JSON for Restful Provisioning Protocol (RPP)

Introduction The RESTful Provisioning Protocol (RPP) defines a set of data objects for managing foundational registry resources including domain names, contacts, and hosts. The data model is defined in independently of any particular representation format. This document defines the JSON representation of those data objects. JSON has emerged as the de facto standard data format for modern RESTful APIs. Its widespread adoption across tools, libraries, and developer communities makes it well suited as the primary representation format for RPP. This document provides the normative rules and JSON Schema definitions required for implementations to produce and consume RPP messages in JSON. The separation between the abstract data model and its concrete JSON representation ensures that the protocol's semantic foundation remains stable while enabling the adoption of JSON across diverse deployment environments.

Motivation The RESTful Provisioning Protocol (RPP) introduces a new provisioning mechanism that aligns more closely with modern cloud infrastructure, enhancing the scalability of server deployments. While RESTful protocols do not mandate a specific media type for resource description, the widespread adoption of JSON in web services has established it as the de facto standard for modern APIs. The increasing availability of tools, software libraries, and a skilled workforce has led several registries to adopt JSON for data exchange within their API ecosystems. Registries supporting JSON can offer a unified API ecosystem that extends beyond domain name and IP address provisioning, maintaining a consistent technology stack, data formats, and developer experience. JSON's syntax, known for its straightforwardness and minimal verbosity, significantly eases the tasks of writing, reading, and maintaining code. This simplicity is especially advantageous for the rapid comprehension and integration of provisioning APIs. The lightweight nature of JSON can result in faster processing and data transfers, a critical aspect in high-volume transaction environments such as domain registration. Enhanced API response times can lead to more efficient domain lookups, registrations, and updates. JSON parsing is typically fast and well-supported by standard libraries, contributing to improved system performance amid frequent interactions between RPP clients and servers. However, the absence of a standardised JSON format for domain provisioning has led to the emergence of TLD-specific implementations that lack interoperability, increasing the development effort required for integration. Similarly, at the registrar level, the absence of standards has resulted in numerous incompatible API implementations provided to clients and resellers. Standardising a JSON format for domain provisioning within the RPP framework could mitigate these challenges, reducing fragmentation and simplifying integration efforts across the domain registration industry.

Terminology In this document the following terminology is used. RPP Data Objects - The abstract data model definitions for domain name, contact, and host resources, as specified in . RESTful Provisioning Protocol - A RESTful protocol for provisioning heterogeneous database objects. JSON Schema - A vocabulary that allows annotation and validation of JSON documents, as described in . EPP Compatibility Profile - A set of additional constraints defined in that a server MUST adhere to when supporting both RPP and EPP concurrently.

Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in . JSON is case sensitive. Unless stated otherwise, JSON specifications and examples provided in this document MUST be interpreted in the character case presented. The examples in this document assume that request and response messages are properly formatted JSON documents. Indentation and white space in examples are provided only to illustrate element relationships and for improving readability, and are not REQUIRED features of the protocol. All JSON Schema definitions in this document use JSON Schema draft 2020-12 , and where not provided with a $schema keyword, the following default applies:

JSON Representation Rules This section defines the normative rules for representing the RPP data model in JSON. The data model is specified in , which defines all primitive types, common data types, component objects, resource objects, and associations independently of any concrete representation format. The rules in this section specify how those abstract definitions map to JSON and JSON Schema version 2020-12.

Primitive Type Mappings RPP primitive types MUST be represented in JSON as follows:

RPP Primitive Type	JSON Type	Notes
String	`string`	Unicode character sequence
Integer	`integer`	Whole number, positive or negative
Boolean	`boolean`	`true` or `false`
Decimal	`number`	Base-10 fractional value
Date	`string`	Full-date as per , e.g. `"2025-10-27"`
Timestamp	`string`	Date-time in UTC as per , e.g. `"2025-10-27T09:42:51Z"`
URL	`string`	Uniform Resource Locator as per
Binary	`string`	Base64-encoded binary data

