1. Openprovider
  2. API & Plugins
  3. API / EPP

How Reseller can respond to Abuse Reports via API

With this update, resellers can now handle abuse reports directly via API, without needing to log in to the Reseller Control Panel (RCP). This improvement allows a faster, more secure, and fully automated abuse-handling workflow.

 

Why This Is Important

Many mid to large resellers have separate external abuse teams and wish to keep compliance and abuse management, separate from regular domain management that happens via the Openprovider reseller control panel. Therefore, an API integration comes handy.

 

How to Handle Abuse via API

Resellers can now fully manage abuse cases using both REST API and XML API.

 

REST API

1. Retrieve Abuse Details for a Domain

Use this request to retrieve domain data including the abuse ID:

curl --location --request GET 'https://api.openprovider.eu/v1beta/domains/<domain_id>?with_abuse_details=true' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json'

This will return the abuse ID, which is required to respond.

2. Respond to the Abuse Case

Use the abuse ID to send your response and close the abuse case:

curl --location --request DELETE 'https://api.openprovider.eu/v1beta/domains/abuses/<abuse_id>?answer=<answer text>' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json'

This replicates the same behavior as responding via the RCP.

Note: This endpoint may not yet be visible in the public REST API documentation.

XML API

1. Retrieve Abuse Details

Use retrieveDomainRequest with the following parameter:

<withAbuseDetails>1</withAbuseDetails>

Here is a full sample request:

<?xml version="1.0" encoding="UTF-8"?>
<openXML>
  <credentials>
    <username>username</username>
    <password>password</password>
  </credentials>
  <retrieveDomainRequest>
    <domain>
      <name>hello123</name>
      <extension>es</extension>
    </domain>
    <withAbuseDetails>1</withAbuseDetails>
  </retrieveDomainRequest>
</openXML>

Example abuse response (partial):

<abuseDetails>
  <abuseId>ABUSE_ID_HERE</abuseId>
  <message>ABUSE_NOTIFICATION_MESSAGE_HERE</message>
  <isDomainHeld>1</isDomainHeld>
</abuseDetails>

2. Respond to the Abuse

<?xml version="1.0" encoding="UTF-8"?>
<openXML>
  <credentials>
    <username>username</username>
    <password>PASSWORD</password>
  </credentials>

  <deleteDomainAbuseRequest>
    <abuseId>123456</abuseId>
    <answer>ANSWER_HERE</answer>
  </deleteDomainAbuseRequest>
</openXML>

 

Key Benefits

  • No need to share access to RCP (You can secure your RCP with 2FA).

  • Faster abuse handling

  • Full automation possible

  • Improved internal security

  • Reduced operational bottlenecks
     

Attention

Using our API to respond to abuse reports does not replace your responsibility to review each case carefully and provide meaningful evidence or justification when disputing a complaint. Failure to comply may result in consequences such as domain suspension or deletion, temporary suspension of your reseller account or your ability to manage specific TLDs, and the pass-through of any fines imposed by the registry.
 

Was this article helpful?
Additional questions? Submit a request