Domain Registration (RDAP): a beginner's guide
Get domain registration data via RDAP — the post-WHOIS standard. Detects privacy-proxy registrants and GDPR redactions.
WHOIS, the public registry of who owns what domain
WHOIS (pronounced "who is") is a public database of who registered every domain name on the internet. When you buy a domain — `example.com`, `mybrand.io`, `cool-startup.dev` — the registrar that sold it to you submits a record to a public registry that includes the registrant's name, organization, address, email, the registration date, the expiry date, and the domain's nameservers. Anyone in the world can query that database for free. WHOIS has been around since 1982 and is one of the oldest pieces of internet infrastructure still in active use. A newer protocol called RDAP (Registration Data Access Protocol) is gradually replacing WHOIS with a structured JSON format, but the underlying data is the same.
You should care because WHOIS is the only public source of truth about who actually controls a domain, and that information is sometimes the only way to answer high-stakes questions: Is this domain about to expire and become hijackable? Is this competitor about to lose their main brand? Is the supplier I'm about to wire money to actually a real registered business or an anonymous shell? Is this typosquatting domain owned by my brand or by someone targeting it? In every one of those situations, WHOIS is the first place to look.
The five fields every WHOIS check returns:
Registrant — the name and (sometimes) the organization that owns the domain. Often redacted for privacy under GDPR on `.com`/`.net` and similar TLDs since 2018.
Registrar — the company that sold the domain (GoDaddy, Namecheap, Cloudflare Registrar, Google Domains, etc.).
Registration and expiry dates — when the domain was first registered and when it next has to be renewed. The expiry date is critical for high-value domains.
Nameservers — the DNS servers responsible for answering queries about this domain. This is how you can tell at a glance whether a domain is on Cloudflare, Route 53, GoDaddy, or somewhere else.
Status codes — flags like `clientTransferProhibited` (the registrant has locked the domain to prevent transfers) or `clientHold` (the registrar has suspended the domain).
Three questions a WHOIS check answers:
Who actually owns this domain, and when does it expire?
Is this domain locked against transfers, or could a scammer move it?
Is the WHOIS data consistent with a legitimate, established business — or with a brand-new shell?
The cost of skipping a WHOIS check is making decisions about a domain without any actual data on who controls it. The fix is one query and zero dollars. This is also the standard first step in any abuse investigation, brand-protection sweep, or M&A due-diligence pass on a target company. Both the legacy WHOIS protocol and its modern RDAP successor are documented at ICANN's lookup tool.
The Domain Registration (RDAP) endpoint, in plain language
In one sentence: Get domain registration data via RDAP (Registration Data Access Protocol) — the post-WHOIS standard. Detects privacy-proxy registrants and GDPR (General Data Protection Regulation) redactions.
Retrieves comprehensive domain registration data via RDAP (Registration Data Access Protocol). As of January 2025, ICANN officially sunsetted WHOIS (who is) for gTLDs — RDAP is now the definitive source. Returns registrar details (name, IANA ID, URL (web address)), registration dates (created, updated, expires) with computed age and expiry indicators, EPP status codes, authoritative nameservers, DNSSEC (Domain Name System Security Extensions) signing status, and registrant/admin/tech contacts (name, organization, email, phone, address). Results are cached for 1 hour.
Don't worry if some of the words above are still unfamiliar — there's a plain-language glossary at the bottom of this page, and most of the terms link to their own beginner guides if you want to learn more.
What is actually happening when you call it
Here's what's actually happening behind the scenes when you call this endpoint:
Queries RDAP (Registration Data Access Protocol) servers (the official internet standard, the official internet standard bootstrap) to retrieve domain registration metadata including registrar name, IANA accreditation ID, and URL (web address); registration dates (created, updated, expires) with computed domain age in days, newly-registered flag (< 30 days), days until expiry, and expiring-soon flag (< 30 days); EPP status codes (clientTransferProhibited, serverHold, redemptionPeriod, etc.); authoritative nameservers; DNSSEC (Domain Name System Security Extensions) signing status; and registrant, administrative, and technical contacts. Detects privacy-proxy registrants (WhoisGuard, PrivacyGuardian, Withheld for Privacy, Domains By Proxy, Cloudflare Registrar, etc.) and surfaces a `contacts.redacted` flag with `redaction_reason` when GDPR (General Data Protection Regulation) / ICANN privacy policy suppresses identifying fields, so compliance reports can distinguish "redacted" from "missing data". Enriches the registrar against the IANA registrar registry — `registrar.is_accredited` and `registrar.country` derive from a curated subset of the official IANA Registrar IDs assignment. For ccTLDs without RDAP support, falls back to legacy WHOIS (who is) over TCP port 43 (the official internet standard) and surfaces the protocol used via the `protocol` field. Optionally returns the raw upstream response via include_raw.
