Quick links
The ApertoDNS Protocol is an open specification for consumer Dynamic DNS (DDNS) services. It defines a modern RESTful API using JSON over HTTPS, designed to replace the fragmented landscape of undocumented, provider-specific DDNS protocols that currently dominate the market.
Today, over 30 Dynamic DNS providers operate with undocumented protocol variations, creating vendor lock-in and interoperability barriers for any organisation relying on DDNS - including public administrations managing government domains and citizen-facing digital services. The widely used DynDNS2 protocol has never been formally specified. The ApertoDNS Protocol addresses this gap.
The protocol is vendor-agnostic: any DNS provider can implement it under their own domain and branding, using the standardized well-known URI path /.well-known/apertodns/v1/. It provides native IPv4 and IPv6 support, bulk hostname updates, TXT record management for ACME DNS-01 certificate validation, fine-grained authorization scopes, record deletion semantics, a documented concurrency model, and comprehensive IP address validation against all RFC 6890 reserved ranges. Backward compatibility with legacy DynDNS2 clients is maintained.
The specification is published as IETF Internet-Draft draft-ferro-dnsop-apertodns-protocol-02, currently under review within the IETF DNSOP working group. It builds on established standards including RFC 8615 (Well-Known URIs), RFC 6750 (Bearer Token Usage), RFC 9110 (HTTP Semantics), and RFC 8259 (JSON).
A reference implementation and the full protocol specification are available as open source on GitHub: https://github.com/apertodns/apertodns-protocol
The protocol supports the objectives of the Interoperable Europe Act by enabling technical interoperability between DNS service providers and reducing vendor lock-in. It aligns with the NIS 2 Directive’s requirements for resilient network infrastructure and contributes to the EU’s digital sovereignty goals by ensuring that public administrations are not dependent on any single provider for critical DNS update services.
Detailed information
Related solutions