The Domains API provides full control over how your services are exposed to the internet. You can attach multiple domains to an application or Compose service, generate wildcard subdomains, manage Let’s Encrypt and custom TLS certificates, set up HTTP-to-HTTPS redirects, protect routes with HTTP Basic Authentication, and open raw TCP or UDP ports. Traefik handles the underlying routing and certificate management.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Nettalco/dokploy/llms.txt
Use this file to discover all available pages before exploring further.
Endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /domain.create | Add a domain to a service |
| GET | /domain.byApplicationId | List domains for an application |
| GET | /domain.byComposeId | List domains for a Compose stack |
| POST | /domain.generateDomain | Auto-generate a subdomain |
| GET | /domain.canGenerateTraefikMeDomains | Check if wildcard generation is available |
| POST | /domain.update | Update a domain record |
| GET | /domain.one | Fetch a domain by ID |
| POST | /domain.delete | Delete a domain |
| POST | /domain.validateDomain | Validate domain DNS propagation |
| POST | /certificates.create | Upload a custom TLS certificate |
| GET | /certificates.one | Fetch a certificate by ID |
| POST | /certificates.remove | Delete a certificate |
| GET | /certificates.all | List all certificates |
| POST | /redirects.create | Create an HTTP redirect rule |
| GET | /redirects.one | Fetch a redirect by ID |
| POST | /redirects.delete | Delete a redirect rule |
| POST | /redirects.update | Update a redirect rule |
| POST | /security.create | Add a Basic Auth security rule |
| GET | /security.one | Fetch a security rule by ID |
| POST | /security.delete | Delete a security rule |
| POST | /security.update | Update a security rule |
| POST | /port.create | Expose a TCP/UDP port |
| GET | /port.one | Fetch a port rule by ID |
| POST | /port.delete | Delete a port rule |
| POST | /port.update | Update a port rule |
Key Endpoints
POST /domain.create
Attach a custom domain to an application or Compose service. Traefik will start routing traffic for this domain immediately after creation.
The fully qualified domain name (e.g.,
app.example.com).ID of the application to attach the domain to. Use either this or
composeId.ID of the Compose stack to attach the domain to.
URL path prefix for path-based routing (default:
/).Container port the domain should route to (default:
3000).Enable HTTPS for this domain (default:
false).TLS certificate type:
none, letsencrypt, or custom.For Compose stacks, the specific service name to route to.
Unique ID of the created domain record.
POST /domain.generateDomain
Automatically generate a traefik.me-based wildcard subdomain for the service — no DNS configuration required.
ID of the application. Use this or
composeId.ID of the Compose stack.
The generated wildcard domain (e.g.,
abc123.traefik.me).POST /certificates.create
Upload a custom TLS certificate and private key for use with domains.
Display name for the certificate.
PEM-encoded certificate chain.
PEM-encoded private key.
POST /security.create
Add HTTP Basic Authentication to a domain. All requests to the domain will prompt for credentials.
ID of the application to protect.
Basic auth username.
Basic auth password (stored as a hashed credential).
POST /port.create
Expose a TCP or UDP port on the host to route traffic directly to a container port. Useful for non-HTTP protocols.
ID of the application.
Host port to listen on.
Container port to forward to.
Protocol:
tcp or udp.Notes
domain.validateDomain checks whether DNS has propagated to the server’s IP before issuing a Let’s Encrypt certificate, reducing failed cert issuance.