AFD Custom Domains - Get

Service:

Front Door Service

API Version:

2025-04-15

Gets an existing AzureFrontDoor domain with the specified domain name under the specified subscription, resource group and profile.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/customDomains/{customDomainName}?api-version=2025-04-15

URI Parameters

Name	In	Required	Type	Description
customDomainName	path	True	string	Name of the domain under the profile which is unique globally.
profileName	path	True	string minLength: 1 maxLength: 260 pattern: ^[a-zA-Z0-9]+(-*[a-zA-Z0-9])*$	Name of the Azure Front Door Standard or Azure Front Door Premium which is unique within the resource group.
resourceGroupName	path	True	string minLength: 1 maxLength: 90 pattern: ^[-\w\._\(\)]+$	Name of the Resource group within the Azure subscription.
subscriptionId	path	True	string	Azure Subscription ID.
api-version	query	True	string	Version of the API to be used with the client request. Current version is 2025-04-15.

Responses

Name	Type	Description
200 OK	AFDDomain	OK
Other Status Codes	AfdErrorResponse	Azure Front Door error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

AFDCustomDomains_Get

Sample request

HTTP

GET https://management.azure.com/subscriptions/subid/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/customDomains/domain1?api-version=2025-04-15

Sample response

Status code:

200

{
  "id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/customdomains/domain1",
  "name": "domain1",
  "type": "Microsoft.Cdn/profiles/customdomains",
  "properties": {
    "profileName": "profile1",
    "hostName": "www.contoso.com",
    "tlsSettings": {
      "certificateType": "ManagedCertificate",
      "cipherSuiteSetType": "Customized",
      "minimumTlsVersion": "TLS12",
      "customizedCipherSuiteSet": {
        "cipherSuiteSetForTls12": [
          "ECDHE_RSA_AES128_GCM_SHA256"
        ],
        "cipherSuiteSetForTls13": [
          "TLS_AES_128_GCM_SHA256",
          "TLS_AES_256_GCM_SHA384"
        ]
      },
      "secret": {
        "id": ""
      }
    },
    "azureDnsZone": {
      "id": ""
    },
    "preValidatedCustomDomainResourceId": {
      "id": ""
    },
    "validationProperties": {
      "validationToken": "8c9912db-c615-4eeb-8465",
      "expirationDate": "2009-06-15T13:45:43.0000000Z"
    },
    "domainValidationState": "Pending",
    "provisioningState": "Updating",
    "deploymentStatus": "NotStarted"
  }
}

Definitions

Name	Description
AfdCertificateType	Defines the source of the SSL certificate.
AfdCipherSuiteSetType	cipher suite set type that will be used for Https
AfdCustomizedCipherSuiteForTls12	Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.
AfdCustomizedCipherSuiteForTls13	Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.
AFDDomain	Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.
AFDDomainHttpsCustomizedCipherSuiteSet	Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized.
AFDDomainHttpsParameters	The JSON object that contains the properties to secure a domain.
AfdErrorResponse	Error response
AfdMinimumTlsVersion	TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.
AfdProvisioningState	Provisioning status
DeploymentStatus
DomainValidationProperties	The JSON object that contains the properties to validate a domain.
DomainValidationState	Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
IdentityType	The type of identity that creates/modifies resources
ResourceReference	Reference to another resource.
SystemData	Read only system data

AfdCertificateType

Enumeration

Defines the source of the SSL certificate.

Value	Description
CustomerCertificate
ManagedCertificate
AzureFirstPartyManagedCertificate

AfdCipherSuiteSetType

Enumeration

cipher suite set type that will be used for Https

Value	Description
Customized
TLS10_2019
TLS12_2022
TLS12_2023

AfdCustomizedCipherSuiteForTls12

Enumeration

Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.

Value	Description
ECDHE_RSA_AES128_GCM_SHA256
ECDHE_RSA_AES256_GCM_SHA384
DHE_RSA_AES256_GCM_SHA384
DHE_RSA_AES128_GCM_SHA256
ECDHE_RSA_AES128_SHA256
ECDHE_RSA_AES256_SHA384

AfdCustomizedCipherSuiteForTls13

Enumeration

Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.

Value	Description
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384

AFDDomain

Object

Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.azureDnsZone	ResourceReference	Resource reference to the Azure DNS zone
properties.deploymentStatus	DeploymentStatus
properties.domainValidationState	DomainValidationState	Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.
properties.extendedProperties	object	Key-Value pair representing migration properties for domains.
properties.hostName	string	The host name of the domain. Must be a domain name.
properties.preValidatedCustomDomainResourceId	ResourceReference	Resource reference to the Azure resource where custom domain ownership was prevalidated
properties.profileName	string	The name of the profile which holds the domain.
properties.provisioningState	AfdProvisioningState	Provisioning status
properties.tlsSettings	AFDDomainHttpsParameters	The configuration specifying how to enable HTTPS for the domain - using AzureFrontDoor managed certificate or user's own certificate. If not specified, enabling ssl uses AzureFrontDoor managed certificate by default.
properties.validationProperties	DomainValidationProperties	Values the customer needs to validate domain ownership
systemData	SystemData	Read only system data
type	string	Resource type.

AFDDomainHttpsCustomizedCipherSuiteSet

Object

Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized.

Name	Type	Description
cipherSuiteSetForTls12	AfdCustomizedCipherSuiteForTls12[]	Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.
cipherSuiteSetForTls13	AfdCustomizedCipherSuiteForTls13[]	Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.

AFDDomainHttpsParameters

Object

The JSON object that contains the properties to secure a domain.

Name	Type	Description
certificateType	AfdCertificateType	Defines the source of the SSL certificate.
cipherSuiteSetType	AfdCipherSuiteSetType	cipher suite set type that will be used for Https
customizedCipherSuiteSet	AFDDomainHttpsCustomizedCipherSuiteSet	Customized cipher suites object that will be used for Https when cipherSuiteSetType is Customized.
minimumTlsVersion	AfdMinimumTlsVersion	TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.
secret	ResourceReference	Resource reference to the secret. ie. subs/rg/profile/secret

AfdErrorResponse

Object

Error response

Name	Type	Description
error	ErrorDetail	The error object.

AfdMinimumTlsVersion

Enumeration

TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.

Value	Description
TLS10
TLS12
TLS13

AfdProvisioningState

Enumeration

Provisioning status

Value	Description
Succeeded
Failed
Updating
Deleting
Creating

DeploymentStatus

Enumeration

Value	Description
NotStarted
InProgress
Succeeded
Failed

DomainValidationProperties

Object

The JSON object that contains the properties to validate a domain.

Name	Type	Description
expirationDate	string	The date time that the token expires
validationToken	string	Challenge used for DNS TXT record or file based validation

DomainValidationState

Enumeration

Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.

Value	Description
Unknown
Submitting
Pending
Rejected
TimedOut
PendingRevalidation
Approved
RefreshingValidationToken
InternalError

ErrorAdditionalInfo

Object

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

Object

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

IdentityType

Enumeration

The type of identity that creates/modifies resources

Value	Description
user
application
managedIdentity
key

ResourceReference

Object

Reference to another resource.

Name	Type	Description
id	string	Resource ID.

SystemData

Object

Read only system data

Name	Type	Description
createdAt	string (date-time)	The timestamp of resource creation (UTC)
createdBy	string	An identifier for the identity that created the resource
createdByType	IdentityType	The type of identity that created the resource
lastModifiedAt	string (date-time)	The timestamp of resource last modification (UTC)
lastModifiedBy	string	An identifier for the identity that last modified the resource
lastModifiedByType	IdentityType	The type of identity that last modified the resource