Domain Security API Documentation
Free, public API to check SPF, DKIM, DMARC, MX records, and nameserver configuration for any domain. No authentication required.
Quick Start
# Example request
curl "https://api.nhmohio.com/?domain=example.com"Base URL
https://api.nhmohio.com/Method
GETNo Authentication Required
This API is free and open for public use. No API keys, tokens, or signup required. Rate limits may apply for excessive use.
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
domain | string | Yes | The domain name to check (e.g., example.com) |
Domain Format
Pass only the domain name without protocol or path. Use example.com not https://example.com or www.example.com.
Response Format
The API returns a JSON object with the following structure:
{
"success": true,
"domain": "example.com",
"records": {
"spf": {
"status": "ok" | "missing" | "error",
"record": "v=spf1 include:_spf.google.com ~all",
"issues": ["Optional array of detected issues"]
},
"dkim": {
"status": "ok" | "missing" | "error",
"record": "v=DKIM1; k=rsa; p=...",
"issues": []
},
"dmarc": {
"status": "ok" | "missing" | "error",
"record": "v=DMARC1; p=reject; ...",
"issues": []
},
"mx": {
"status": "ok" | "missing",
"records": [
{ "priority": 1, "exchange": "aspmx.l.google.com" },
{ "priority": 5, "exchange": "alt1.aspmx.l.google.com" }
],
"issues": [],
"isMicrosoft365": false,
"isGoogleWorkspace": true
},
"nameservers": {
"status": "found" | "error",
"nameservers": [
{ "nameserver": "ns1.example.com", "provider": "Cloudflare" }
],
"provider": {
"name": "Cloudflare",
"url": "https://dash.cloudflare.com"
},
"issues": []
}
},
"summary": {
"issues": ["Array of overall issues found"]
}
}Response Fields
success
Boolean indicating whether the API request was successful. Check this first before processing results.
records.spf
SPF (Sender Policy Framework) record information. The status field indicates if SPF is properly configured.
records.dkim
DKIM (DomainKeys Identified Mail) record information. Checks common selectors like default, google, selector1, and selector2.
records.dmarc
DMARC (Domain-based Message Authentication) record information. Includes policy analysis and configuration recommendations.
records.mx
MX (Mail Exchange) records with priority values. Includes detection for common email providers like Microsoft 365 and Google Workspace.
records.nameservers
Nameserver information with provider detection. Includes direct links to DNS management portals when available.
Status Values
Record is properly configured and no issues were detected.
Record exists but has configuration issues that should be addressed.
Record is not configured. This typically requires action.
Code Examples
cURL
curl "https://api.nhmohio.com/?domain=example.com"
JavaScript / TypeScript
const response = await fetch(
"https://api.nhmohio.com/?domain=example.com"
);
const data = await response.json();
if (data.success) {
console.log("SPF Status:", data.records.spf.status);
console.log("DKIM Status:", data.records.dkim.status);
console.log("DMARC Status:", data.records.dmarc.status);
}Python
import requests
response = requests.get(
"https://api.nhmohio.com/",
params={"domain": "example.com"}
)
data = response.json()
if data["success"]:
print(f"SPF: {data['records']['spf']['status']}")
print(f"DKIM: {data['records']['dkim']['status']}")
print(f"DMARC: {data['records']['dmarc']['status']}")PHP
$domain = "example.com";
$url = "https://api.nhmohio.com/?domain=" . urlencode($domain);
$response = file_get_contents($url);
$data = json_decode($response, true);
if ($data["success"]) {
echo "SPF: " . $data["records"]["spf"]["status"] . "\n";
echo "DKIM: " . $data["records"]["dkim"]["status"] . "\n";
echo "DMARC: " . $data["records"]["dmarc"]["status"] . "\n";
}Use Cases
AI Assistants & Chatbots
Integrate domain security checks into AI tools and chatbots to help users diagnose email delivery issues.
Security Audits
Automate email security audits by checking multiple domains programmatically.
IT Management Tools
Build monitoring dashboards to track email authentication status across client domains.
Email Deliverability
Diagnose why emails are landing in spam by checking sender authentication records.
Need Help With Email Security?
Our team can help you configure SPF, DKIM, and DMARC records correctly for your domain.