Share via


AFD Custom Domains - Get

Gets an existing AzureFrontDoor domain with the specified domain name under the specified subscription, resource group and profile.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/customDomains/{customDomainName}?api-version=2025-04-15

URI Parameters

Name In Required Type Description
customDomainName
path True

string

Name of the domain under the profile which is unique globally.

profileName
path True

string

minLength: 1
maxLength: 260
pattern: ^[a-zA-Z0-9]+(-*[a-zA-Z0-9])*$

Name of the Azure Front Door Standard or Azure Front Door Premium which is unique within the resource group.

resourceGroupName
path True

string

minLength: 1
maxLength: 90
pattern: ^[-\w\._\(\)]+$

Name of the Resource group within the Azure subscription.

subscriptionId
path True

string

Azure Subscription ID.

api-version
query True

string

Version of the API to be used with the client request. Current version is 2025-04-15.

Responses

Name Type Description
200 OK

AFDDomain

OK

Other Status Codes

AfdErrorResponse

Azure Front Door error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

AFDCustomDomains_Get

Sample request

GET https://management.azure.com/subscriptions/subid/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/customDomains/domain1?api-version=2025-04-15

Sample response

{
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/customdomains/domain1",
  "name": "domain1",
  "type": "Microsoft.Cdn/profiles/customdomains",
  "properties": {
    "profileName": "profile1",
    "hostName": "www.contoso.com",
    "tlsSettings": {
      "certificateType": "ManagedCertificate",
      "cipherSuiteSetType": "Customized",
      "minimumTlsVersion": "TLS12",
      "customizedCipherSuiteSet": {
        "cipherSuiteSetForTls12": [
          "ECDHE_RSA_AES128_GCM_SHA256"
        ],
        "cipherSuiteSetForTls13": [
          "TLS_AES_128_GCM_SHA256",
          "TLS_AES_256_GCM_SHA384"
        ]
      },
      "secret": {
        "id": ""
      }
    },
    "azureDnsZone": {
      "id": ""
    },
    "preValidatedCustomDomainResourceId": {
      "id": ""
    },
    "validationProperties": {
      "validationToken": "8c9912db-c615-4eeb-8465",
      "expirationDate": "2009-06-15T13:45:43.0000000Z"
    },
    "domainValidationState": "Pending",
    "provisioningState": "Updating",
    "deploymentStatus": "NotStarted"
  }
}

Definitions

Name Description
AfdCertificateType

Defines the source of the SSL certificate.

AfdCipherSuiteSetType

cipher suite set type that will be used for Https

AfdCustomizedCipherSuiteForTls12

Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.

AfdCustomizedCipherSuiteForTls13

Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.

AFDDomain

Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.

AFDDomainHttpsCustomizedCipherSuiteSet

Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized.

AFDDomainHttpsParameters

The JSON object that contains the properties to secure a domain.

AfdErrorResponse

Error response

AfdMinimumTlsVersion

TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.

AfdProvisioningState

Provisioning status

DeploymentStatus
DomainValidationProperties

The JSON object that contains the properties to validate a domain.

DomainValidationState

Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.

ErrorAdditionalInfo

The resource management error additional info.

ErrorDetail

The error detail.

IdentityType

The type of identity that creates/modifies resources

ResourceReference

Reference to another resource.

SystemData

Read only system data

AfdCertificateType

Defines the source of the SSL certificate.

Value Description
CustomerCertificate
ManagedCertificate
AzureFirstPartyManagedCertificate

AfdCipherSuiteSetType

cipher suite set type that will be used for Https

Value Description
Customized
TLS10_2019
TLS12_2022
TLS12_2023

AfdCustomizedCipherSuiteForTls12

Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.

Value Description
ECDHE_RSA_AES128_GCM_SHA256
ECDHE_RSA_AES256_GCM_SHA384
DHE_RSA_AES256_GCM_SHA384
DHE_RSA_AES128_GCM_SHA256
ECDHE_RSA_AES128_SHA256
ECDHE_RSA_AES256_SHA384

AfdCustomizedCipherSuiteForTls13

Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.

Value Description
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384

AFDDomain

Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.

Name Type Description
id

string

Resource ID.

name

string

Resource name.

properties.azureDnsZone

ResourceReference

Resource reference to the Azure DNS zone

properties.deploymentStatus

DeploymentStatus

properties.domainValidationState

DomainValidationState

Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.

properties.extendedProperties

object

Key-Value pair representing migration properties for domains.

properties.hostName

string

The host name of the domain. Must be a domain name.

properties.preValidatedCustomDomainResourceId

ResourceReference

Resource reference to the Azure resource where custom domain ownership was prevalidated

properties.profileName

string

The name of the profile which holds the domain.

properties.provisioningState

AfdProvisioningState

Provisioning status

properties.tlsSettings

AFDDomainHttpsParameters

The configuration specifying how to enable HTTPS for the domain - using AzureFrontDoor managed certificate or user's own certificate. If not specified, enabling ssl uses AzureFrontDoor managed certificate by default.

properties.validationProperties

DomainValidationProperties

Values the customer needs to validate domain ownership

systemData

SystemData

Read only system data

type

string

Resource type.

AFDDomainHttpsCustomizedCipherSuiteSet

Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized.

Name Type Description
cipherSuiteSetForTls12

AfdCustomizedCipherSuiteForTls12[]

Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.

cipherSuiteSetForTls13

AfdCustomizedCipherSuiteForTls13[]

Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.

AFDDomainHttpsParameters

The JSON object that contains the properties to secure a domain.

Name Type Description
certificateType

AfdCertificateType

Defines the source of the SSL certificate.

cipherSuiteSetType

AfdCipherSuiteSetType

cipher suite set type that will be used for Https

customizedCipherSuiteSet

AFDDomainHttpsCustomizedCipherSuiteSet

Customized cipher suites object that will be used for Https when cipherSuiteSetType is Customized.

minimumTlsVersion

AfdMinimumTlsVersion

TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.

secret

ResourceReference

Resource reference to the secret. ie. subs/rg/profile/secret

AfdErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

AfdMinimumTlsVersion

TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.

Value Description
TLS10
TLS12
TLS13

AfdProvisioningState

Provisioning status

Value Description
Succeeded
Failed
Updating
Deleting
Creating

DeploymentStatus

Value Description
NotStarted
InProgress
Succeeded
Failed

DomainValidationProperties

The JSON object that contains the properties to validate a domain.

Name Type Description
expirationDate

string

The date time that the token expires

validationToken

string

Challenge used for DNS TXT record or file based validation

DomainValidationState

Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.

Value Description
Unknown
Submitting
Pending
Rejected
TimedOut
PendingRevalidation
Approved
RefreshingValidationToken
InternalError

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.

type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.

code

string

The error code.

details

ErrorDetail[]

The error details.

message

string

The error message.

target

string

The error target.

IdentityType

The type of identity that creates/modifies resources

Value Description
user
application
managedIdentity
key

ResourceReference

Reference to another resource.

Name Type Description
id

string

Resource ID.

SystemData

Read only system data

Name Type Description
createdAt

string (date-time)

The timestamp of resource creation (UTC)

createdBy

string

An identifier for the identity that created the resource

createdByType

IdentityType

The type of identity that created the resource

lastModifiedAt

string (date-time)

The timestamp of resource last modification (UTC)

lastModifiedBy

string

An identifier for the identity that last modified the resource

lastModifiedByType

IdentityType

The type of identity that last modified the resource