Cardinality Rules The cardinality of each data element in the RPP data model MUST be represented as follows in JSON: Rule 1: A data element with cardinality 1 (exactly one) MUST be represented as a JSON property and MUST be present in the containing JSON object. The element MUST be listed under required in the corresponding JSON Schema. Rule 2: A data element with cardinality 0-1 (zero or one) MUST be represented as an optional JSON property. The element MUST NOT be listed under required in the corresponding JSON Schema. When absent, the element MUST be omitted from the JSON object (not represented as null). Rule 3: A data element with cardinality 0+ (zero or more) MUST be represented as an optional JSON array. When no values are present, the property MUST be omitted or represented as an empty array. Rule 4: A data element with cardinality 1+ (one or more) MUST be represented as a required JSON array with "minItems": 1 and the element MUST be listed under required in the corresponding JSON Schema.

Mutability Rules Data elements in the RPP data model carry a mutability attribute: create-only, read-only, or read-write. These MUST be represented in JSON Schema as follows: Rule 5: Data elements with mutability read-only MUST be annotated with "readOnly": true in the JSON Schema. Clients MUST NOT include read-only properties in create or update request bodies. Servers MUST ignore any read-only properties provided by a client in a request. Rule 6: Data elements with mutability create-only MUST be annotated with "writeOnly": true in the JSON Schema for request schemas, and excluded from update request schemas. Servers MUST reject requests that attempt to modify a create-only element after object creation. Rule 7: Data elements with mutability read-write have no additional annotation. They MAY appear in both request and response bodies.

Association Rules The RPP data model defines several association types between objects, the following rules specify their JSON representations. A Aggregation represents a relationship between two independent objects, where one object references another. A Composition represents a parent-child relationship where the child object is embedded within the parent object and cannot exist independently.

Labelled associations Some associations between objects carry a string label that provides additional context for the relationship. The label is not an identifier of the target object, but rather a descriptor of the association itself. Labelled associations can occur in both aggregations and compositions. When representing labelled associations in JSON, the property label MUST be included alongside the reference to the target object. A property with the name object MUST be used to contain the reference to the target object, which can be either limited representation containing at minimum the primary object identifier for aggregations or an embedded object for compositions.

Aggregation An Aggregation[Type] represents a relationship between two independent objects. When the cardinality allows more than one target, it MUST be represented as a JSON array. Each element of the array MUST be the identifier of the referenced object. Rule 8: Aggregation[Type] with cardinality 0+ or 1+ MUST be represented as a JSON array of embedded objects. Each object in the array MUST include the data elements of the referenced object type that are relevant to the context (at minimum the primary identifier field). Other data elements of the referenced object type MAY be included as needed to provide additional context for the client, but are not required. The JSON Schema MUST allow for the presence of these additional fields. Example: domain nameservers (Aggregation[Host Data Object]) in a read response, returning a limited object representation, only cvontaining the primary identifier field hostName:

Composition A Composition[Type] represents a parent-child relationship where the child's lifecycle is bound to the parent and the child cannot exist independently of the parent. In JSON, the child object MUST be fully embedded within the parent object. The JSON representation of a composition is the same as that of an aggregation. The distinction between the two is semantic and does not affect the JSON structure.

Labelled Aggregation A LabelledAggregation[Type] is a relationship between two independent objects where each association carries a string label. Multiple associations with the same label are allowed. Rule 9: LabelledAggregation[Type] with cardinality 0+ MUST be represented as a JSON array of objects. Each object in the array MUST contain a label property (string) alongside the identifier of the referenced object. The object MUST include at least the primary identifier field of the referenced object type. Other data elements of the referenced object type MAY be included as needed to provide additional context for the client, but are not required. The JSON Schema MUST allow for the presence of these additional fields. Example: domain contacts (LabelledAggregation[Contact Object]):

Dictionary Aggregation A DictionaryAggregation[Type] is a relationship between two independent objects where each association carries a unique string label that serves as a dictionary key. Rule 10: DictionaryAggregation[Type] MUST be represented as a JSON object where each key is the unique label and the corresponding value is the referenced object, the object MUST include at least the primary identifier field of the referenced object type. Other data elements of the referenced object type MAY be included as needed to provide additional context for the client, but are not required. The JSON Schema MUST allow for the presence of these additional fields. Example: domain contacts keyed by unique role (DictionaryAggregation[Contact Object]):

