openprovider

OpenProvider domain registrar & DNS management. Triggers on: register domain, buy domain, renew domain, transfer domain, delete domain, restore domain, add DNS record, change DNS, create DNS zone, list DNS records, delete DNS zone, order SSL certificate, renew SSL, revoke SSL, change nameservers, nameserver group, TLD prices, TLD info, WHOIS, domain owner, registrant, customer handle, create contact, OpenProvider, Openprovider, domain available, check domain, domain search, domain suggestions, bulk domain check, auto-renew, auth code, EPP code, domain status, DNS propagation, MX record, SPF record, DKIM record, DMARC record, A record, CNAME record, TXT record, reseller, domain pricing, domain cost

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "openprovider" with this command: npx skills add jpj069/openprovider

OpenProvider Skill

OpenProvider (openprovider.eu) is the domain registrar and DNS provider for Atlas Frontline. This skill handles all domain, DNS, SSL, and customer handle operations via the OpenProvider REST API v1beta.

Auth Flow

Always obtain a token before making any API call.

  1. Load credentials: OPENPROVIDER_USERNAME / OPENPROVIDER_PASSWORD (env vars), with legacy fallback from OPENPROVIDER_USER / OPENPROVIDER_PASS, or DB table system_settings (key: integration_credentials_openprovider)
  2. Get token: POST https://api.openprovider.eu/v1beta/auth/login
  3. Use token as Authorization: Bearer {token} header
  4. Token valid for 48h (Atlas caches for 24h)
  5. On HTTP 401: invalidate token → re-authenticate → retry request
# Get token
OP_USER="${OPENPROVIDER_USERNAME:-${OPENPROVIDER_USER:-}}"
OP_PASS="${OPENPROVIDER_PASSWORD:-${OPENPROVIDER_PASS:-}}"
TOKEN=$(curl -s -X POST https://api.openprovider.eu/v1beta/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "'"$OP_USER"'", "password": "'"$OP_PASS"'"}' \
  | jq -r '.data.token')

→ Full auth docs: references/auth.md

API Base

SettingValue
Base URLhttps://api.openprovider.eu/v1beta/
AuthBearer Token
Content-Typeapplication/json
Timeout30s
Retries3 (backoff: 1s, 3s, 9s)

Routing Matrix

Use this table to find the right action and reference file:

Domain Operations

RequestEndpointMethodReference
Is domain available? / Check domain/domains/checkPOSTdomains.md
Register / buy domain/domainsPOSTdomains.md
Get domain status/domains/{id}GETdomains.md
List all domains/domainsGETdomains.md
Renew domain/domains/{id}/renewPOSTdomains.md
Update domain settings/domains/{id}PUTdomains.md
Transfer domain/domains/transferPOSTdomains.md
Delete / cancel domain/domains/{id}DELETEdomains.md
Restore domain/domains/{id}/restorePOSTdomains.md

DNS Operations

RequestEndpointMethodReference
Create DNS zone/dns/zonesPOSTdns.md
Get DNS zone/dns/zones/{domain}GETdns.md
Add/remove DNS records/dns/zones/{domain}PUTdns.md
List DNS records/dns/zones/{domain}/recordsGETdns.md
Delete DNS zone/dns/zones/{domain}DELETEdns.md
List all DNS zones/dns/zonesGETdns.md

SSL Operations

RequestEndpointMethodReference
Order SSL certificate/ssl/ordersPOSTssl.md
List SSL certificates/ssl/ordersGETssl.md
Get SSL certificate details/ssl/orders/{id}GETssl.md
Reissue SSL certificate/ssl/orders/{id}/reissuePOSTssl.md
Renew SSL certificate/ssl/orders/{id}/renewPOSTssl.md
Cancel SSL certificate/ssl/orders/{id}DELETEssl.md
List SSL products/prices/ssl/productsGETssl.md

Nameserver Operations

RequestEndpointMethodReference
List NS groups/dns/nameservers/groupsGETnameservers.md
Get NS group details/dns/nameservers/groups/{name}GETnameservers.md
Create NS group/dns/nameservers/groupsPOSTnameservers.md
Update NS group/dns/nameservers/groups/{name}PUTnameservers.md
Delete NS group/dns/nameservers/groups/{name}DELETEnameservers.md

