Authentication System
We only require authentication on the domain registration and modification systems, since the whois and search systems are already freely available elsewhere. You will need to provide to CGI parameters, user and password.
The user parameter is the Registrar ID you would normally use on the Registrar Console, for example H12345.
The password field contains your Toolkit password. This is not the password you use to log in to the Registrar Console. However you can retrieve your Toolkit password by logging in to the Registrar Console.
Legacy Parameters
Before it became mandatory to use SSL to access authenticated commands, registrars were obliged to encrypt the password field using the one-way crypt() function. This behaviour is still supported, but its use is not recommended for new code.