Labelled Composition A LabelledComposition[Type] is a parent-child relationship where each embedded child carries a string label. Multiple instances with the same label are allowed. Rule 11: LabelledComposition[Type] with cardinality 0+ MUST be represented as a JSON array of embedded objects. Each object in the array MUST contain a label property alongside the data elements of the composed type. Example: contact postal info (LabelledComposition[Postal Info Object]):

Dictionary Composition A DictionaryComposition[Type] is a parent-child relationship where each embedded child carries a unique string label used as a dictionary key. Rule 12: DictionaryComposition[Type] MUST be represented as a JSON object where each key is the unique label and the corresponding value is the fully embedded child object. Example: contact postal info (DictionaryComposition[Postal Info Object]):

Object Identifier Rules Rule 13: When a resource or component object is referenced by identifier (for example in an aggregation), the identifier MUST be represented as a JSON string using the value of the object's primary identifier data element. Rule 14: When a resource or component object is embedded (as in a composition), all data elements of the object MUST be represented as properties of a JSON object according to the rules of this section.

JSON Schema Definition Rules Rule 15: Each RPP component object and resource object MUST have a corresponding JSON Schema definition. Object definitions MUST be placed in the $defs keyword of the JSON Schema document. Rule 16: Identifier fields MUST use "type": "string" in JSON Schema. Rule 17: Enumeration constraints on string fields MUST be expressed using the "enum" keyword in JSON Schema. Example (Transfer Status enum): Rule 18: Each JSON Schema definition for an RPP object MUST include a "required" array listing all data elements with cardinality 1 or 1+. Rule 19: JSON Schema definitions for shared RPP objects MUST NOT use "additionalProperties": false if the schema is intended to be extended, However, root schemas MUST use "unevaluatedProperties": false to prevent the presence of undeclared properties in JSON subschemas. Rule 20: Every RPP object representation MUST include a "@type" property whose value is the object's identifier as registered in the IANA RPP Data Object Registry. This property enables identification and allows clients and servers to unambiguously determine the type of an object. The "@type" property MUST be included in the JSON Schema "properties" object for each RPP object definition with a "const" constraint fixing the value to the object's registered identifier. The "@type" property MUST be listed in the "required" array of the corresponding JSON Schema definition. Example (Domain Name Data Object): Rule 21: When a transfer request or other operation requires authorization information (e.g., EPP-style authinfo), the client MUST NOT include the authorisationInformation object in the JSON request body. Instead, the client MUST convey the authorization information using the RPP-Authorization HTTP request header as defined in . Servers MUST reject any request that includes an authorisationInformation object in the JSON body with an appropriate error response.

RPP Profiles and Validation RPP profiles, such as the EPP Compatibility Profile defined in , may impose additional constraints on top of the base RPP data model. These additional constraints MUST be enforced by implementations through validation rules that go beyond what can be expressed in JSON Schema. Such validation rules MUST be clearly documented in the profile specification and implemented by both clients and servers when operating under that profile. For example, the EPP Compatibility Profile requires that certain fields be present in specific object types, and that certain identifier fields conform to EPP syntax rules. These constraints cannot be fully captured in JSON Schema and therefore require additional validation logic in implementations.

JSON Schema Definitions This section provides normative JSON Schema definitions for RPP component objects and resource objects. All schemas use JSON Schema draft 2020-12 .

Common Component Schemas This section defines shared data types that are based on the primitive data types above and are re-used across multiple data object definitions.

Identifier Identifiers are character strings with a specified minimum length, a specified maximum length, and a specified format outlined in . Identifiers for certain object types MAY have additional constraints imposed either by server policy, object-specific specifications, or both.

Client Identifier Client identifiers are character strings with a specified minimum length, a specified maximum length, and a specified format. Client identifiers use the clIDType syntax described in . In JSON, a Client Identifier MUST be represented as a string value.

