee:creData>
</extension>
<trID>
<clTRID>ABC-12345</clTRID>
<svTRID>CIRA-000054906105-0000000002</svTRID>
</trID>
</response>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<domain:creData> |
1 |
???? identifies namespace and domain schema location |
<domain:name> |
1 |
The domain name supplied by the Registrar. |
<domain:crDate> |
1 |
The date and time the domain name was created in the Registry |
<domain:exDate> |
1 |
The date and time the domain name is set to expire in the Registry |
Request with DNSSEC:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<command>
<create>
<domain:create>
<domain:name>dnssecdomain.nz</domain:name>
<domain:period unit="y">1</domain:period>
<domain:ns>
<domain:hostObj>ns1.first.nz</domain:hostObj>
<domain:hostObj>ns2.first.nz</domain:hostObj>
</domain:ns>
<domain:registrant>con1234</domain:registrant>
<domain:contact type="admin">con1234</domain:contact>
<domain:contact type="tech">con1234</domain:contact>
<domain:authInfo>
<domain:pw>BdqqKh22NEg3dHz7</domain:pw>
</domain:authInfo>
</domain:create>
</create>
<extension>
<secDNS:create xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1">
<secDNS:dsData>
<secDNS:keyTag>12987</secDNS:keyTag>
<secDNS:alg>3</secDNS:alg>
<secDNS:digestType>1</secDNS:digestType>
<secDNS:digest>8cdb09364147aed879d12c68d615f98af5900b72</secDNS:digest>
</secDNS:dsData>
</secDNS:create>
</extension>
<clTRID>ABC-12346</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:creData>
<domain:name>dnssecdomain.nz</domain:name>
<domain:crDate>2023-03-16T22:27:43.774Z</domain:crDate>
<domain:exDate>2024-03-16T22:27:43.774Z</domain:exDate>
</domain:creData>
</resData>
<extension>
<fee:creData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="true" grace-period="P1D">18.00</fee:fee>
<fee:balance>-450.00</fee:balance>
</fee:creData>
</extension>
<trID>
<clTRID>ABC-12346</clTRID>
<svTRID>CIRA-000055050502-0000000002</svTRID>
</trID>
</response>
</epp>
domain:info¶
This command is used to retrieve information associated with a domain name.
.nz Business Rules
Registrars can only get a full response for domain objects managed by them. For domains not managed by the registrar if they specify the authcode they will get a full response. If they do not include the authcode they will get a truncated response.
Request:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<info>
<domain:info xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>anewdomain.nz</domain:name>
</domain:info>
</info>
<clTRID>ABC-12995</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:infData>
<domain:name>anewdomain.nz</domain:name>
<domain:roid>9958301-INZ</domain:roid>
<domain:status s="serverTransferProhibited"/>
<domain:registrant>con1234</domain:registrant>
<domain:contact type="admin">con1234</domain:contact>
<domain:contact type="tech">con1234</domain:contact>
<domain:ns>
<domain:hostObj>ns1.first.nz</domain:hostObj>
<domain:hostObj>ns2.first.nz</domain:hostObj>
</domain:ns>
<domain:clID>997</domain:clID>
<domain:crID>997</domain:crID>
<domain:crDate>2023-03-16T04:17:17.009Z</domain:crDate>
<domain:exDate>2024-03-16T04:17:17.009Z</domain:exDate>
</domain:infData>
</resData>
<extension>
<rgp:infData>
<rgp:rgpStatus s="addPeriod"/>
</rgp:infData>
<fury-rgp:rgpInfo>
<fury-rgp:rgpStatusEnd>2023-03-17T04:17:17.198Z</fury-rgp:rgpStatusEnd>
</fury-rgp:rgpInfo>
<fury:info>
<fury:properties>
<fury:property>
<fury:key>PRIVACY</fury:key>
<fury:value>PUBLIC</fury:value>
</fury:property>
</fury:properties>
</fury:info>
</extension>
<trID>
<clTRID>ABC-12995</clTRID>
<svTRID>CIRA-000055056702-0000000002</svTRID>
</trID>
</response>
</epp>
Response for a domain outside of registrar management and no authcode included:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:infData>
<domain:name>newtest.nz</domain:name>
<domain:roid>128701-INZ</domain:roid>
<domain:status s="ok"/>
<domain:ns>
<domain:hostObj>ns1.tim9.nz</domain:hostObj>
<domain:hostObj>ns2.tim9.nz</domain:hostObj>
</domain:ns>
<domain:clID>998</domain:clID>
<domain:crDate>2022-04-26T01:30:21.280Z</domain:crDate>
<domain:upDate>2022-10-13T03:28:55.185Z</domain:upDate>
<domain:exDate>2023-04-26T01:30:21.280Z</domain:exDate>
</domain:infData>
</resData>
<extension>
<fury-rgp:rgpInfo>
<fury-rgp:rgpStatusEnd>2023-04-26T01:30:21.280Z</fury-rgp:rgpStatusEnd>
</fury-rgp:rgpInfo>
</extension>
<trID>
<clTRID>ABC-12996</clTRID>
<svTRID>CIRA-000055069101-0000000002</svTRID>
</trID>
</response>
</epp>
domain:update¶
A domain update request can be used to update a domains status, contacts, hosts, authcode, privacy and DNSSEC records.
