4,628
edits
Changes
→Servers
This page documents the DNS domains used by Switch, and what they're used for. Only HTTPS is used with these domains unless noted otherwise.
This page documents DNS domains and lists information relevant to the online services used by the Switch.
* "[[NIM_services|sun.hac.lp1.d4c.nintendo.net]]": Used for checking whether a sysupdate is available, equivalent to NetUpdateSOAP from past systems.
= Domains =
Only HTTPS is used with these domains unless noted otherwise.
* "dauth-lp1.ndas.srv.nintendo.net": Seems to break Nintendo-account related comms when blocked. This dauth domain seems to be the cause of the sysupdate-required 2124-3000 [[Error_codes|error]]?
== CDN ==
* "[[NIM_services|beach.hac.lp1.eshop.nintendo.net]]": Same result as dauth when blocked.
The URLs for content delivery network servers on the Switch usually follow this format:
* "consumer.lp1.npns.srv.nintendo.net": Same result as dauth when blocked.
{server_name}.hac.{environment}.{serverset}.{host}
Where:
{server_name}: One of the registered server names.
{environment}: "dp1", "lp1", "sp1", "dd1", "jd1", "sd1", "td1" or "xd1".
{serverset}: "eshop" (online shop), "d4c" (content delivery) or "dragons" (online membership).
{host}: "nintendo.net" (global cdn), "n.nintendoswitch.cn" (chinese cdn).
=== Servers ===
* "[[#sun|sun.hac.%.d4c.nintendo.net]]"
* "[[#aqua|aqua.hac.%.d4c.nintendo.net]]"
* "[[#atum/atumn|atum.hac.%.d4c.nintendo.net]]"
* "[[#atum/atumn|atumn.hac.%.d4c.nintendo.net]]"
* "atumn-dummy.hac.%.d4c.nintendo.net"
* "[[#superfly|superfly.hac.%.d4c.nintendo.net]]"
* "bugyo.hac.%.eshop.nintendo.net"
* "[[#beach|beach.hac.%.eshop.nintendo.net]]"
* "pushmo.hac.%.eshop.nintendo.net"
* "[[#tagaya|tagaya.hac.%.eshop.nintendo.net]]"
* [5.0.0+] "[[#pearljam|pearljam.hac.%.eshop.nintendo.net]]"
* [6.0.0+] "dragons.hac.%.dragons.nintendo.net"
* [6.0.0+] "dragonst.hac.%.dragons.nintendo.net"
* [6.0.0+] "[[#tigers|tigers.hac.%.dragons.nintendo.net]]"
* [14.0.0+] "[[#veer|veer.hac.%%.d4c.nintendo.net]]"
==== sun ====
Used for checking whether a sysupdate is available. Equivalent to NetUpdateSOAP from past systems.
[[NIM_services|NIM]] sends a HTTP GET with the sun URL to get the title-listing of the latest system-titles, as .json. The deviceid in the URL is the same one in the above User-Agent section. HTTP header "Accept:application/json" is sent in the request.
The response is json with a "system_update_metas" block, containing "title_id" and "title_version" entries. The actual server response only contains 1 title.
Example, from 2.0 system:
<code>{"timestamp":REDACTED-TIMESTSAMP,"system_update_metas":[{"title_id":"0100000000000816","title_version":201327002}]}</code>
URLs:
"<nowiki>https://sun.hac.%%.d4c.nintendo.net/v1/system_update_meta?device_id=%016llx</nowiki>"
==== aqua ====
The following response is json from accessing the aqua URL:
<code>{
"contents_delivery_required_title_id": "0100000000000816",
"contents_delivery_required_title_version": 0
}</code>
A while after [[3.0.0]] release, the above title-version was changed to the one for v3.0("Last-Modified: Thu, 29 Jun 2017 00:00:04 GMT").
URLs:
"<nowiki>https://aqua.hac.%%.d4c.nintendo.net/required_system_update_meta?device_id=%016llx</nowiki>"
==== atum/atumn ====
CDN for system-titles.
"atumn" is for system-titles and "atum" is for eShop titles.
'a' is used when an input u8 is not 0x3, otherwise 's' is used. A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.
As of June 30, 2017, accessing old content via the atumn "/c/" and "/t/" URLs works fine.
URLs:
"<nowiki>https://%s.hac.%%.d4c.nintendo.net/t/%c/%016llx/%u?device_id=%016llx</nowiki>"
Returns content like the below URL. First %s is atumn or atum. This is the content for [[NCA]]-type0. See below for %c. %016llx is titleID, %u is title-version.