Phone Number Telephone number syntax is derived from structures defined in . Telephone numbers described in this specification are character strings that MUST begin with a plus sign ("+", ASCII value 0x002B), followed by a country code defined in , followed by a dot (".", ASCII value 0x002E), followed by a sequence of digits representing the telephone number. An optional "x" (ASCII value 0x0078) separator with additional digits representing extension information can be appended to the end of the value. In JSON, a Phone Number MUST be represented as a string value conforming to the pattern described above.

Period Object

Provisioning Metadata Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

updatingClientId and updateDate MUST NOT be present if the object has never been modified.
transferDate MUST NOT be present if the object has never been transferred.
In EPP Compatibility Profile, repositoryId MUST be provided.

Status Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

label MUST use camelCase notation using only ASCII alphabetic characters. Labels set explicitly by the server MUST use the prefix "server"; labels set explicitly by a client MUST use the prefix "client"; all other labels MUST NOT use either prefix. The allowed set of label values depends on the provisioning object type and MAY be extended by extensions.
due: Servers MAY restrict the ability of clients to set or update this value.
When the RGP feature is supported, the following additional status labels MAY appear on objects that support RGP: addPeriod, autoRenewPeriod, renewPeriod, transferPeriod, redemptionPeriod, pendingRestore, rgpPendingDelete. The labels redemptionPeriod, pendingRestore, and rgpPendingDelete MUST only appear alongside the standard pendingDelete status.

DNS Resource Record The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

hostNamelabel MUST be a syntactically valid DNS host name in zone file string representation. Both absolute FQDNs and relative host names are allowed.
type MUST be a valid string representation of a DNS resource record type as defined in . Allowed values MAY be further constrained by server policy.
data MUST be a syntactically valid resource record data value for the given type in zone file string representation.
ttl value range MAY be constrained by server policy.

Authorisation Information Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

method MUST be one of the values registered in the IANA RPP Authorisation Method Registry as defined in . In EPP Compatibility Profile, this value MUST be "authinfo" for standard password-based authorisation.
The Authorisation Information Object is immutable. When authorisation information changes, a new instance MUST be created rather than modifying the existing one. The value of authdata MAY not be returned in read responses, depending on the method and server policy.

Postal Address Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

cc MUST be a valid two-character country code from . The JSON Schema pattern enforces uppercase alpha-2 format.
In EPP Compatibility Profile, city and cc MUST be provided.

Postal Info Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

name MAY be required by implementations when type is "PERSON". In EPP Compatibility Profile, name MUST be provided.
org MAY be required by implementations when type is "ORG".
In EPP Compatibility Profile, addr MUST be provided.

Transfer Data Object

Restore Data Object The Restore Data Object represents the current state of a restore request for an object that has entered the Redemption Grace Period (RGP). It is returned as the output of all restore operations. The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

requestDate MUST NOT be present if no restore request has been submitted yet.
reportDate MUST NOT be present if no restore report has been accepted yet.
reportDueDate MUST NOT be present when restoreStatus is not "pendingRestore".

Restore Report Object The Restore Report Object contains the redemption grace period restore report submitted by the sponsoring client as required by the RGP process (). The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

At least one and at most two statements MUST be provided.
restoreTime MAY be omitted when the restore report is submitted inline within the restore request in a single-step process.
In EPP Compatibility Profile, restoreTime MUST be present as defined in .
In EPP Compatibility Profile, exactly two statements MUST be present as defined in .

Resource Object Schemas Resource objects represent the main entities managed by RPP: domain names, contacts, and hosts. Each resource object has a corresponding root JSON Schema definition that specifies its properties, required fields, and constraints.

Domain Name Data Object The Domain Name Data Object represents a domain name and its associated provisioning data. The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

name MUST be a fully qualified domain name conforming to the syntax described in . Servers MAY restrict allowable domain names to a specific namespace for which they are authoritative. The implicit trailing dot MUST NOT be included.

