URIports API

The URIports API lets you manage monitored domains and access DMARC monitoring status. API access is available on the Stone plan and higher.

Table of Contents

Base URL

https://app.uriports.com/api/v1

Authentication

The API uses API keys for authentication.

API keys can be created in the URIports settings under Settings → API Keys.

Include the key in the Authorization header using the Bearer scheme.

Example

Authorization: Bearer urp_xxxxxxxx.yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

Notes

  • API keys must be kept secret.
  • API keys cannot be retrieved after creation.
  • You may create multiple keys for different systems or integrations.
  • API keys can be disabled or deleted at any time.

Quick Start

You can test the API immediately using a single command.

curl https://app.uriports.com/api/v1/dmarc \
  -H "Authorization: Bearer YOUR_API_KEY"

Example response:

{
  "success": true,
  "data": [
    {
      "domain": "example.com",
      "p": "reject",
      "sp": "reject",
      "pct": 100,
      "dmarc": 100.0,
      "dkim": 100.0,
      "spf": 100.0,
      "count": 4
    }
  ]
}

Replace YOUR_API_KEY with the API key generated in your URIports settings.

Rate Limits

API requests are rate limited to ensure fair use and system stability.

Endpoint Limit
/domains 30 requests per hour
/dmarc 10 requests per hour

The API returns rate limit headers:

X-RateLimit-Limit
X-RateLimit-Remaining
X-RateLimit-Reset

Example:

X-RateLimit-Limit: 30
X-RateLimit-Remaining: 28
X-RateLimit-Reset: 1710003600

Request Format

Requests that send data must use JSON.

Header:

Content-Type: application/json

Rules:

  • The request body must be a JSON object

Response Format

All API responses use the same structure.

Success response

{
  "success": true,
  "data": { }
}

Error response

{
  "success": false,
  "error": {
    "code": "invalid_json",
    "message": "Request body must contain valid JSON."
  }
}

Each response also includes a request identifier header:

X-Request-Id

This identifier can be used when contacting support.

Endpoints

GET /api/v1/dmarc

Returns DMARC monitoring status for all monitored domains.

Example

curl https://app.uriports.com/api/v1/dmarc \
  -H "Authorization: Bearer YOUR_API_KEY"

Example response

{
  "success": true,
  "data": [
    {
      "domain": "example.com",
      "p": "reject",
      "sp": "reject",
      "pct": 100,
      "dmarc": 100.0,
      "dkim": 100.0,
      "spf": 100.0,
      "count": 4
    }
  ]
}

Fields:

Field Description
domain monitored domain
p DMARC policy
sp subdomain policy
pct policy percentage
dmarc DMARC alignment percentage
dkim DKIM alignment percentage
spf SPF alignment percentage
count email volume

DMARC data updates daily based on incoming reports, so retrieving it more than once per day is redundant.

GET /api/v1/domains

Returns all monitored domains in the account.

Example

curl https://app.uriports.com/api/v1/domains \
  -H "Authorization: Bearer YOUR_API_KEY"

Example response

{
  "success": true,
  "data": {
    "domains": [
      "example.com",
      "example.org"
    ]
  }
}

POST /api/v1/domains

Adds one or more domains to the monitored domain list.

Example request body

{
  "domains": [
    "example.com",
    "example.org"
  ]
}

Example request

curl https://app.uriports.com/api/v1/domains \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domains":["example.com","example.org"]}'

Example response

{
  "success": true,
  "data": {
    "message": "Domains added successfully. Background processing has started.",
    "domains": [
      "example.com",
      "example.org"
    ],
    "count": 2
  }
}

Notes

  • Domains must be valid hostnames.
  • Duplicate domains are rejected.
  • A maximum of 50 domains may be submitted per request.

DELETE /api/v1/domains

Removes one or more monitored domains.

Example request body

{
  "domains": [
    "example.com"
  ]
}

Example request

curl https://app.uriports.com/api/v1/domains \
  -X DELETE \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domains":["example.com"]}'

Example response

{
  "success": true,
  "data": {
    "message": "Domains deleted successfully.",
    "domains": [
      "example.com"
    ],
    "count": 1
  }
}

Notes

A domain cannot be removed if it is still actively used in certain monitoring features. You'll receive errors when this is the case.

Error Codes

Common API errors.

Code Meaning
unauthorized Invalid or missing API key
rate_limited Too many requests
invalid_json Request body contains invalid JSON
invalid_request_body Request body missing or unreadable
unknown_field Request contains unsupported fields
missing_field Required field missing
invalid_field_type Field has incorrect type
invalid_domain Domain syntax invalid
domain_delete_failed Domain could not be removed
request_too_large The request body is too large

Support

If you encounter issues using the API:

  • Verify your API key is valid
  • Check the rate limit headers
  • Use the X-Request-Id when contacting support

For further assistance please contact URIports support.