TLD Information

RequestEndpointMethodReference
List all TLDs/tldsGETtlds.md
Get TLD details & prices/tlds/{name}GETtlds.md

Customers & Resellers

RequestEndpointMethodReference
List customers/customersGETcustomers-resellers.md
Get customer/customers/{handle}GETcustomers-resellers.md
Create customer / handle/customersPOSTcustomers-resellers.md
Update customer/customers/{handle}PUTcustomers-resellers.md
Delete customer/customers/{handle}DELETEcustomers-resellers.md
Reseller info/resellers/{id}GETcustomers-resellers.md

Workflow: Register Domain (End-to-End)

Full flow when a user says "register the domain example.com":

  1. Check availabilityPOST /domains/check with with_price: true
  2. Ensure customer handleGET /customers or POST /customers
  3. Register domainPOST /domains with owner_handle, ns_group
  4. Create DNS zonePOST /dns/zones
  5. Set DNS recordsPUT /dns/zones/{domain} (A, MX, SPF, DKIM, DMARC)
  6. Check statusGET /domains/{id}

Workflow: Change DNS Record

  1. Load current recordsGET /dns/zones/{domain}/records
  2. Normalize the record name to zone-relative form
  3. Remove old recordPUT /dns/zones/{domain} with records.remove
  4. Add new recordPUT /dns/zones/{domain} with records.add
  5. Verify the resulting record namesGET /dns/zones/{domain}/records

Important: Do NOT combine remove and add in a single PUT call! Two separate calls required (Error 817).

DNS Record Naming Rule (CRITICAL)

When updating records in zone /dns/zones/{domain}, OpenProvider expects the record name in zone-relative form for subdomains.

Use:

  • phone for phone.example.com in zone example.com
  • _dmarc for _dmarc.example.com in zone example.com
  • www for www.example.com in zone example.com

Do NOT use the full FQDN as name when writing records inside a zone unless you have verified OpenProvider expects it for that exact operation.

If you send phone.example.com as name inside zone example.com, OpenProvider may append the zone again and create the wrong record:

  • intended: phone.example.com
  • accidental result: phone.example.com.example.com

Safe Name Normalization

Before any DNS write:

  1. Identify the zone apex, e.g. example.com
  2. Convert requested host to zone-relative label:
    • example.com → apex/root ("" empty string for OpenProvider zone writes, not the full domain, and not @ unless explicitly verified)
    • phone.example.comphone
    • _dmarc.example.com_dmarc
  3. Read back the zone records after the write and confirm the final record name is correct

Apex / Root Record Rule (CRITICAL)

For OpenProvider PUT /dns/zones/{domain} writes, the zone apex must be sent as an empty string name:

{
  "name": "",
  "type": "TXT",
  "value": "google-site-verification=...",
  "ttl": 600
}

Do not send the full domain name as name for apex writes inside the zone payload. If you send example.com as name while writing inside zone example.com, OpenProvider may create:

  • intended: example.com
  • accidental result: example.com.example.com

Also do not assume @ works for OpenProvider. It may be rejected as an invalid record name.

Safe DNS Change Pattern

For any add/replace of a record:

  1. Read current zone records
  2. Check whether the target record already exists
  3. If replacing, remove conflicting record first
  4. Add the new record using the zone-relative name
  5. Re-read the zone and verify the exact final FQDN
  6. Optionally check public resolution separately (dig) because provider acceptance ≠ public propagation

MX / Mail Provider Rule (CRITICAL)

For OpenProvider DNS writes, MX records use the field name prio, not priority.

Correct example for a mail subdomain inside zone example.com:

{
  "records": {
    "add": [
      {
        "name": "send",
        "type": "MX",
        "value": "feedback-smtp.eu-west-1.amazonses.com",
        "ttl": 600,
        "prio": 10
      }
    ]
  }
}

Do not use priority in the payload unless you have verified a different endpoint/schema.

For Resend/Amazon SES sender domains, a known-good public result is:

dig +short MX send.example.com
# 10 feedback-smtp.eu-west-1.amazonses.com.

