Closed mwullink closed 7 months ago
In the case where authInfoType is required for a info request, the client should use the POST method and include the epp request incl the authInfoType in the mesage body
client can use the REPP-authInfo header for a sinple token and use GET method
if complex token (incl roid) must be used then the client must use a complete request message and the POST method
A domain of contact info request and domain transfer may need to include a authInfoType element in the std xml request.
how do we send this to the server, using request payload in the message body for a GET request is not defined and recommended.
options are:
Until the HTTP QUERY method is standardized, we may have no option other than using a header.
rfc9110 states one should not use messagebody for GET request as the result is undefined. see: https://www.rfc-editor.org/rfc/rfc9110#section-9.3.1-6
this is the xml syntax for authInfoType: