RFC 5730 · REST + OpenAPI
REST for EPP.
Any registry, one API.
RestEpp wraps the EPP domain registry protocol in clean REST + JSON.
Check, register, and manage domains with a single curl call — no raw XML, no socket state machine.
Try it — live availability check
NIRA sandboxGET /v1/domains/{domain}/availability.
Same operation, radically less code
Raw EPP means hand-built XML over a stateful TLS socket. RestEpp is one HTTP call.
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
<command>
<login>
<clID>your-registrar-id</clID>
<pw>••••••••</pw>
<svcs>
<objURI>urn:ietf:params:xml:ns:domain-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:contact-1.0</objURI>
<objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
</svcs>
</login>
<clTRID>abc-tx-1</clTRID>
</command>
</epp>
// ...open a TLS socket, frame the message, wait for the
// reply, parse XML, THEN send a second <check> frame,
// wait, parse again — before you even know if it's free.
curl https://api.restepp.dev/v1/domains/example.com.ng/availability \
-H "Authorization: Bearer re_live_..."
# { "domain": "example.com.ng", "available": true }
import { RestEpp } from "@restepp/client"; // generated from openapi.yaml
const client = new RestEpp({ apiKey: process.env.RESTEPP_KEY });
const { available } = await client.domains.availability("example.com.ng");
import requests
r = requests.get(
"https://api.restepp.dev/v1/domains/example.com.ng/availability",
headers={"Authorization": "Bearer re_live_..."},
)
print(r.json())
Everything EPP, none of the pain
One API surface for domains, contacts, hosts, and transfers — built on the same RFC 5730 primitives registries already speak.
OpenAPI-first
Every endpoint is generated from a single OpenAPI 3 spec — typed clients, validated requests/responses, and a live reference in sync with the server.
Credentials never stored
Your registry username and password are encoded into your API key with AES-256-GCM and decrypted per-request. We never persist them.
Warm-pool performance
A per-credential connection pool keeps EPP sockets alive across requests — one round trip instead of four (connect, login, command, and back).
Audit logging
Every billable call emits a structured audit record (requestId, keyId, credHash, outcome, latency) — filterable in your log pipeline.
Bring your own registry
Point RestEpp at any RFC 5730-compliant registry host. Not locked to a single TLD operator.
Generic EPP (RFC 5730)
Domains, contacts, hosts, transfers, and polling — the full command set, mapped to REST verbs and JSON.
RestEpp vs. the alternatives
An honest comparison — no strawmen. Raw EPP libraries and registrar reseller APIs both have their place.
| RestEpp | Raw EPP libraries | Registrar reseller APIs | |
|---|---|---|---|
| Integration effort | One REST call, typed clients from OpenAPI | Hand-roll XML + TLS socket state machine | Vendor-specific SDK per reseller |
| Transport | REST / JSON over HTTPS | Raw XML over persistent TLS sockets | REST or SOAP, varies by vendor |
| Typed clients | Generated from OpenAPI (TS, curl, more) | None — you write your own XML mapping | Sometimes, vendor-maintained |
| Credential storage | Encoded into your key, never stored server-side | You manage registry creds yourself | Stored by the reseller |
| Multi-registry | Any RFC 5730 registry, bring your own host | Whatever you implement | Locked to the reseller's supported registries |
| Session / connection handling | Warm-pooled per credential, reused across calls | You manage login/keepalive/reconnect | Abstracted, but opaque |
| Audit / observability | Structured audit log per billable call | Whatever you build | Varies, often minimal |
| Pricing model | Free tier, flat annual Pro | Cost of registry access only | Markup per operation or per domain |
How it works
Mint a key
Give RestEpp your registry credentials once. We validate them live, encode them into your key, and never store them.
Call REST
Send JSON over HTTPS to api.restepp.dev — no XML, no socket management.
We speak EPP
RestEpp translates your call to EPP over a warm, pooled connection to the registry and maps the reply back to JSON.
Your registry password never touches our database.
API keys are minted with AES-256-GCM: your credential is encoded into the key itself, tamper-evident and decrypted per-request. Revoke a key and the credential is gone with it — read the key-design writeup.
Simple, predictable pricing
Free to start. One flat price for Pro. No per-operation markup.
Free
$0 /mo
For testing and low-volume integrations.
- 10,000 API calls / month
- All EPP operations
- One registry credential per key
- Community support
Pro
$49 /yr
For production registrars and integrators.
- Unlimited API calls
- All EPP operations
- Unlimited API keys
- Usage analytics + audit log access
- Email support
Enterprise
Contact us
For high-volume or custom-registry needs.
- Volume pricing
- Dedicated support
- Custom registry onboarding
- SLA
From the blog
Jul 2, 2026
Generate a typed .ng domain client in 5 minutes
RestEpp's API is defined by a single OpenAPI 3 spec. Point any OpenAPI codegen at it and you have a typed client — here's the fastest path with openapi-typescript.
Jun 25, 2026
From 4 round-trips to 1: warm EPP pooling on serverless
Login-per-request against an EPP registry costs seconds. We measured 10.9s cold vs. 1.0s warm with a per-credential connection pool — here's how it works on a stateless function runtime.
Jun 16, 2026
Your registry password never touches our database
How RestEpp API keys encode your EPP credential with AES-256-GCM instead of storing it — tamper-evident, one key per registry, and gone the moment you revoke it.
Ship your registry integration this week
Free for the first 10,000 calls a month. No credit card required.
Get started free