4,628
edits
Changes
Jump to navigation
Jump to search
→Servers
Line 1:
Line 1:
−* "[[NIM_services|atumn.hac.lp1.d4c.nintendo.net]]": CDN for system-titles.+* "tagaya.hac.lp1.eshop.nintendo.net": VersionList for eShop titles going by 3DS.+
−* "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com": Used to handle account metadata. (friends, profile, etc)+
−* "api.accounts.nintendo.com": Appears to be used by Nintendo apps to get metadata for Switch user profiles.+* "api-lp1.znc.srv.nintendo.net": Used by the Switch Online app to get app data, like the list of game-specific services to display.+Note: "break Nintendo-account..." is for "posting to social-media" in user-profile, results may vary with the eShop (for non-dauth).+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
This page documents the DNS domains used by Switch, and what they're used for. Only HTTPS is used with these domains unless noted otherwise.
+This page documents DNS domains and lists information relevant to the online services used by the Switch.
−* "[[NIM_services|sun.hac.lp1.d4c.nintendo.net]]": Used for checking whether a sysupdate is available, equivalent to NetUpdateSOAP from past systems.
+= Domains =
−Only HTTPS is used with these domains unless noted otherwise.
−* "dauth-lp1.ndas.srv.nintendo.net": Seems to break Nintendo-account related comms when blocked. This dauth domain seems to be the cause of the sysupdate-required 2124-3000 [[Error_codes|error]]?
+== CDN ==
−* "[[NIM_services|beach.hac.lp1.eshop.nintendo.net]]": Same result as dauth when blocked.
+The URLs for content delivery network servers on the Switch usually follow this format:
−* "consumer.lp1.npns.srv.nintendo.net": Same result as dauth when blocked.
+ {server_name}.hac.{environment}.{serverset}.{host}
−Where:
− {server_name}: One of the registered server names.
− {environment}: "dp1", "lp1", "sp1", "dd1", "jd1", "sd1", "td1" or "xd1".
+ {serverset}: "eshop" (online shop), "d4c" (content delivery) or "dragons" (online membership).
+ {host}: "nintendo.net" (global cdn), "n.nintendoswitch.cn" (chinese cdn).
+=== Servers ===
+* "[[#sun|sun.hac.%.d4c.nintendo.net]]"
+* "[[#aqua|aqua.hac.%.d4c.nintendo.net]]"
+* "[[#atum/atumn|atum.hac.%.d4c.nintendo.net]]"
+* "[[#atum/atumn|atumn.hac.%.d4c.nintendo.net]]"
+* "atumn-dummy.hac.%.d4c.nintendo.net"
+* "[[#superfly|superfly.hac.%.d4c.nintendo.net]]"
+* "bugyo.hac.%.eshop.nintendo.net"
+* "[[#beach|beach.hac.%.eshop.nintendo.net]]"
+* "pushmo.hac.%.eshop.nintendo.net"
+* "[[#tagaya|tagaya.hac.%.eshop.nintendo.net]]"
+* [5.0.0+] "[[#pearljam|pearljam.hac.%.eshop.nintendo.net]]"
+* [6.0.0+] "dragons.hac.%.dragons.nintendo.net"
+* [6.0.0+] "dragonst.hac.%.dragons.nintendo.net"
+* [6.0.0+] "[[#tigers|tigers.hac.%.dragons.nintendo.net]]"
+* [14.0.0+] "[[#veer|veer.hac.%%.d4c.nintendo.net]]"
+==== sun ====
+Used for checking whether a sysupdate is available. Equivalent to NetUpdateSOAP from past systems.
+[[NIM_services|NIM]] sends a HTTP GET with the sun URL to get the title-listing of the latest system-titles, as .json. The deviceid in the URL is the same one in the above User-Agent section. HTTP header "Accept:application/json" is sent in the request.
+The response is json with a "system_update_metas" block, containing "title_id" and "title_version" entries. The actual server response only contains 1 title.
+Example, from 2.0 system:
+<code>{"timestamp":REDACTED-TIMESTSAMP,"system_update_metas":[{"title_id":"0100000000000816","title_version":201327002}]}</code>
+URLs:
+ "<nowiki>https://sun.hac.%%.d4c.nintendo.net/v1/system_update_meta?device_id=%016llx</nowiki>"
+==== aqua ====
+The following response is json from accessing the aqua URL:
+<code>{
+"contents_delivery_required_title_id": "0100000000000816",
+"contents_delivery_required_title_version": 0
+}</code>
+A while after [[3.0.0]] release, the above title-version was changed to the one for v3.0("Last-Modified: Thu, 29 Jun 2017 00:00:04 GMT").
+URLs:
+ "<nowiki>https://aqua.hac.%%.d4c.nintendo.net/required_system_update_meta?device_id=%016llx</nowiki>"
+==== atum/atumn ====
+CDN for system-titles.
+"atumn" is for system-titles and "atum" is for eShop titles.
+'a' is used when an input u8 is not 0x3, otherwise 's' is used. A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.
+As of June 30, 2017, accessing old content via the atumn "/c/" and "/t/" URLs works fine.
