# opendom Docs ## Authentication This page covers provider login commands and quick checks to confirm your credentials are working. ### Overview * Authenticate once per provider with `opendom login `. * Credentials are stored in your local config for future commands. * Set a default provider with `opendom set-default `. * Use `--provider` only when you want to override the saved default for one command. ### Provider login commands The easiest path is the interactive login flow. It prompts line-by-line and masks secret values while you type. #### Netim ```bash opendom login netim ``` Explicit flag-based form: ```bash opendom login --provider netim --id YOUR_RESELLER_ID --secret YOUR_API_SECRET --ote ``` Required flags: * `--id` * `--secret` Optional: * `--ote` for test environment. #### Cloudflare ```bash opendom login cloudflare ``` Explicit flag-based form: ```bash opendom login --provider cloudflare --token YOUR_API_TOKEN --account-id YOUR_ACCOUNT_ID ``` Required flags: * `--token` Optional: * `--account-id` (recommended for consistent registrar operations). #### Porkbun ```bash opendom login porkbun ``` Explicit flag-based form: ```bash opendom login --provider porkbun --apikey YOUR_API_KEY --secretapikey YOUR_SECRET_API_KEY ``` Required flags: * `--apikey` * `--secretapikey` #### Namecheap ```bash opendom login namecheap ``` Explicit flag-based form: ```bash opendom login --provider namecheap --api-user YOUR_API_USER --username YOUR_USERNAME --api-key YOUR_API_KEY --client-ip YOUR_CLIENT_IP --sandbox ``` Required flags: * `--api-user` * `--username` * `--api-key` * `--client-ip` Optional: * `--sandbox` for sandbox mode. * `--address-id` when you want to choose a specific Namecheap address profile during flag-based login. ### Set a default provider Save the provider you want normal commands to use: ```bash opendom set-default cloudflare ``` Provider resolution now works like this: 1. `--provider ` overrides everything for that command. 2. Otherwise, `opendom` uses your saved default provider. 3. If no default is set and exactly one provider is configured, `opendom` uses that provider automatically. 4. If multiple providers are configured and no default is set, `opendom` asks you to run `opendom set-default ` or pass `--provider`. ### Verify authentication If you set a default provider: ```bash opendom domains ``` Override the default for a one-off check: ```bash opendom domains --provider ``` ### Logout Logout a single provider: ```bash opendom logout ``` Target a specific provider explicitly: ```bash opendom logout --provider cloudflare ``` Logout every configured provider: ```bash opendom logout --all ``` ### Troubleshooting #### Invalid token/key/secret * Re-run login with fresh credentials. * Confirm no leading/trailing spaces in copied values. #### Missing required login flags * Prefer `opendom login ` if you are logging in manually. * For non-interactive usage, run `opendom --help` and verify provider-specific login flags. #### Cloudflare token scope problems * Ensure token has DNS and registrar/account scope needed by your command set. * Add `--account-id` to reduce registrar lookup failures. #### Namecheap `ClientIp` issues * Ensure your current public IP is whitelisted in Namecheap API settings. * Use `--sandbox` during testing when applicable. * If Namecheap cannot resolve the correct address profile automatically, re-run `opendom login namecheap` and provide an address ID when prompted. ### Notes * `--provider` is now an override, not the primary way to choose a provider. * If you use multiple providers, set a default once and keep `--provider` for occasional overrides. ### Next step Continue to [First Commands](/first-commands) for a copy-paste command journey. ## First Commands Use this page as your first command journey after login. ### Before you start * Complete [Authentication](/authentication) first. * Set a default provider first, or add `--provider ` when you want a one-off override. * Mutating commands can cost money and change real DNS state. ### Track A: Cloudflare read-only flow Cloudflare is the default path for safe, read-only validation. The examples below assume `cloudflare` is your saved default provider. #### 1. Search domains ```bash opendom search myproject --tlds com,io ``` #### 2. List your domains ```bash opendom domains ``` #### 3. Inspect domain details ```bash opendom info example.com ``` #### 4. List DNS records ```bash opendom dns list example.com ``` ### Track B: Mutating flow (Netim/Porkbun/Namecheap) For full register-and-manage operations, use a provider that supports `buy` and renewal in CLI. Canonical examples below use `netim`, and assume `netim` is your saved default provider. #### 1. Buy a domain ```bash opendom buy myproject.com --yes ``` #### 2. Confirm domain info ```bash opendom info myproject.com ``` #### 3. Add DNS record ```bash opendom dns set myproject.com A 1.2.3.4 --subdomain app --ttl 300 ``` #### 4. Update DNS record ```bash opendom dns update myproject.com A 1.2.3.4 5.6.7.8 --subdomain app --ttl 300 ``` #### 5. Remove DNS record ```bash opendom dns rm myproject.com A 5.6.7.8 --subdomain app ``` #### 6. Renew domain ```bash opendom renew myproject.com --duration 1 --yes ``` If you want to target a different provider for a single command, append `--provider `. ### Cloudflare fail-fast commands Cloudflare intentionally fails fast for these operations in this CLI flow: * `buy` * `renew` * `dns ns` Use the Cloudflare dashboard for unsupported registrar operations. ### Safety notes * Use disposable domains for tests. * Prefer OT\&E/sandbox credentials where available. * Double-check target domains before running mutating DNS commands. ### What to run next 1. Revisit [Setup & Installation](/getting-started) for install and global notes. 2. Revisit [Authentication](/authentication) for provider credential troubleshooting. ## Setup & Installation `opendom` is a terminal-first domain manager for Netim, Cloudflare, Porkbun, and Namecheap. > **Preview:** Package publishing is pending. The Homebrew and npm commands below use the target release names and are currently illustrative. ### Install with Homebrew (macOS/Linuxbrew) ```bash brew tap bunga/opendom brew install opendom-cli ``` ### Install with a package manager :::code-group ```bash [npm] npm install -g @bunga/opendom-cli ``` ```bash [pnpm] pnpm add -g @bunga/opendom-cli ``` ```bash [yarn] yarn global add @bunga/opendom-cli ``` ```bash [bun] bun add -g @bunga/opendom-cli ``` ::: ### Verify installation ```bash opendom --version opendom --help ``` Expected result: * `--version` prints the installed CLI version. * `--help` prints command groups (`AUTH`, `DOMAINS`, `DNS`, `ACCOUNT`) and available providers. ### First login ```bash opendom login netim ``` You can also authenticate with `cloudflare`, `porkbun`, or `namecheap` the same way: ```bash opendom login cloudflare opendom login porkbun opendom login namecheap ``` If you need non-interactive scripting, the flag-based `opendom login --provider ...` form still works. ### Choose your default provider ```bash opendom set-default netim ``` After that, normal commands use your saved default provider automatically. You can still override it on any command with `--provider `. ### Run your first command ```bash opendom search myproject --tlds com,io ``` ### Notes * If no default is set and exactly one provider is configured, `opendom` uses that provider automatically. * If multiple providers are configured and no default is set, `opendom` asks you to run `opendom set-default ` or pass `--provider`. * `--provider` is the override flag when you want to target a different provider for one command. ### Troubleshooting #### `opendom: command not found` * Ensure your global npm bin path or Homebrew bin path is on `PATH`. * Restart your shell after installation. #### Authentication error or missing credentials * Run `opendom login ` first. * Confirm your provider credentials are valid and have required scopes. #### Wrong or missing provider behavior * Save a default with `opendom set-default `. * Or override for one command with `--provider `. * Run `opendom --help` to verify command and flag syntax. ### Next step Continue to [Authentication](/authentication) for provider-specific login commands and verification checks.