Guidelines: AuthInfo and registrar transfer – technical details

How do you know if a domain is protected by an authentication code (AuthInfo)?

    When you do an info request on a domain, the response will tell you if that domain has an AuthInfo set.

  1. If an AuthInfo is set, the system will return a response containing an empty AuthInfo element:
  2. <resData>
      <domain:infData xmlns="urn:ietf:.....etc.>
      (...)
        <domain:upDate>2010-...</domain:upDate>
          <domain:authInfo>
            <domain:pw></domain:pw>
          </domain:authInfo>
      </domain:infData>
    </resData>
    
  3. If the AuthInfo hasn’t been set, the system returns a response that has no AuthInfo element:
  4. <resData>
      <domain:infData xmlns="urn:ietf:.....etc.>
      (...)
        <domain:upDate>2010-...</domain:upDate>
      </domain:infData>
    </resData>
    

    This is also described in section 3.3.1 in the interface documentation for the EPP system. You can download the PDF here.


Three variants of a registrar transfer

    There are three ways to transfer a domain between registrars. Choosing the right variant will save you and your client time and unnecessary work.

  1. AuthInfo has not been set
  2. Do not request a one-time token, it only generates unnecessary work for you and the domain holder. The EPP command you use to transfer the domain to you is <transfer op="execute">. Leave the AuthInfo field empty:

    <transfer op="execute">
            <domain:transfer xmlns:domain=....etc.>
              <domain:name>eksempeldomene.no</domain:name>
              <domain:authInfo>
                <domain:pw/>
              </domain:authInfo>
            </domain:transfer>
    </transfer>
    
  3. AuthInfo has been set and is available
  4. The EPP command you use to transfer the domain is <transfer op="execute">:

    <transfer op="execute">
            <domain:transfer xmlns:domain=....etc.>
              <domain:name>eksempeldomene.no</domain:name>
              <domain:authInfo>
                <domain:pw>MyZecret123</domain:pw>
              </domain:authInfo>
            </domain:transfer>
    </transfer>
    
  5. AuthInfo is set, but unavailable to the holder
  6. This is the only case where you need to request a one-time token from the system.

    1. Start with the EPP command <transfer op="request">:
      <transfer op="request">
         <domain:transfer xmlns:domain=....etc.>
           <domain:name>eksempeldomene.no</domain:name>
         </domain:transfer>
      </transfer>
      <extension>
         <no-ext-domain:transfer xmlns:no-ext-domain=....etc.">
           <no-ext-domain:notify>
            <no-ext-domain:email>customer@domain.no</no-ext-domain:email>
           </no-ext-domain:notify>
         </no-ext-domain:transfer>
      </extension>
      
      
      The system immediately returns a reply telling you that the transaction is pending until the system receives a confirmation.

    2. When your client has received the one-time token and passed it on to you, you complete the transaction with an <transfer op="execute"> where you put the token into the token field:
      <transfer op="execute">
         <domain:transfer xmlns:domain=...etc">
           <domain:name>eksempeldomene.no</domain:name>
         </domain:transfer>
      </transfer>
      <extension>
         <no-ext-domain:transfer xmlns:no-ext-domain=...etc.">
           <no-ext-domain:token>simsalabim</no-ext-domain:token>
         </no-ext-domain:transfer>
      </extension>
      
      

Pick up a domain from reg0

    Reg0 domains never have an AuthInfo set. The system automatically deletes it when the registrar withdraws from the domain. This means that picking up a domain up from reg0 is a version of 1) above. Make a regular <transfer op="execute"> request and leave the AuthInfo field empty.

Last updated 2015 or before