Getting Started uses a simple HTTP api called DSDM (Dynamic Sub Domain Management) to allow for automated subdomain allocation and management.

Request Subdomain

curl --request POST --url
  "id": "f7ba6402-2a47-4ba1-9e74-03f049cca41c",
  "domain": "",
  "token": "<token-removed>"

The subdomain endpoint will return a new dynamic subdomain.

  • The format of the id is an implementation detail and should not be parsed.
  • The domain will be of the format <id>.<dsdm-server>.
  • The token is a secret that can be used to manage the subdomain.

Dynamic Records

IPv6 and IPv4 records can be dynamically generated:

dig +short A
dig +short AAAA

Set ACME Challenge

Wildcard SSL certificates can be acquired via the DNS-01 challenge format. is not a certificate authority and instead exposes an API to specify the _acme-challenge.<id>.<dsdm-server> record. This allows you to acquire a certificate via any ACME compatible certificate authority with wildcard and DNS-01 support, such as Let’s Encrypt.

You can verify that has not covertly issued a certificate for your subdomain by checking a Certificate Transparency Log, such as via

curl --request POST \
  --url \
  --header 'Content-Type: application/json' \
  --data '{
	"token": "<token-removed>",
	"values": [
dig +short TXT

The challenge token will expire after some period of time. You should not rely on this value being available for any extended period.