API Keys
API keys let scripts, CI pipelines and AI tools use the NSIN API with your account’s permissions — no browser login required. Every key acts as you: domains you own and domains shared with you (with their member roles) are accessible exactly as in the panel.
Creating a key
Section titled “Creating a key”- Open the panel and click your avatar → Settings → API keys.
- Click Create key, give it a descriptive name (e.g.
CI deploy,monitoring). - Pick an expiry (never / 30 / 90 / 365 days) and whether the key is read-only.
- Copy the key immediately.
Keys look like this:
nsin_a1b2c3d4e5f6… (69 characters)Full access vs read-only
Section titled “Full access vs read-only”| Mode | What it can do |
|---|---|
| Full access | Everything your account can do on the allowed API surface — manage records, rules, cache, SSL. |
| Read-only | GET requests only: list domains and records, read analytics, SSL status and cache rules. |
Domain-level roles still apply on top: a key belonging to a user with the Viewer role on a shared domain cannot edit that domain’s records even with a full-access key.
Authenticating requests
Section titled “Authenticating requests”Send the key in either header:
# Authorization header (also used by MCP clients)curl -H "Authorization: Bearer nsin_your_key_here" https://api.nsin.ir/domains/
# Or the X-Api-Key headercurl -H "X-Api-Key: nsin_your_key_here" https://api.nsin.ir/domains/Limits and restrictions
Section titled “Limits and restrictions”- Rate limit: 300 requests per minute per key. Exceeding it returns
429. - Blocked surfaces: keys cannot call account (
/users/…), billing (/billing/…), admin or auth endpoints. Keys can never create or revoke keys. - Cap: up to 10 active keys per account.
Usage and revocation
Section titled “Usage and revocation”The API keys tab shows each key’s last-used time and a 30-day request chart, so you can spot unused or unexpectedly busy keys. Revoking a key takes effect immediately — in-flight and future requests get 401.