If you're using an AI assistant through MCP, you don't need to understand any of the technical details — the assistant calls the tool and translates the result for you.
Why this specific tool matters
Let's skip the marketing fluff and answer the only question that actually matters: why should you, a real human with a real to-do list, care about the Domain Registration (RDAP) tool? Here's the plain-English version, written the way you'd hear it from a friend who happens to do this for a living.
ICANN officially sunsetted WHOIS (who is) for gTLDs on 28 January 2025 — RDAP (Registration Data Access Protocol) is now the canonical source for gTLD registration data, and EdgeDNS handles automatic locating automatically. Privacy-proxy detection and GDPR-redaction transparency give fraud and threat-intel teams the context they need to triage "newly-registered + privacy-shielded + sketchy nameservers" patterns without writing those pattern-matching rules themselves. The port-43 fallback covers the long tail of ccTLDs (.de, .it, .br, .au, .nz, .jp, etc.) where RDAP coverage is partial, so callers don't silently 5xx on otherwise-valid domains.
Picture this in real life. Imagine a business development. Here's the situation they're walking into: Before purchasing a domain, verify ownership history, registration dates, and any existing disputes or holds. Without the right tool, that person would be stuck copy-pasting between five browser tabs, reading documentation written for engineers, and crossing their fingers that the answer they cobble together is correct. With the Domain Registration (RDAP) tool, the same person gets a clear answer in seconds — no spreadsheets, no guessing, no waiting for someone on the infrastructure team to free up.
Three questions this tool answers in plain English. If any of these have ever crossed your mind, the Domain Registration (RDAP) tool is built for you:
Is my domain pointing to the right place right now?
Did the DNS change I just made actually take effect everywhere in the world?
Is anything in my DNS misconfigured in a way that could break email or break the website?
You can either click the tool and get the answer yourself, or ask your AI assistant — connected through MCP (Model Context Protocol) — to ask the question for you and translate the answer into something you can paste into Slack.
Who gets the most out of this. Founders running their own infrastructure, marketers coordinating launches, IT admins inheriting domains from a former employee, and ops engineers troubleshooting live outages. If you see yourself in that list, this is one of the EdgeDNS tools you should bookmark today.
What happens if you skip this entirely. Skip it and you're flying blind on the one piece of config that decides whether your website and email work at all. That's why running this check — even once a month — is one of the cheapest forms of insurance you can give your domain.
Available on the free plan. The technical details: `GET /v1/domain/whois`.
When would I actually use this?
If you're still on the fence about whether the Domain Registration (RDAP) tool belongs in your toolbox, this section is for you. Below you'll meet three real people — a business development, a security analyst, and a product manager — facing three real situations where this tool turns a stressful afternoon into a five-minute task. Read whichever story sounds closest to your week.
Story 1: Due Diligence for Domain Acquisition
Imagine you're a business development. Before purchasing a domain, verify ownership history, registration dates, and any existing disputes or holds.
Why it matters: Avoid purchasing domains with legal issues or poor reputation history.
Story 2: Phishing Domain Detection
Imagine you're a security analyst. Investigate suspicious domains reported by users. RDAP (Registration Data Access Protocol) data reveals registration date, registrar, and EPP status — newly registered domains from budget registrars with privacy enabled are strong phishing indicators.
Why it matters: Quickly triage phishing reports by identifying domains registered within the last 30 days with high-risk registration patterns.
Story 3: Competitive Intelligence
Imagine you're a product manager. Monitor when competitors register new domains to anticipate product launches or market expansions.
Why it matters: Stay ahead of competitor moves with early visibility into their domain portfolio.
Common situations across teams. Beyond the three stories above, here are the everyday workplace moments when people across the company reach for the Domain Registration (RDAP) tool — or one of the tools right next to it in this category. If any of these are on your calendar this month, that's your sign:
Right before launching a new website or migrating to a new host.
After making any DNS change, to confirm the new settings are live everywhere.
When customers report that your site or email "just stopped working" out of nowhere.
As a recurring monthly health check to catch silent misconfigurations early.
If you can see yourself in even one of those bullets, the Domain Registration (RDAP) tool will pay for itself the first time you use it.
Still not sure? Here's the easiest test in the world. Open Claude, ChatGPT, Gemini, or any other AI assistant connected to the EdgeDNS MCP server and ask, in your own words: "Is the Domain Registration (RDAP) tool useful for my job?" The assistant will look at the tool, ask you a couple of follow-up questions about what you're trying to accomplish, and give you a straight answer in plain English. No commitment, no signup forms, no jargon.
The easiest way: just ask your AI assistant
If you've connected the EdgeDNS MCP server to Claude, ChatGPT, Gemini, Cursor, or any other AI assistant, you don't need to write any code. Just ask in plain English:
"Use the Domain Registration (RDAP) tool to check example.com and explain anything that looks wrong in plain language."