Request:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<update>
<domain:update xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>first.nz</domain:name>
<domain:add>
<domain:ns>
<domain:hostObj>ns1.example.nz</domain:hostObj>
<domain:hostObj>ns2.example.nz</domain:hostObj>
</domain:ns>
<domain:status s="clientDeleteProhibited"/>
</domain:add>
<domain:rem>
<domain:ns>
<domain:hostObj>ns1.timtest.nz</domain:hostObj>
<domain:hostObj>ns2.timtest.nz</domain:hostObj>
</domain:ns>
</domain:rem>
<domain:chg>
<domain:authInfo>
<domain:pw>Vget465jUht87hg3</domain:pw>
</domain:authInfo>
</domain:chg>
</domain:update>
</update>
<extension>
<fury:update xmlns:fury="urn:ietf:params:xml:ns:fury-2.0">
<fury:add>
<fury:properties>
<fury:property>
<fury:key>PRIVACY</fury:key>
<fury:value>PRIVATE</fury:value>
</fury:property>
</fury:properties>
</fury:add>
<fury:rem>
<fury:properties>
<fury:property>
<fury:key>PRIVACY</fury:key>
<fury:value>PUBLIC</fury:value>
</fury:property>
</fury:properties>
</fury:rem>
</fury:update>
</extension>
<clTRID>ABC-12432</clTRID>
</command>
</epp>
Element |
Occurrence |
Note |
|---|---|---|
<domain:update> |
1 |
|
<domain:name> |
1 |
|
<domain:add> |
0-1 |
optional |
<domain:rem> |
0-1 |
optional |
<domain:ns> |
0 - 1 |
optional |
<domain:hostObj> |
0 or 2 - 13 |
optional |
<domain:status> |
0-1 |
optional |
<domain:chg> |
0-1 |
optional |
<domain:registrant> |
1 |
The identifier of a contact having the Registrant relationship to the domain name. |
<domain:contact type=”admin”> |
1 |
|
<domain:contact type=”tech”> |
1 |
|
<domain:contact type=”billing”> |
0-1 |
optional |
<domain:authInfo> |
1 |
|
<domain:pw> |
1 |
auth-code |
<fury:key>PRIVACY</fury:key> |
0-1 |
The domain privacy setting for WHOIS information configured as either Private or Public. |
<secDNS:dsData> |
0-1 |
domain:delete¶
This command is used to cancel a domain name.
.nz Business Rules¶
Auto-Renew
.nz domain names auto renew at the end of their registration period. In order to remove an existing .nz domain name from the register a delete command has to be sent.
Registration and Renewal Grace Periods
.nz domain names have a 5 day Registration Grace Period, a 5 day explicit Renewal Grace Period and a 45 day Auto-renew Grace Period. Sending a delete command during any of these grace periods for a domain will undo the previous transaction and remove any billing transactions caused by the create or renew transaction from the system. Sending a delete within 5 days after registration will remove the domain name immediately from the register and the domain name is available for registration again. Sending a delete within either of the Renewal Grace Periods will undo the renewal, void the billing transaction and put the domain name in status Redemption period.
Restore from Redemption Period
A cancelled .nz domain name will be kept in the register for another 90 days under the Redemption Period status (except when canceled during Registration Grace Period). During that time the registrar will be able to fully re-instate the domain name for the registrant so that it becomes active again using the restore process. The domain name can also be transferred to a new registrar and be restored by the gaining registrar.