+URLs:
+ "<nowiki>https://%s.hac.%%.d4c.nintendo.net/t/%c/%016llx/%u?device_id=%016llx</nowiki>"
+ Returns content like the below URL. First %s is atumn or atum. This is the content for [[NCA]]-type0. See below for %c. %016llx is titleID, %u is title-version.
+ "<nowiki>https://%s.hac.%%.d4c.nintendo.net/c/%c/%s</nowiki>"
+ Used for downloading content. First %s is atumn or atum. %c is one of: 'c', 'a', or 's'. %s is just the hex-string NcaId. The server also returns two HTTP headers: "X-Nintendo-Content-Hash: {entire lowercase hex-string of the content SHA256 hash}" and "X-Nintendo-Content-ID: {lowercase hex-string for NcaId}"
+==== superfly ====
+URLs:
+ "<nowiki>https://superfly.hac.%%.d4c.nintendo.net/v1/t/%016llx/dv</nowiki>"
+ %016llx is titleID, only for eShop titles it appears. Returns .json title-info.
+ "<nowiki>https://superfly.hac.%%.d4c.nintendo.net/v1/a/%016llx/dv</nowiki>"
+ %016llx is titleID, only for eShop titles it appears. Output is similar to above URL.
+==== tagaya ====
+VersionList for eShop titles.
+URLs:
+ "<nowiki>https://tagaya.hac.%.eshop.nintendo.net/tagaya/hac_versionlist</nowiki>"
+==== beach ====
+URLs:
+ "<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/rom_cards?application_id=%016llx&rom_card_cert=%s</nowiki>"
+ "<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/rom_cards/register?application_id=%016llx&rom_card_cert=%s&expected_gold_point=%d</nowiki>"
+ "<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/my/devices/hac/link?lang=en</nowiki>"
+ "<nowiki>https://beach.hac.%.eshop.nintendo.net/v1/my/virtual_account?lang=en</nowiki>"
+==== pearljam ====
+URLs:
+ [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/sugar</nowiki>"
+ [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/civil</nowiki>"
+==== tigers ====
+Used for fetching common tickets for title updates.
+==== veer ====
+URLs:
+ "<nowiki>https://veer.hac.%%.d4c.nintendo.net/v3/policy.json?context=%s</nowiki>"
+== Shop API ==
+Domains for interacting with the online shop API.
+=== Servers ===
+* "[[#ecs|ecs-%.hac.shop.nintendo.net]]"
+* "[[#ias|ias-%.hac.shop.nintendo.net]]"
+==== ecs ====
+These URL strings were removed from nim with [15.0.0+].
+URLs:
+ "<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets</nowiki>"
+ "<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/GetAccountStatus</nowiki>"
+==== ias ====
+These URL strings were removed from nim with [15.0.0+].
+URLs:
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetChallenge</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Unregister</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetRegistrationInfo</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/CompleteETicketSync</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/AccountTransfer</nowiki>"
+ "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/SyncRegistration</nowiki>"
+== Services ==
+The URLs for general online service servers on the Switch usually follow one of these formats:
+ {server_name}.{environment}.{service_name}.srv.nintendo.net
+ {server_name}-{environment}.{service_name}.srv.nintendo.net
+Where:
+ {server_name}: One of the registered server names.
+ {environment}: "lp1" (production), "dd1" (development) or "sp1" (production lottest staging).
+ {service_name}: One of the various service names.
+=== Servers ===
+* "[[#aauth|aauth-%.ndas.srv.nintendo.net]]"
+* "[[#dauth|dauth-%.ndas.srv.nintendo.net]]"
+* "[[#znc|api-%.znc.srv.nintendo.net]]"
+* "api-%.pctl.srv.nintendo.net"
+* "api-%.frs.srv.nintendo.net"
+* "app-a04.%.npns.srv.nintendo.net"
+* "app-b01.%.npns.srv.nintendo.net"
+* "broker.%.npns.srv.nintendo.net"
+* "consumer.%.npns.srv.nintendo.net"
+* "[[BCAT_services#Data_reporting|receive-%.dg.srv.nintendo.net]]"
+* "[[Error_Upload_services|receive-%.er.srv.nintendo.net]]"
+* "nncs1-%.n.n.srv.nintendo.net"
+* "nncs2-%.n.n.srv.nintendo.net"
+* "g<game_server_id>-%.s.n.srv.nintendo.net"
+* [4.0.0+] "[[#migration|migration.%.scsi.srv.nintendo.net]]"
+* [6.0.0+] "[[#storage|storage.%.scsi.srv.nintendo.net]]"
+* [9.0.0+] "[[#storage|storage.%.sata.srv.nintendo.net]]"
+* [9.0.0+] "[[#permission|permission.%.sata.srv.nintendo.net]]"
+==== aauth ====
+Application authentication.
+URLs:
+ "<nowiki>https://aauth-%.ndas.srv.nintendo.net/v1/application_auth_token</nowiki>"
+ "<nowiki>https://aauth-%.ndas.srv.nintendo.net/v1/time</nowiki>"
+ [5.0.0+] "<nowiki>https://aauth-%.ndas.srv.nintendo.net/v2-44cd4221f90742b5f37a4948b37dacf024d0bb14dde86db0af20ec300a36a0fe/application_auth_token</nowiki>"
+ Replaces previous application_auth_token URL.
