AFD Custom Domains - Get
Gets an existing AzureFrontDoor domain with the specified domain name under the specified subscription, resource group and profile.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Cdn/profiles/{profileName}/customDomains/{customDomainName}?api-version=2025-04-15
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
custom
|
path | True |
string |
Name of the domain under the profile which is unique globally. |
profile
|
path | True |
string minLength: 1maxLength: 260 pattern: ^[a-zA-Z0-9]+(-*[a-zA-Z0-9])*$ |
Name of the Azure Front Door Standard or Azure Front Door Premium which is unique within the resource group. |
resource
|
path | True |
string minLength: 1maxLength: 90 pattern: ^[-\w\._\(\)]+$ |
Name of the Resource group within the Azure subscription. |
subscription
|
path | True |
string |
Azure Subscription ID. |
api-version
|
query | True |
string |
Version of the API to be used with the client request. Current version is 2025-04-15. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK |
|
Other Status Codes |
Azure Front Door error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
AFDCustomDomains_Get
Sample request
GET https://management.azure.com/subscriptions/subid/resourceGroups/RG/providers/Microsoft.Cdn/profiles/profile1/customDomains/domain1?api-version=2025-04-15
Sample response
{
"id": "/subscriptions/subid/resourcegroups/RG/providers/Microsoft.Cdn/profiles/profile1/customdomains/domain1",
"name": "domain1",
"type": "Microsoft.Cdn/profiles/customdomains",
"properties": {
"profileName": "profile1",
"hostName": "www.contoso.com",
"tlsSettings": {
"certificateType": "ManagedCertificate",
"cipherSuiteSetType": "Customized",
"minimumTlsVersion": "TLS12",
"customizedCipherSuiteSet": {
"cipherSuiteSetForTls12": [
"ECDHE_RSA_AES128_GCM_SHA256"
],
"cipherSuiteSetForTls13": [
"TLS_AES_128_GCM_SHA256",
"TLS_AES_256_GCM_SHA384"
]
},
"secret": {
"id": ""
}
},
"azureDnsZone": {
"id": ""
},
"preValidatedCustomDomainResourceId": {
"id": ""
},
"validationProperties": {
"validationToken": "8c9912db-c615-4eeb-8465",
"expirationDate": "2009-06-15T13:45:43.0000000Z"
},
"domainValidationState": "Pending",
"provisioningState": "Updating",
"deploymentStatus": "NotStarted"
}
}
Definitions
Name | Description |
---|---|
Afd |
Defines the source of the SSL certificate. |
Afd |
cipher suite set type that will be used for Https |
Afd |
Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2. |
Afd |
Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3. |
AFDDomain |
Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. |
AFDDomain |
Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized. |
AFDDomain |
The JSON object that contains the properties to secure a domain. |
Afd |
Error response |
Afd |
TLS protocol version that will be used for Https when cipherSuiteSetType is Customized. |
Afd |
Provisioning status |
Deployment |
|
Domain |
The JSON object that contains the properties to validate a domain. |
Domain |
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation. |
Error |
The resource management error additional info. |
Error |
The error detail. |
Identity |
The type of identity that creates/modifies resources |
Resource |
Reference to another resource. |
System |
Read only system data |
AfdCertificateType
Defines the source of the SSL certificate.
Value | Description |
---|---|
CustomerCertificate | |
ManagedCertificate | |
AzureFirstPartyManagedCertificate |
AfdCipherSuiteSetType
cipher suite set type that will be used for Https
Value | Description |
---|---|
Customized | |
TLS10_2019 | |
TLS12_2022 | |
TLS12_2023 |
AfdCustomizedCipherSuiteForTls12
Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2.
Value | Description |
---|---|
ECDHE_RSA_AES128_GCM_SHA256 | |
ECDHE_RSA_AES256_GCM_SHA384 | |
DHE_RSA_AES256_GCM_SHA384 | |
DHE_RSA_AES128_GCM_SHA256 | |
ECDHE_RSA_AES128_SHA256 | |
ECDHE_RSA_AES256_SHA384 |
AfdCustomizedCipherSuiteForTls13
Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3.
Value | Description |
---|---|
TLS_AES_128_GCM_SHA256 | |
TLS_AES_256_GCM_SHA384 |
AFDDomain
Friendly domain name mapping to the endpoint hostname that the customer provides for branding purposes, e.g. www.contoso.com
.
