HTTPDNS supports three connection types: Method 1: SDK-based access, Method 2: Access by calling the JSON API, and Method 3: DoT/DoH-based access.
For Method 1: SDK-based access and Method 2: Access by calling the JSON API, you must create a key to authenticate the connection. Before you begin, create a key.
Method 1: SDK-based access
Scenarios: Prevents DNS hijacking for mobile apps and IoT devices. Delivers the same result as a standard HTTPDNS integration.
-
Download the Android or iOS SDK.
-
Integrate the SDK into your app:
-
Verify the connection in the Alibaba Cloud DNS console. Go to the Dashboard > Resolution Dashboard > HTTPDNS page. Traffic data confirms a successful connection.
Method 2: Access by calling the JSON API
Scenarios: Use when SDK integration is not possible. Call the native API to resolve domains directly.
The DoH JSON API supports both TLS and non-TLS endpoints:
-
https://223.5.5.5/resolve?name=domain_name&type=record_type&uid=AccountID&ak=AccessKey ID&key=****&ts=timestamp
-
http://223.5.5.5/resolve?name=domain_name&type=record_type&uid=AccountID&ak=AccessKey ID&key=****&ts=timestamp
-
https://223.6.6.6/resolve?name=domain_name&type=record_type&uid=AccountID&ak=AccessKey ID&key=****&ts=timestamp
-
http://223.6.6.6/resolve?name=domain_name&type=record_type&uid=AccountID&ak=AccessKey ID&key=****&ts=timestamp
Method 3: DoT/DoH-based access
Scenarios: For browser and mobile clients. Does not support authentication — not recommended.
Connect using one of two formats. The user_id is the Unique configuration ID from the console.
1. Short address connection (low security, not recommended)
DoT address: <user_id>.alidns.com
DoH address: https://<user_id>.alidns.com/dns-query
Keep your Account ID secure. A leaked Account ID poses a security threat and can result in fraudulent data usage.
2. Custom address connection
Recommended. Custom addresses provide higher security and prevent unauthorized data usage.
DoT address: <user_id>-custom_field.alidns.com
DoH address: https://<user_id>-custom_field.alidns.com/dns-query
To enable DoT/DoH, select Enable encrypted address (recommended) and turn on Enabled Status (the switch turns green).
-
If the DoH/DoT Enabled Status is off, resolution requests are rejected.