"<nowiki>https://%s.hac.%%.d4c.nintendo.net/c/%c/%s</nowiki>"
Used for downloading content. First %s is atumn or atum. %c is one of: 'c', 'a', or 's'. %s is just the hex-string NcaId. The server also returns two HTTP headers: "X-Nintendo-Content-Hash: {entire lowercase hex-string of the content SHA256 hash}" and "X-Nintendo-Content-ID: {lowercase hex-string for NcaId}"
==== superfly ====
URLs:
"<nowiki>https://superfly.hac.%%.d4c.nintendo.net/v1/t/%016llx/dv</nowiki>"
%016llx is titleID, only for eShop titles it appears. Returns .json title-info.
"<nowiki>https://superfly.hac.%%.d4c.nintendo.net/v1/a/%016llx/dv</nowiki>"
%016llx is titleID, only for eShop titles it appears. Output is similar to above URL.
==== tagaya ====
VersionList for eShop titles.
URLs:
"<nowiki>https://tagaya.hac.%.eshop.nintendo.net/tagaya/hac_versionlist</nowiki>"
==== beach ====
URLs:
"<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/rom_cards?application_id=%016llx&rom_card_cert=%s</nowiki>"
"<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/rom_cards/register?application_id=%016llx&rom_card_cert=%s&expected_gold_point=%d</nowiki>"
"<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/my/devices/hac/link?lang=en</nowiki>"
"<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/my/virtual_account?lang=en</nowiki>"
==== pearljam ====
URLs:
[5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/sugar</nowiki>"
[5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/civil</nowiki>"
==== tigers ====
Used for fetching common tickets for title updates.
==== veer ====
URLs:
"<nowiki>https://veer.hac.%%.d4c.nintendo.net/v3/policy.json?context=%s</nowiki>"
== Shop API ==
Domains for interacting with the online shop API.
=== Servers ===
* "[[#ecs|ecs-%.hac.shop.nintendo.net]]"
* "[[#ias|ias-%.hac.shop.nintendo.net]]"
==== ecs ====
These URL strings were removed from nim with [15.0.0+].
URLs:
"<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets</nowiki>"
"<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/GetAccountStatus</nowiki>"
==== ias ====
These URL strings were removed from nim with [15.0.0+].
URLs:
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetChallenge</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Unregister</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetRegistrationInfo</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/CompleteETicketSync</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/AccountTransfer</nowiki>"
"<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/SyncRegistration</nowiki>"
== Services ==
The URLs for general online service servers on the Switch usually follow one of these formats:
{server_name}.{environment}.{service_name}.srv.nintendo.net
{server_name}-{environment}.{service_name}.srv.nintendo.net
Where:
{server_name}: One of the registered server names.
{environment}: "lp1" (production), "dd1" (development) or "sp1" (production lottest staging).
{service_name}: One of the various service names.
=== Servers ===
* "[[#aauth|aauth-%.ndas.srv.nintendo.net]]"
* "[[#dauth|dauth-%.ndas.srv.nintendo.net]]"
* "[[#znc|api-%.znc.srv.nintendo.net]]"
* "api-%.pctl.srv.nintendo.net"
* "api-%.frs.srv.nintendo.net"
* "app-a04.%.npns.srv.nintendo.net"
* "app-b01.%.npns.srv.nintendo.net"
* "broker.%.npns.srv.nintendo.net"
* "consumer.%.npns.srv.nintendo.net"
* "[[BCAT_services#Data_reporting|receive-%.dg.srv.nintendo.net]]"
* "[[Error_Upload_services|receive-%.er.srv.nintendo.net]]"
* "nncs1-%.n.n.srv.nintendo.net"
* "nncs2-%.n.n.srv.nintendo.net"
* "g<game_server_id>-%.s.n.srv.nintendo.net"
* [4.0.0+] "[[#migration|migration.%.scsi.srv.nintendo.net]]"
* [6.0.0+] "[[#storage|storage.%.scsi.srv.nintendo.net]]"
* [9.0.0+] "[[#storage|storage.%.sata.srv.nintendo.net]]"
* [9.0.0+] "[[#permission|permission.%.sata.srv.nintendo.net]]"
==== aauth ====
Application authentication.
URLs:
"<nowiki>https://aauth-%.ndas.srv.nintendo.net/v1/application_auth_token</nowiki>"
"<nowiki>https://aauth-%.ndas.srv.nintendo.net/v1/time</nowiki>"
[5.0.0+] "<nowiki>https://aauth-%.ndas.srv.nintendo.net/v2-44cd4221f90742b5f37a4948b37dacf024d0bb14dde86db0af20ec300a36a0fe/application_auth_token</nowiki>"
Replaces previous application_auth_token URL.
==== dauth ====
Device authentication.