Name | Type | Description |
---|---|---|
id |
string |
Resource ID. |
name |
string |
Resource name. |
properties.azureDnsZone |
Resource reference to the Azure DNS zone |
|
properties.deploymentStatus | ||
properties.domainValidationState |
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation. |
|
properties.extendedProperties |
object |
Key-Value pair representing migration properties for domains. |
properties.hostName |
string |
The host name of the domain. Must be a domain name. |
properties.preValidatedCustomDomainResourceId |
Resource reference to the Azure resource where custom domain ownership was prevalidated |
|
properties.profileName |
string |
The name of the profile which holds the domain. |
properties.provisioningState |
Provisioning status |
|
properties.tlsSettings |
The configuration specifying how to enable HTTPS for the domain - using AzureFrontDoor managed certificate or user's own certificate. If not specified, enabling ssl uses AzureFrontDoor managed certificate by default. |
|
properties.validationProperties |
Values the customer needs to validate domain ownership |
|
systemData |
Read only system data |
|
type |
string |
Resource type. |
AFDDomainHttpsCustomizedCipherSuiteSet
Customized cipher suite set object that will be used for Https when cipherSuiteSetType is Customized.
Name | Type | Description |
---|---|---|
cipherSuiteSetForTls12 |
Cipher suites for TLS 1.2. Required at least one in minimumTlsVersion TLS 1.2. |
|
cipherSuiteSetForTls13 |
Cipher suites for TLS 1.3. Required at least one in minimumTlsVersion TLS 1.2, TLS 1.3. |
AFDDomainHttpsParameters
The JSON object that contains the properties to secure a domain.
Name | Type | Description |
---|---|---|
certificateType |
Defines the source of the SSL certificate. |
|
cipherSuiteSetType |
cipher suite set type that will be used for Https |
|
customizedCipherSuiteSet |
Customized cipher suites object that will be used for Https when cipherSuiteSetType is Customized. |
|
minimumTlsVersion |
TLS protocol version that will be used for Https when cipherSuiteSetType is Customized. |
|
secret |
Resource reference to the secret. ie. subs/rg/profile/secret |
AfdErrorResponse
Error response
Name | Type | Description |
---|---|---|
error |
The error object. |
AfdMinimumTlsVersion
TLS protocol version that will be used for Https when cipherSuiteSetType is Customized.
Value | Description |
---|---|
TLS10 | |
TLS12 | |
TLS13 |
AfdProvisioningState
Provisioning status
Value | Description |
---|---|
Succeeded | |
Failed | |
Updating | |
Deleting | |
Creating |
DeploymentStatus
Value | Description |
---|---|
NotStarted | |
InProgress | |
Succeeded | |
Failed |
DomainValidationProperties
The JSON object that contains the properties to validate a domain.
Name | Type | Description |
---|---|---|
expirationDate |
string |
The date time that the token expires |
validationToken |
string |
Challenge used for DNS TXT record or file based validation |
DomainValidationState
Provisioning substate shows the progress of custom HTTPS enabling/disabling process step by step. DCV stands for DomainControlValidation.
Value | Description |
---|---|
Unknown | |
Submitting | |
Pending | |
Rejected | |
TimedOut | |
PendingRevalidation | |
Approved | |
RefreshingValidationToken | |
InternalError |
ErrorAdditionalInfo
The resource management error additional info.
Name | Type | Description |
---|---|---|
info |
object |
The additional info. |
type |
string |
The additional info type. |
ErrorDetail
The error detail.
Name | Type | Description |
---|---|---|
additionalInfo |
The error additional info. |
|
code |
string |
The error code. |
details |
The error details. |
|
message |
string |
The error message. |
target |
string |
The error target. |
IdentityType
The type of identity that creates/modifies resources
Value | Description |
---|---|
user | |
application | |
managedIdentity | |
key |
ResourceReference
Reference to another resource.
Name | Type | Description |
---|---|---|
id |
string |
Resource ID. |
SystemData
Read only system data
Name | Type | Description |
---|---|---|
createdAt |
string (date-time) |
The timestamp of resource creation (UTC) |
createdBy |
string |
An identifier for the identity that created the resource |
createdByType |
The type of identity that created the resource |
|
lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
An identifier for the identity that last modified the resource |
lastModifiedByType |
The type of identity that last modified the resource |