رفتن به محتوا

API Keys

این محتوا هنوز به زبان شما در دسترس نیست.

API keys let scripts, CI pipelines and AI tools use the NSIN API with your account’s permissions — no browser login required. Every key acts as you: domains you own and domains shared with you (with their member roles) are accessible exactly as in the panel.

  1. Open the panel and click your avatar → SettingsAPI keys.
  2. Click Create key, give it a descriptive name (e.g. CI deploy, monitoring).
  3. Pick an expiry (never / 30 / 90 / 365 days) and whether the key is read-only.
  4. Copy the key immediately.

Keys look like this:

nsin_a1b2c3d4e5f6… (69 characters)
ModeWhat it can do
Full accessEverything your account can do on the allowed API surface — manage records, rules, cache, SSL.
Read-onlyGET requests only: list domains and records, read analytics, SSL status and cache rules.

Domain-level roles still apply on top: a key belonging to a user with the Viewer role on a shared domain cannot edit that domain’s records even with a full-access key.

Send the key in either header:

Terminal window
# Authorization header (also used by MCP clients)
curl -H "Authorization: Bearer nsin_your_key_here" https://api.nsin.ir/domains/
# Or the X-Api-Key header
curl -H "X-Api-Key: nsin_your_key_here" https://api.nsin.ir/domains/
  • Rate limit: 300 requests per minute per key. Exceeding it returns 429.
  • Blocked surfaces: keys cannot call account (/users/…), billing (/billing/…), admin or auth endpoints. Keys can never create or revoke keys.
  • Cap: up to 10 active keys per account.

The API keys tab shows each key’s last-used time and a 30-day request chart, so you can spot unused or unexpectedly busy keys. Revoking a key takes effect immediately — in-flight and future requests get 401.