Skip to main content

entri.showEntri(config)

This method launches the Entri modal window. config is an object with the following properties:
PropertyTypeRequired?DefaultDescription
applicationIdstringYesN/AThe ID of your application (set in the dashboard)
dnsRecordsarray of DNSRecord objects (see below)YesN/AThe DNS records you wish to configure for your users (see below)
tokenstringYesN/AA JSON web token. Must be fetched in each session, see Token creation (JWT).
applicationUrlstringOnly when using Secure or PowerN/ASets the applicationUrl for Power. This is the specific application URL that you would like to render on the customer’s custom domain. Also known as an origin server or origin URL.
applicationNamestringNonullThe company name that will be shown in the initial screen’s welcome message.
defaultSubdomainstringNo""If you would like to pre fill the subdomain field with text then enter the desired sub domain here.
enableDkimbooleanNofalseIf your application requires users to set up DKIM through their email provider (and your app does not send emails directly), enable this. This is common for applications that provide email automation using an external service like Google Workspace or Microsoft 365. (Enterprise tier)
forceManualSetupbooleanNofalseForces Entri to use the manual setup flow. If set to true then the prefilledDomain becomes required.
forceSubdomainbooleanNofalseIf your application requires subdomains, enable this. (Premium and Enterprise tiers)
localestringNoenTo load Entri in a specific language. Supported languages include: en, es, pt, pt-br,pt-pt, fr, it, de, nl, pl, tr, ja, da, sv.The pt locale defaults to Brazilian portuguese (pt-br).
hostRequiredbooleanNo, unless you use the {SUBDOMAIN} variabletrueIf the {SUBDOMAIN} variable is used but is null (no subdomain inputted by the user) then the {SUBDOMAIN} value will default to be www. See Dynamic configuration variables based on the user-inputted domain.
manualSetupDocumentationstringNo""Where you currently provide documentation on how to set up DNS. If users are trying to set up their DNS manually and need help, we will send them to this page. e.g. <https://example.com/dns-setup\>. This link is disabled when using the propertydisableManualSetupDocumentationLink:true in the whiteLabel’s configuration.
iframeSandboxbooleanNofalseWhen set to true, applies a sandbox attribute to the Entri iframe, restricting its capabilities to only: allow-scripts, allow-same-origin, allow-forms, allow-popups, and allow-popups-to-escape-sandbox. This adds an extra layer of security to the embedded iframe.
overrideSPFbooleanNofalseForces the SPF record override in case there is a pre-existent one instead of merging it. This feature is not supported by Cloudlare, Ionos, Squarespace, and GoDaddy providers.
powerbooleanNofalseEnables Entri Power. Requires adoption of Entri Power.
prefilledDomainstringNo, unless forceManualSetup is set to trueN/AA domain to pre-fill if you’ve collected it before the Entri modal, e.g. example.com
secureRootDomainbooleanNofalseCreates a certificate for the root domain and points its A records to Entri secure servers. Requires adoption of Entri Secure.
supportForSubdomainsbooleanNotrueIf your application allows subdomains, enable this
userIdstringNoN/AA unique ID so that you can match Entri webhook events to the user. You can use stringfied jsons in order to add complex structured data.
wwwRedirectbooleanNofalseWhen feasible, Entri will automatically redirect site.com to www.site.com using the preferred method of the DNS provider. Certain providers prevent Entri from automatically setting this up. When that is the case, Entri shows a helper UI to the user that explains how to do this manually.
validateDmarcbooleanNofalseWhen set to true Entri will automatically check if there is an existing and valid DMARC record. If so, Entri will not update the DMARC record.
validateCAAbooleanNofalseWhen set to true Entri will check if there is an existing CAA present in the domain or not. If it is present, it will add the CAA record sent in the config, else not.
checkConflictsbooleanNofalseWhen true, Entri analyzes the DNS records provided in dnsRecords against the existing authoritative DNS configuration and reports any record that would require an override. Increases response time. See Detecting Record Conflicts.
monitorbooleanNofalseWhen true, automatically registers the configured domain and records with Entri Monitor after the Connect flow completes, so record drift is reported back via webhooks. Requires a Monitor-enabled plan.
searchTypestringNo"classic"(Entri Sell, IONOS only) Selects the domain-search experience. Use "classic" for the standard keyword search, or "ai" to enable AI-generated domain suggestions.

Possible showEntri() Errors

When any of the following critical errors occur, a console error will be logged, and the user will only see “Entri is misconfigured. Please contact support for assistance.” in the UI.
ErrorConsole MessageReason
Domain Invalid or Unsupported TLD”This domain is invalid or uses an unsupported TLD (unlisted ).”The domain provided doesn’t pass validation (invalid TLD, not in ICANN list, or malformed).
Missing applicationId”Missing parameter: applicationId”The configuration object does not include applicationId.
Configuration Error”Configuration error, please refer to the docs at https://developers.goentri.com/docsforceManualSetup: true was used without providing prefilledDomain.

Token creation (JWT)

To launch the Entri modal window in a session, you’ll need to fetch a JWT using the secret key and applicationId provided by the Entri dashboard. For security reasons and in order to not expose your secret in the browser, please make sure to fetch the JWT on the server-side of your application. The JWT expires after 60 minutes. You can use any networking library you’d like. Here’s an example using javascript:
JS
fetch('https://api.goentri.com/token', {
  method: 'POST',
  body: JSON.stringify({
    // These values come from the Entri dashboard
    applicationId: "12345",
    secret: "12345-67890"
  }),
})
.then(response => response.json())
.then(data => {
  console.log('Success:', data); // { "auth_token": "exampletoken..." }
})
.catch((error) => {
  console.error('Error:', error);
});

Enhancing Integration Security

To further enhance the security of your integration, you have the option to include the domain, dnsRecords or product in the JWT creation process. When these elements are added, Entri will validate them during execution, providing an additional layer of security. 
POST https://api.goentri.com/token

Request body

JSON
{
    "applicationId": "{APPLICATION_ID}",
    "secret": "{SECRET}",
    "domain": "sampledomain.com",
    "freeDomain": true,
    "userId": "XYZ",
    "dnsRecords": [
        {
            "value": "samplevalue.com",
            "host": "@",
            "ttl": 300,
            "type": "CNAME"
        }
    ]
}

Parameters description

ParameterRequired?DefaultDescription
applicationIdYesN/AThe ID of your application (set in the dashboard)
domainYesN/AThe domain that will be configured
secretYesN/AClient secret, can be found in the Dashboard
dnsRecordsNoN/ARecords that will be configured on the domain
freeDomainNoN/AOnly applies to Entri Sell! Specifies a free or paid domain purchase.
productNoN/AThe product for which this JWT is being created for.
userIdNoN/AThe userId from the user that will be using the flow.

Successful response (200 status)

JSON
{ "auth_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...." }
For more details about how freeDomain is used in Entri Sell, refer to the Advanced Security Settings for freeDomain section.