What are API Scopes?
Scopes are an additional layer of security that provides control over the API for the user. These scopes also extend to MCP tools at 101domain. In our case, they limit the endpoints that API keys are able to call via API or MCP tools. They set permissions, data access levels , and actions(e.g; read, write, delete) that a client application can perform.
All 101domain MCP tools inherit the permissions of the underlying API key. If a tool requires domains:write and the key only has read access, the AI agent will be unable to perform the action.
An API key must be assigned specific scopes upon creation to perform any sensitive action, allowing the primary user account administrator to restrict exactly what each key (or MCP Server) can do.
If an API key has no scopes selected, it is only able to access a limited number of endpoints such as domain availability and TLD information.
Available Scopes:
-
account:read -
account:write -
domains:read -
domains:write -
dns:read -
dns:write -
products:read -
products:write
Refer to the 'Requirements' section of each endpoint in the technical docs to see which scope is mandatory: 101domain Technical API documentation.