URLs:
"<nowiki>https://dauth-%.ndas.srv.nintendo.net/v1/device_auth_token</nowiki>"
CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "system_version=%08x&client_id=%s", <byte-swapped first 3 bytes from [[System_Version_Title]] loaded via [[Settings_services|settings]] cmd>, "<hard-coded hex string>");
[4.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/439528b578b74475d24ec19264097f17d2cc578c8584816b644e7b7fa93044d7/device_auth_token</nowiki>"
Replaces previous device_auth_token URL.
[5.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/device_auth_token</nowiki>"
Replaces previous device_auth_token URL.
[5.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/challenge</nowiki>"
CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "key_generation=%u", 5);
==== znc ====
Used by the Switch Online app to get app data, like the list of game-specific services to display.
==== app ====
app-a04* uses XMPP with TLS over port 443, without HTTP. Sample request:
<code><nowiki><?xml version="1.0"?><stream:stream to="app-a04.lp1.npns.srv.nintendo.net" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"></nowiki></code>
==== migration ====
[[Migration_services|Migration]] service storage.
==== storage ====
[[OLSC_services|OLSC]] service (.scsi) and repair service (.sata) storage.
==== permission ====
[[OLSC_services|OLSC]] repair service survey request.
<nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations</nowiki>
<nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations?survey_request_id=%llu</nowiki>
Request headers:
> User-Agent: libcurl (nnHttp; 789f928b-138e-4b2f-afeb-1acae821d897; SDK {x.x.x.x sdkver}; Add-on {x.x.x.x sdkver})
> Accept: */*
> X-Device-Token: {device-token from dauth for SATA}
> Content-Type: application/json
Response (without survey_request_id): {"survey_requests":[]}
== Others ==
Miscellaneous domains for various APIs and tests.
=== Servers ===
Account metadata:
* "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com"
* "accounts.nintendo.com"
* "api.accounts.nintendo.com"
* "c-%.accounts.nintendo.com"
* "capi.%.op2.nintendo.net"
News, friends and game content:
* "bcat-topics-%.cdn.nintendo.net"
* "bcat-list-%.cdn.nintendo.net"
* "bcat-data-%.cdn.nintendo.net"
* "bcat-web-%.cdn.nintendo.net"
* "app.%.five.nintendo.net"
* [6.0.0+] "scsi-policy-%.cdn.nintendo.net"
NSO webapplet [11.0.0+]:
* "%.nso.nintendo.net"
* "atum-img-%.cdn.nintendo.net"
Connection:
* "ctest.cdn.nintendo.net" (replaces "conntest.nintendowifi.net")
* "nasc.nintendowifi.net"
Error and status:
* "[[#service-status|service-status-%.cdn.nintendo.net]]"
* "problems.dragons.nintendo.net"
* "moon.nintendo.com"
==== scsi-policy ====
Used by [[OLSC_services|OLSC]] and [[Migration_services|migration]].
URLs:
<nowiki>"https://scsi-policy-%.cdn.nintendo.net/api/nx/v1/save_data_migration_policy/%016llx/%05u?dtoken="</nowiki>
* save_data_migration_policy: "%016llx" is the [[NCM_services#ApplicationId|ApplicationId]], "%05u" is version>>16 from [[NS_services#IApplicationVersionInterface|ns GetLaunchRequiredVersion]]. The value of dtoken is the dauth edge token for scsi. The request headers are: "User-Agent: libcurl (nnHttp;..." and "Accept: */*".
** The response json is <code>{"save_data_migration": <str>}</code>, where <code><str></code> is "OK" or "NG" (other values trigger error).
==== service-status ====
[[Error_applet|Error applet]] status.
URLs:
"<nowiki>https://service-status-%.cdn.nintendo.net/service_status_hac.json</nowiki>"
= User-Agent =
[[NIM_services|NIM]] generates two User-Agent strings:
snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; did:%016llx; eid:%s)", <string at [[System_Version_Title|sysver]]+0x68>, {u32 from [[System_Version_Title|sysver]]+4}, "NX", DeviceId, {[[Sockets_services#GetEnvironmentIdentifier|GetEnvironmentIdentifier]] output});
snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; eid:%s)", <string at [[System_Version_Title|sysver]]+0x68>, {u32 from [[System_Version_Title|sysver]]+4}, "NX", DeviceId, {[[Sockets_services#GetEnvironmentIdentifier|GetEnvironmentIdentifier]] output});
Where the 64bit DeviceId is parsed from the 0x10-bytes at outbuf+0xC6 from [[Settings_services|set:cal]] GetEciDeviceCertificate (DeviceCert_certname+2, aka where the hex string for the DeviceId is).