Create request schema (create-only and read-write properties): Read response schema (read-write and read-only properties):

Contact Data Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

postalInfo keys MUST be either "int" (internationalised, all-ASCII) or "loc" (localised, MAY use non-ASCII characters). At most one entry of each key is allowed.

Create request schema (create-only and read-write properties): Read response schema (read-write and read-only properties):

Host Data Object The following constraints cannot be expressed in JSON Schema and MUST be enforced by implementations:

hostName MUST be a syntactically valid fully qualified host name.
If the host name is subordinate to a domain for which the server is authoritative, the superordinate domain MUST already exist in the server.

Create request schema (create-only and read-write properties): Read response schema (read-write and read-only properties):

Examples This section provides examples that follow the JSON representation rules and JSON Schema definitions specified in the previous sections. The examples illustrate typical request and response messages for domain name, contact, and host resources.

Domain Name

Create Example domain create request: Example domain create response from a server with RGP support:

Read Example domain read response:

Update Example domain update request (read-write properties): Example domain update response:

Delete The domain delete operation takes the domain name as the resource identifier in the request. No request body is required. Example domain delete response (minimal, server may return full representation):

Renew The renew operation accepts a transient currentExpiryDate parameter for validation and an optional renewalPeriod. Example domain renew request: Example domain renew response:

Transfer Request Authorization information for the transfer MUST be conveyed using the RPP-Authorization HTTP header (see Rule 21), not in the JSON request body. Example domain transfer request (pull transfer) Example domain transfer response (Transfer Data Object):

Transfer Query Example domain transfer query response (Transfer Data Object):

Restore Request Example domain restore request (without inline report; object transitions to pendingRestore state): Example domain restore response (Restore Data Object, server requires a report): Example domain restore request with inline restore report (single-step; object restored immediately): Example domain restore response with inline report (Restore Data Object, immediately restored):

Restore Report Example domain restore report request: Example domain restore report response (Restore Data Object):

Restore Query The Restore Query operation takes no request body (Parameters: None). Example domain restore query response (Restore Data Object, object in pendingRestore state): Example domain restore query response (Restore Data Object, object restored):

Contact

Create Example contact create request: Example contact create response:

Read Example contact read response:

Update TBD

Delete The contact delete operation takes the contact identifier as the resource identifier. No request body is required.

Transfer Request Authorization information for the transfer MUST be conveyed using the RPP-Authorization HTTP header (see Rule 21), not in the JSON request body. Example contact transfer request (pull transfer) Example contact transfer response (Transfer Data Object):

Transfer Query Example contact transfer query response (Transfer Data Object):

Transfer Cancel / Reject / Approve Transfer cancel, reject, and approve responses return the Transfer Data Object. The response structure is the same as the Transfer Query response above. The transferStatus value reflects the outcome of the operation (e.g. "clientCancelled", "clientRejected", or "clientApproved"). Note: Unlike domain transfers, contact transfers do not include an expiryDate field in the Transfer Data Object, as contacts do not have registration periods.

Host

Create Example host create request: Example host create response:

Read Example host read response:

Update Example host update request:

Delete The host delete operation takes the host name as the resource identifier. No request body is required. The server SHOULD reject the request if the host object is associated with any domain name objects.

Restore Request Example host restore request (without inline report; object transitions to pendingRestore state): Example host restore request response (Restore Data Object, server requires a report): Example host restore request with inline restore report (single-step; object restored immediately): Example host restore response with inline report (Restore Data Object, immediately restored):

Restore Report Example host restore report request: Example host restore report response (Restore Data Object):

Restore Query The Restore Query operation takes no request body (Parameters: None). Example host restore query response (Restore Data Object, object in pendingRestore state): Example host restore query response (Restore Data Object, object restored):

IANA Considerations TODO

Internationalization Considerations TODO

Security Considerations TODO

Acknowledgments TODO

Change History

Version 00 to 01

Updated all examples and schemas to be based on RPP Data Object and no longer on EPP XML schemas. (Issue #15)
Updated labelled and dictionary aggregation rules (Issue #17)
Added required "@type" property to all JSON Schema definitions. (Issue #20)
Updated all example domain names to use the .example TLD. (Issue #26)