An auth code (also called an authcode or EPP code) is a secret pass phrase that provides verifiable proof of ownership of a domain and is required to transfer it to another registrar. This article explains the auth code format requirements, which TLDs require one, and how to view, set, and send auth codes through the Reseller Control Panel (RCP), the Manage Web Interface (MWI), and the API.
About auth codes
The auth code is separate from the management username and password that end users use to manage their domains. It exists specifically to authorize a domain transfer, so anyone who holds the auth code can initiate a transfer of that domain.
Auth code requirements
For all CentralNic TLDs, the auth code format must meet the following requirements (see the TLD Reference Chart):
- Minimum length: 16 characters
- Maximum length: 48 characters
- Must contain a mix of upper- and lower-case characters
- Must contain at least one number
- Must contain at least one non-alphanumeric character
Note: These requirements apply only when you update an auth code. Auth codes set before the requirements took effect remain valid.
Which TLDs require an auth code
Some TLDs do not require a transfer auth code. If you cannot see or set an auth code for a TLD, refer to the TLD Reference Chart to confirm whether one is required.
Certain TLDs require the OpenSRS support team to set the auth code at the registry, so the option to set it yourself may not appear. Contact OpenSRS Support to obtain auth codes for the following TLDs:
.AC | .AT | .CH | .CZ |
.HK | .IO | .NU | .NZ |
.PL | .SE | .SH |
Auth codes for .EU and .BE domains
For the .EU and .BE ccTLDs, auth codes are generated in the OpenSRS Management Interface. To generate one:
- Sign in to the Classic Reseller Interface.
- Click Request .BE Domain Authcode or Request .EU Domain Authcode.
- Enter the domain you want to send the auth code for, then click Submit.
- The auth code is sent to the registrant contact on the domain.
Step 1: Email or set the auth code in the RCP
You can email the auth code to the admin contact or change it from the Domains section of the Reseller Control Panel.
To email the auth code to the admin contact:
- In the Domains section of the RCP, enter all or part of the domain name, then click Search.
- Click the domain you want to send the auth code for.
- Click below the auth code displayed under Transfer Auth Code and choose the option to email the auth code.
To set or change the auth code:
- In the Domains section of the RCP, enter all or part of the domain name, then click Search.
- Click the domain you want to set the auth code for.
- Click the auth code displayed under Transfer Auth Code to change it.
Step 2: View or change the auth code in the MWI
Registrants can view and change their domain auth code using the Manage Web Interface on the Domain Extras page.
- Sign in to the Manage Web Interface.
- Click Domain Extras.
- The current auth code is displayed on this page. Change it as needed, then click Save Configuration.
Managing the auth code via the API
Auth codes can be sent through the API using the send_authcode command.
Note: The auth_info_check API command no longer works for CentralNic TLDs because of their GDPR implementation.
Next steps
- Start a domain transfer once you have the auth code. See Domain transfers.
- Check TLD-specific transfer rules in the TLD Reference Chart.
Questions? Contact OpenSRS Support.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.