All your API requests can be made via HTTP or HTTPS. For security reasons, we would however strongly recommend that you use HTTPS for all requests. Our servers use SHA-256 certificates and support TLS v1.2 and 1.3.
Dotdigital accounts belong to different regions, depending upon where they are based in the world. Our APIs require you to use the correct API endpoint for your region. This is important as you cannot use an API endpoint belonging to a different region.
If you don't know your account's correct API endpoint, then you can find this out in a couple of ways:
- In-app: Expand the User menu in the bottom left and go to Settings > Access > API users. Your API endpoint is displayed at the top of the page. Only account owners or users with the Can manage account permission enabled can view the Access area.
- Using the API: Call Get account information/GetCurrentAccountInfo using r1-api.dotdigital.com as the endpoint (regardless of what region you're in), and this returns your account's correct endpoint.
The regions are:
|Region||Region id||API Domain|
Make sure you're using the correct regional API endpoint for your account
This is important as you cannot use an API endpoint belonging to a different region, and instead will receive a 403 - Forbidden: Access is denied error. See above for details of now to find your accounts region.
We will only accept connections using TLS 1.2
For security reasons we do not accept SSL connections negotiated using TLS 1.0-1.1 anymore, and almost all OS's support TLS 1.2.
If you are using .Net this is usually done automatically for you, but on versions of .Net prior to 4.6 TLS 1.2 is supported but is not the default protocol, and needs to be set explicitly.
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
See this article for more information.
Updated about 2 months ago