Request:
<?xml version='1.0' encoding='UTF-8'?>
<epp xmlns='urn:ietf:params:xml:ns:epp-1.0'>
<command>
<delete>
<domain:delete xmlns:domain='urn:ietf:params:xml:ns:domain-1.0'>
<domain:name>testdomain.nz</domain:name>
</domain:delete>
</delete>
<clTRID>ABC-22432</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<trID>
<clTRID>ABC-22432</clTRID>
<svTRID>CIRA-000055592709-0000000002</svTRID>
</trID>
</response>
</epp>
domain:restore¶
While in Redemption Period a domain can be restored to reactivate it. Both a restore request and a restore report are required to complete the process.
Note
On restore from redemption, a domain will autorenew instantly for 1 year if it is past its expiry date.
Restore request:
<?xml version='1.0' encoding='UTF-8'?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<update>
<domain:update xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>testdomain.nz</domain:name>
<domain:chg/>
</domain:update>
</update>
<extension>
<rgp:update xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0">
<rgp:restore op="request"/>
</rgp:update>
</extension>
<clTRID>ABC-32432</clTRID>
</command>
</epp>
Restore response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<extension>
<rgp:upData>
<rgp:rgpStatus s="pendingRestore"/>
</rgp:upData>
<fee:updData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="true" grace-period="P5D">0.00</fee:fee>
<fee:balance>-468.00</fee:balance>
</fee:updData>
</extension>
<trID>
<clTRID>ABC-32432</clTRID>
<svTRID>CIRA-000055610507-0000000002</svTRID>
</trID>
</response>
</epp>
Restore report request:
<?xml version='1.0' encoding='UTF-8'?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<update>
<domain:update xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>testdomain.nz</domain:name>
<domain:chg/>
</domain:update>
</update>
<extension>
<rgp:update xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0">
<rgp:restore op="report">
<rgp:report>
<rgp:preData>Not Applicable</rgp:preData>
<rgp:postData>Not Applicable.</rgp:postData>
<rgp:delTime>2023-03-20T09:08:50</rgp:delTime>
<rgp:resTime>2023-03-20T11:31:50</rgp:resTime>
<rgp:resReason>Registrant error.</rgp:resReason>
<rgp:statement>This registrar has not restored the Registered Name in order to assume the rights to use or sell the Registered Name for itself or for any third party.</rgp:statement>
<rgp:statement>The information in this report is true to best of this registrar's knowledge, and this registrar acknowledges that intentionally supplying false information in this report shall constitute an incurable material breach of the Registry-Registrar Agreement.</rgp:statement>
<rgp:other>Supporting information goes here.</rgp:other>
</rgp:report>
</rgp:restore>
</rgp:update>
</extension>
<clTRID>ABC-32433</clTRID>
</command>
</epp>
Restore report response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<trID>
<clTRID>ABC-32433</clTRID>
<svTRID>CIRA-000055613114-0000000002</svTRID>
</trID>
</response>
</epp>
domain:transfer¶
This command allows the transfer of management of a domain name between registrars.
.nz Business Rules¶
When and How to transfer
Transfer for an existing domain name can be performed by registrars at any time except during the Registration Grace Period (first 5 days after domain create) or when a domain name has been locked by the registry.
To transfer the management of a domain name the Auth-code needs to be provided in the transfer request which is provided by the registrant to the gaining registrar. The registrant of a domain name can request the Auth-code from their current registrar who is required to supply the information. Please check <domain:update> to find out how to generate a new Auth-code.
The Releasing Registrar
The releasing registrar is not able to delay the transfer, nor refuse to supply the Auth-code so the transfer cannot occur. A service message will be generated after a successful transfer to notify the releasing registrar of the transfer away. The releasing registrar will be able to retrieve this message by running the poll command.
op=”request” only
Renewal
A renewal is not required as part of a registrar transfer but can be included if needed.