The AI will figure out which tool to call, fill in the right parameters, run it, and then explain the result back to you. No copy-pasting between tabs. No reading raw JSON. No memorizing endpoint names.
MCP (Model Context Protocol) access is free on every plan, including the free tier. One API key works for both REST and AI — you do not have to choose.
The technical way: call it from code
If you're a developer and want to call the endpoint from a script or your own application, here's the simplest possible example. Replace the placeholder API key with the real one from your dashboard.
# Replace edns_live_YOUR_KEY with your real API key from the dashboard
curl -H "Authorization: Bearer edns_live_YOUR_KEY" \
"https://api.edgedns.dev/v1/domain/whois?domain=example.com"What you need to provide
You need to provide 2 pieces of information when you call this tool. The table below lays them out side by side, with a real example for each one so you can see exactly what to send.
| Field | Type | Required? | What it means | Example |
|---|---|---|---|---|
domain | string | Yes | The domain name to lookup (e.g., example.com) | example.com |
include_raw | string | Optional | Set to "true" to include the full raw RDAP (Registration Data Access Protocol) response in the output | false |
What you get back
When you call this tool, you'll get back a JSON object with the fields below. If you're talking to it through an AI assistant, the assistant reads these for you and explains them in plain language — you don't need to memorize them.
| Field | Type | What you'll see in it |
|---|---|---|
domain | string | The queried domain |
protocol | string | Source protocol: "rdap" (canonical for gTLDs), "whois43" (port-43 fallback for ccTLDs without RDAP (Registration Data Access Protocol)), or "unsupported" |
status | array | EPP status codes (clientTransferProhibited, serverHold, redemptionPeriod, etc.) |
registrar.name | string | Registrar name |
registrar.iana_id | number | Registrar IANA accreditation ID |
registrar.url | string | Registrar URL (web address) |
registrar.is_accredited | boolean | True if the IANA ID corresponds to an ICANN-accredited registrar (any non-null IANA ID implies accreditation) |
registrar.country | string | Registrar country code from a curated subset of the IANA Registrar IDs registry; null for registrars not in the curated list |
dates.created | string | Domain registration date (ISO 8601) |
dates.updated | string | Last update date (ISO 8601) |
dates.expires | string | Expiration date (ISO 8601) |
dates.age_days | number | Domain age in days since registration |
dates.is_newly_registered | boolean | True if domain is less than 30 days old |
dates.days_until_expiry | number | Days remaining until expiration |
dates.is_expiring_soon | boolean | True if domain expires within 30 days |
nameservers | array | Authoritative nameservers for the domain |
dnssec | boolean | Whether domain has DNSSEC (Domain Name System Security Extensions) signing enabled at the registry |
contacts.registrant | object | Registrant contact: name, organization, email, phone, address (street, city, state, postal_code, country). Null when the protocol does not surface contact data. |
contacts.admin | object | Administrative contact: name, organization, email, phone, address |
contacts.tech | object | Technical contact: name, organization, email, phone, address |
contacts.redacted | boolean | True when contact identifying fields are suppressed by registry / registrar privacy policy (per GDPR (General Data Protection Regulation) or ICANN temporary specification) |
contacts.redaction_reason | string | Human-readable reason when redacted=true; null otherwise |
is_privacy_proxy | boolean | True when the registrant organization matches a known privacy-proxy service (WhoisGuard, PrivacyGuardian, Withheld for Privacy, Domains By Proxy, Cloudflare Registrar, etc.) |
privacy_proxy_provider | string | Name of the matched privacy-proxy service when is_privacy_proxy=true; null otherwise |
raw | object | Full raw upstream response (RDAP (Registration Data Access Protocol) JSON (JavaScript Object Notation) or WHOIS (who is) text), only when include_raw=true |
Words you might be wondering about
If any words on this page felt like jargon, here's a plain-language version. Click any linked term to read a full beginner-friendly guide.
URL (web address) — The full address of a page, like https://example.com/about.
DNSSEC (Domain Name System Security Extensions) — A way to digitally sign DNS records so attackers can't trick your computer into looking up the wrong server.
WHOIS (who is) — A public record that tells you who registered a domain name, when, and through which company. Modern WHOIS is now called RDAP but most people still say 'WHOIS'.
RDAP (Registration Data Access Protocol) — The structured-JSON replacement for legacy WHOIS, defined in RFC 7480. ICANN officially sunsetted gTLD WHOIS on 28 January 2025, making RDAP the canonical source for gTLD registration data.
GDPR (General Data Protection Regulation) — Europe's privacy law. Requires websites to be transparent about what personal data they collect and how they use it.
RFC (Request for Comments) — The official internet standards documents. When someone says 'RFC 8484' they mean a specific numbered standards document — in that case, the one defining DNS over HTTPS.
Need Programmatic Access?
Automate domain intelligence with 100+ API endpoints and a free MCP server for AI integration.