Example

Zone: example.com

Correct add payload for phone.example.com:

{
  "records": {
    "add": [
      {
        "name": "phone",
        "type": "A",
        "value": "46.225.220.40",
        "ttl": 900
      }
    ]
  }
}

Incorrect payload:

{
  "records": {
    "add": [
      {
        "name": "phone.example.com",
        "type": "A",
        "value": "46.225.220.40",
        "ttl": 900
      }
    ]
  }
}

That incorrect payload can create phone.example.com.example.com.

Apex TXT example for example.com:

Correct:

{
  "records": {
    "add": [
      {
        "name": "",
        "type": "TXT",
        "value": "google-site-verification=...",
        "ttl": 600
      }
    ]
  }
}

Incorrect:

{
  "records": {
    "add": [
      {
        "name": "example.com",
        "type": "TXT",
        "value": "google-site-verification=...",
        "ttl": 600
      }
    ]
  }
}

That incorrect payload can create example.com.example.com.

Workflow: Domain Transfer

  1. Get auth code from current registrar (EPP/transfer code)
  2. Ensure customer handlePOST /customers if needed
  3. Initiate transferPOST /domains/transfer with auth_code + owner_handle

Error Handling

All API responses follow this structure:

{"code": 0, "desc": "...", "data": {...}}
  • code: 0 = success
  • code: != 0 = error (details in desc)
  • HTTP 401 = token expired → re-authenticate
  • HTTP 429 = rate limit → wait and retry
  • If env lookup fails, check whether the instance still uses legacy names OPENPROVIDER_USER / OPENPROVIDER_PASS

Common errors:

CodeMeaningSolution
817Duplicate DNS recordRemove existing record first, then add new one
816Validation error / invalid field valueRe-check record schema; for MX use prio instead of priority
801Domain already existsDomain is already registered
899Rate limitReduce batch size, wait
1000Auth failedCheck credentials

→ Full error reference: references/auth.md

Atlas Integration (Context)

OpenProvider is integrated into Atlas via the Frontline module:

  • Service: api/services/frontline/openprovider.ts — API client
  • DNS: api/services/frontline/dns.ts — DNS configuration & verification
  • Handles: api/services/frontline/handles.ts — Workspace handle management
  • Search: api/services/frontline/domain-search.ts — Domain availability search
  • Domains: api/services/frontline/domains.ts — Domain lifecycle
  • Types: shared/types/frontline.ts — TypeScript definitions
  • Credentials: system_settings table, key integration_credentials_openprovider

Key Limits

LimitValue
Domain check batch sizeMax 5 per request
Suggestions per searchMax 20
Token validity48h (cache: 24h)
Request timeout30s
DNS TTL minimum600s
Domain registrations per workspace/dayMax 3 (Atlas limit)

Reference Files

FileContents
references/auth.mdAuthentication, tokens, credentials, error handling
references/domains.mdDomain CRUD, check, transfer, renew, restore
references/dns.mdDNS zones & records (CRUD, patterns, pitfalls)
references/ssl.mdSSL certificates (order, reissue, renew, cancel)
references/nameservers.mdNameserver group management
references/tlds.mdTLD information & pricing
references/customers-resellers.mdCustomer handles & reseller info

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Img2img

Generate images from text descriptions using DALL-E 3 while adhering to usage policies and avoiding realistic human faces.

Registry SourceRecently Updated
2270binkosun
General

Habitat-GS-Navigator

Navigate and interact with photo-realistic 3DGS environments via the Habitat-GS Bridge. Use when: user asks to explore a 3D scene, perform embodied navigatio...

Registry SourceRecently Updated
1870the0xka1
General

Memory Palace

持久化记忆管理。Use when: 用户告诉你个人信息/偏好/习惯、需要记住项目状态/技术决策、完成任务后有可复用经验、用户说"记住""别忘了""下次注意"、需要回忆之前的对话内容。支持语义搜索和时间推理。

Registry SourceRecently Updated
5580lanzhou3
General

Podcast Transcript Mining Authority Positioning

Extract guest appearances, speaking topics, and soundbites from podcast transcripts to build authority portfolios and generate podcast pitch templates. Use w...

Registry SourceRecently Updated
1860ncreighton