+==== dauth ====
+Device authentication.
+URLs:
+ "<nowiki>https://dauth-%.ndas.srv.nintendo.net/v1/device_auth_token</nowiki>"
+ CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "system_version=%08x&client_id=%s", <byte-swapped first 3 bytes from [[System_Version_Title]] loaded via [[Settings_services|settings]] cmd>, "<hard-coded hex string>");
+ [4.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/439528b578b74475d24ec19264097f17d2cc578c8584816b644e7b7fa93044d7/device_auth_token</nowiki>"
+ Replaces previous device_auth_token URL.
+ [5.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/device_auth_token</nowiki>"
+ Replaces previous device_auth_token URL.
+ [5.0.0+] "<nowiki>https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/challenge</nowiki>"
+ CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "key_generation=%u", 5);
+==== znc ====
+Used by the Switch Online app to get app data, like the list of game-specific services to display.
+==== app ====
+app-a04* uses XMPP with TLS over port 443, without HTTP. Sample request:
+<code><nowiki><?xml version="1.0"?><stream:stream to="app-a04.lp1.npns.srv.nintendo.net" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"></nowiki></code>
+==== migration ====
+[[Migration_services|Migration]] service storage.
+==== storage ====
+[[OLSC_services|OLSC]] service (.scsi) and repair service (.sata) storage.
+==== permission ====
+[[OLSC_services|OLSC]] repair service survey request.
+ <nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations</nowiki>
+ <nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations?survey_request_id=%llu</nowiki>
+ Request headers:
+ > User-Agent: libcurl (nnHttp; 789f928b-138e-4b2f-afeb-1acae821d897; SDK {x.x.x.x sdkver}; Add-on {x.x.x.x sdkver})
+ > Accept: */*
+ > X-Device-Token: {device-token from dauth for SATA}
+ > Content-Type: application/json
+ Response (without survey_request_id): {"survey_requests":[]}
+== Others ==
+Miscellaneous domains for various APIs and tests.
+=== Servers ===
+Account metadata:
+* "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com"
+* "accounts.nintendo.com"
+* "api.accounts.nintendo.com"
+* "c-%.accounts.nintendo.com"
+* "capi.%.op2.nintendo.net"
+News, friends and game content:
+* "bcat-topics-%.cdn.nintendo.net"
+* "bcat-list-%.cdn.nintendo.net"
+* "bcat-data-%.cdn.nintendo.net"
+* "bcat-web-%.cdn.nintendo.net"
+* "app.%.five.nintendo.net"
+* [6.0.0+] "scsi-policy-%.cdn.nintendo.net"
+NSO webapplet [11.0.0+]:
+* "%.nso.nintendo.net"
+* "atum-img-%.cdn.nintendo.net"
+Connection:
+* "ctest.cdn.nintendo.net" (replaces "conntest.nintendowifi.net")
+* "nasc.nintendowifi.net"
+Error and status:
+* "[[#service-status|service-status-%.cdn.nintendo.net]]"
+* "problems.dragons.nintendo.net"
+* "moon.nintendo.com"
+==== scsi-policy ====
+Used by [[OLSC_services|OLSC]] and [[Migration_services|migration]].
+URLs:
+ <nowiki>"https://scsi-policy-%.cdn.nintendo.net/api/nx/v1/save_data_migration_policy/%016llx/%05u?dtoken="</nowiki>
+* save_data_migration_policy: "%016llx" is the [[NCM_services#ApplicationId|ApplicationId]], "%05u" is version>>16 from [[NS_services#IApplicationVersionInterface|ns GetLaunchRequiredVersion]]. The value of dtoken is the dauth edge token for scsi. The request headers are: "User-Agent: libcurl (nnHttp;..." and "Accept: */*".
+** The response json is <code>{"save_data_migration": <str>}</code>, where <code><str></code> is "OK" or "NG" (other values trigger error).
+==== service-status ====
+[[Error_applet|Error applet]] status.
+URLs:
+ "<nowiki>https://service-status-%.cdn.nintendo.net/service_status_hac.json</nowiki>"
+= User-Agent =
+[[NIM_services|NIM]] generates two User-Agent strings:
+ snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; did:%016llx; eid:%s)", <string at [[System_Version_Title|sysver]]+0x68>, {u32 from [[System_Version_Title|sysver]]+4}, "NX", DeviceId, {[[Sockets_services#GetEnvironmentIdentifier|GetEnvironmentIdentifier]] output});
+ snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; eid:%s)", <string at [[System_Version_Title|sysver]]+0x68>, {u32 from [[System_Version_Title|sysver]]+4}, "NX", DeviceId, {[[Sockets_services#GetEnvironmentIdentifier|GetEnvironmentIdentifier]] output});
+Where the 64bit DeviceId is parsed from the 0x10-bytes at outbuf+0xC6 from [[Settings_services|set:cal]] GetEciDeviceCertificate (DeviceCert_certname+2, aka where the hex string for the DeviceId is).