Transfer request without renewal:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<transfer op="request">
<domain:transfer xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>testdomain.nz</domain:name>
<domain:authInfo>
<domain:pw>authcodeauthcode</domain:pw>
</domain:authInfo>
</domain:transfer>
</transfer>
<clTRID>ABC-42433</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:trnData>
<domain:name>testdomain.nz</domain:name>
<domain:trStatus>serverApproved</domain:trStatus>
<domain:reID>998</domain:reID>
<domain:reDate>2023-03-20T00:13:02.326Z</domain:reDate>
<domain:acID>997</domain:acID>
<domain:acDate>2023-03-20T00:13:02.443Z</domain:acDate>
<domain:exDate>2023-03-27T19:37:21.034Z</domain:exDate>
</domain:trnData>
</resData>
<extension>
<fee:trnData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="false">0.00</fee:fee>
</fee:trnData>
</extension>
<trID>
<clTRID>ABC-42433</clTRID>
<svTRID>CIRA-000055625102-0000000002</svTRID>
</trID>
</response>
</epp>
Transfer request with renewal:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<transfer op="request">
<domain:transfer xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>testdomain.nz</domain:name>
<domain:period unit="y">1</domain:period>
<domain:authInfo>
<domain:pw>passwordpassword</domain:pw>
</domain:authInfo>
</domain:transfer>
</transfer>
<clTRID>ABC-42434</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:trnData>
<domain:name>authcodetest-4.nz</domain:name>
<domain:trStatus>serverApproved</domain:trStatus>
<domain:reID>997</domain:reID>
<domain:reDate>2023-03-20T00:42:01.493Z</domain:reDate>
<domain:acID>998</domain:acID>
<domain:acDate>2023-03-20T00:42:01.615Z</domain:acDate>
<domain:exDate>2024-03-27T19:37:21.034Z</domain:exDate>
</domain:trnData>
</resData>
<extension>
<fee:trnData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="false">18.00</fee:fee>
</fee:trnData>
</extension>
<trID>
<clTRID>ABC-42434</clTRID>
<svTRID>CIRA-000055629101-0000000002</svTRID>
</trID>
</response>
</epp>
domain:renew¶
This command is used to renew a domain name
.nz Business Rules¶
a .nz domain doesnʼt expire but auto-renews automatically on a yearly basis unless the domain has been explicitly renewed for one or more years by a renewal command prior to its expiry date or
the domain name has been cancelled or
the domain name has been locked by the registry
Domain names can be renewed for up to 10 years (depending on the current expiration date). A domain name can have a expiration date up to 10 years into the future.
There is a 5 day Renewal Grace Period
Renewal request:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<renew>
<domain:renew xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<domain:name>testdomain.nz</domain:name>
<domain:curExpDate>2024-03-27</domain:curExpDate>
<domain:period unit="y">2</domain:period>
</domain:renew>
</renew>
<clTRID>ABC-52434</clTRID>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<resData>
<domain:renData>
<domain:name>testdomain.nz</domain:name>
<domain:exDate>2026-03-27T19:37:21.034Z</domain:exDate>
</domain:renData>
</resData>
<extension>
<fee:renData>
<fee:currency>NZD</fee:currency>
<fee:fee refundable="true" grace-period="P1D">36.00</fee:fee>
<fee:balance>-522.00</fee:balance>
</fee:renData>
</extension>
<trID>
<clTRID>ABC-52434</clTRID>
<svTRID>CIRA-000055633314-0000000002</svTRID>
</trID>
</response>
</epp>
poll¶
This command is to check and retrieve queued service messages
Request:
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<poll op="req"/>
</command>
</epp>
Response:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1301">
<msg>Command completed successfully; ack to dequeue</msg>
</result>
<msgQ count="6" id="22236860">
<qDate>2023-03-15T03:00:29.284Z</qDate>
<msg lang="en">Domain deltestdomain.nz has been deleted.</msg>
</msgQ>
<trID>
<svTRID>CIRA-000055814979-0000000002</svTRID>
</trID>
</response>
</epp>
poll ack¶
This command will acknowledge and remove a message from the poll queue so that registrars can run another poll request to get the next message in line if one exists.
Note
In the poll ack request “msgID” should match the “id” returned in the poll message.
Request:
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<poll op="ack" msgID="22236860" />
</command>
</epp>
Response
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns:fury="urn:ietf:params:xml:ns:fury-2.0" xmlns:fury-rgp="urn:ietf:params:xml:ns:fury-rgp-1.0" xmlns:fee="urn:ietf:params:xml:ns:fee-0.11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:smd="urn:ietf:params:xml:ns:signedMark-1.0" xmlns:mark="urn:ietf:params:xml:ns:mark-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0" xmlns:launch="urn:ietf:params:xml:ns:launch-1.0" xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1" xmlns:rgp="urn:ietf:params:xml:ns:rgp-1.0" xmlns:idn="urn:ietf:params:xml:ns:idn-1.0" xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
<response>
<result code="1000">
<msg>Command completed successfully</msg>
</result>
<msgQ count="5" id="22236860"/>
<trID>
<svTRID>CIRA-000055823571-0000000002</svTRID>
</trID>
</response>
</epp>