Overview
Certain .CO domain names have pre-generated authInfo codes associated with them by the Registry. These domains remain available for registration but can only be registered by a Registrar that includes the correct authInfo code in the EPP create command.
How Pre-Generated authInfo Codes Work
The Registry assigns an authInfo code to a specific domain name. The domain appears as available in standard checks (avail=1). However, a domain:create command will only succeed if the correct authInfo code is supplied in the domain:pw element of the create command.
Who Gets the Code?
Pre-generated authInfo codes are typically distributed by the Registry to a specific registrant, who then presents the code to their preferred Registrar. The code can be used by any accredited Registrar — it is not locked to a specific Registrar.
After Successful Registration
Once the domain is successfully registered, the sponsoring Registrar may use the domain:update command to change the authInfo code according to their own security policies.
Common Questions
Can I check if a domain requires an authInfo code? Not via EPP check — the domain will still show as available. You will only discover the requirement when the create command fails without the code.
What if I have the wrong code? The domain:create command will fail. Obtain the correct code from the registrant or the Registry.