Switchy
Sign up
otherapi_key

Nextdns

NextDNS is a DNS service that enhances internet security and privacy by blocking malicious websites, tracking scripts, and ads before they reach your device.

Verdict

NextDNS is a DNS filtering and security service that blocks ads, trackers, and malicious domains at the network level. This MCP exposes 43 tools to manage DNS profiles, blocklists, allowlists, and query logs directly from Switchy. Teams can @mention NextDNS to create filtering policies, audit DNS traffic, or troubleshoot connectivity issues without leaving their workspace. Most useful for IT admins, security teams, and anyone managing network-level content filtering. Requires an API key from your NextDNS account dashboard — setup takes under two minutes.

Common use cases

  • Block malicious domains across office network
  • Audit DNS queries for security incidents
  • Create filtering profiles for remote teams
  • Export logs for compliance reporting
  • Troubleshoot blocked domains in real time

Integration

Vendor
Nextdns
Category
other
Auth
API_KEY
Tools
43
Composio slug
nextdns

Tools

  • Add Blocked TLD

    Tool to add a top-level domain to the security blocklist for a nextdns profile. use after listing current security settings to ensure the tld is not already blocked.

  • Add Denylist Domain

    Tool to add a domain to the denylist of a nextdns profile. use when blocking specific domains under a profile after obtaining its id.

  • Clear Logs

    Tool to clear dns logs for a nextdns profile. use when you want to remove all existing query logs for a given profile. note: this operation cannot be undone.

  • Create Profile

    This tool allows users to create a new nextdns profile. it uses the post method at the endpoint https://api.nextdns.io/profiles. a profile is a distinct configuration set for dns filtering and security settings.

  • Delete NextDNS Configuration
    destructive

    Tool to delete a nextdns configuration profile. use when you need to remove an existing profile by its id. use after confirming the profile exists.

  • Download Logs

    Tool to download dns logs for a profile. use when you need the url of the exported logs. use after confirming the profile id is valid. supports getting a redirect url or json.

  • Get Analytics Devices

    Tool to retrieve analytics aggregated by devices. use when you need per-device query metrics within a specific time frame.

  • Get Analytics Domains

    Tool to retrieve analytics data for domains within a specific profile. use after confirming the profile id to get per-domain query stats.

  • Get Analytics IPs

    Tool to retrieve analytics aggregated by client ip addresses. use when you need to analyze dns query distribution per client ip for a given profile.

  • Get Analytics IP Versions

    Tool to retrieve analytics grouped by ip version within a specific profile. use after you have a profile id to see ipv4 vs ipv6 query counts.

  • Get Analytics Query Types

    Tool to retrieve dns query counts broken down by query type. use after selecting a profile and specifying date filters to analyze distribution by type.

  • Get Analytics Reasons

    Tool to retrieve dns query counts broken down by classification reason. use after selecting a profile and specifying date filters to analyze reason distribution.

  • Get Analytics Status

    Tool to retrieve analytics status for a specific profile. use when you need counts of dns queries broken down by status categories.

  • Get Logs

    Tool to retrieve logs for a specific nextdns profile with optional filters. use after confirming the profile id to fetch raw or filtered dns logs.

  • Get Monthly Queries

    Tool to get the number of dns queries made in the current month for a profile. use after selecting a profile.

  • Get Profile Details

    Retrieves the details of a specific nextdns profile. it requires a 'profileid' as a path parameter and returns the profile details including name, security, privacy, parental control, denylist, allowlist, and general settings.

  • Get Setup Info

    Tool to get setup information for a provided configuration (profile). use after obtaining a profile id to fetch its current settings.

  • List Configurations

    Tool to list all configurations (profiles) available on the nextdns account. use after authenticating to page through profiles.

  • List Denylist Domains

    Tool to list domains in the denylist for a profile. use after confirming the profile id to review all blocked domains. example: "list denylist domains for profile abc123."

  • List Security Settings

    Tool to list current security options for a nextdns configuration. use after obtaining the configuration id to review active security settings.

  • List Settings

    Tool to list settings for a nextdns profile. use when auditing or inspecting all enabled settings before applying changes.

  • Log Client IPs

    Tool to enable or disable logging of client ips for a nextdns configuration. use when you need to toggle whether client ips are recorded in dns logs.

  • NextDNS Login

    Tool to authenticate to the nextdns api. use when you have an api key and need to verify credentials and obtain session headers and cookies for subsequent requests.

  • Remove Blocked TLD
    destructive

    Tool to remove a top-level domain from the security blocklist for a nextdns profile. use after listing current security settings to confirm the tld is currently blocked.

  • Remove Denylist Domain
    destructive

    Tool to remove a domain from a profile's denylist. use after confirming the domain is currently denied to clean it up.

  • Rename Configuration

    Tool to rename a nextdns configuration (profile). use when you need to update a profile's name after obtaining its id. example: renameconfig(name="home profile", config id="d46a5b")

  • Set AI Threat Detection

    Tool to enable or disable ai threat detection for a nextdns configuration. use after listing security settings to toggle the ai detection flag.

  • Set CSAM Blocking

    Tool to enable or disable blocking of child sexual abuse material domains for a nextdns profile. use when updating security settings after obtaining the profile id.

  • Set DNS Rebinding Protection

    Tool to enable or disable dns rebinding protection for a nextdns configuration. use when toggling dns rebinding protection after reviewing current security settings.

  • Set Homograph Protection

    Tool to enable or disable homograph attack protection for a nextdns configuration. use when toggling idn homograph filtering after listing security settings.

  • Set Newly Registered Domains

    Tool to enable or disable blocking of newly registered domains for a nextdns profile. use when updating security settings after obtaining the profile id.

  • Set Safe Browsing

    Tool to enable or disable google safe browsing for a nextdns configuration. use when toggling malware and phishing protection after reviewing current security settings.

  • Toggle Block Page

    Tool to enable or disable block page for a configuration. use when you need to toggle whether dns blocks show a block page.

  • Toggle Cryptojacking Protection

    Tool to enable or disable cryptojacking protection for a nextdns configuration. use when toggling unauthorized crypto mining protection after listing security settings.

  • Toggle DGA Protection

    Tool to enable or disable dga (domain generation algorithm) protection for a nextdns configuration. use when toggling algorithm-generated domains protection after listing security settings.

  • Toggle Domain Logging

    Tool to enable or disable logging of domains for a nextdns profile. use after retrieving profile settings when you need to adjust domain logging. example: "enable domain logging for profile abc123."

  • Toggle Parked Domains Blocking

    Tool to enable or disable blocking of parked domains for a nextdns configuration. use when toggling parked domain blocking after listing security settings.

  • Toggle Threat Intelligence Feeds

    Tool to enable or disable real-time threat intelligence feeds for a nextdns configuration. use after listing security settings to toggle the threatintelligencefeeds flag.

  • Toggle Typosquatting Protection

    Tool to enable or disable typosquatting protection for a nextdns configuration. use after listing security settings to toggle the typosquatting flag.

  • Update linked IP

    Tool to update the linked ip for a nextdns profile. use after retrieving the profile setup to apply the current ip to the profile.

  • Update Performance Settings

    Tool to update performance settings of a nextdns profile. use when adjusting performance optimizations after reviewing current settings.

  • Update Privacy Settings

    Tool to update privacy settings for a profile. use when you need to change blocklists, native trackers, disguisedtrackers, or allowaffiliate in one call.

  • Update Profile

    Tool to update an existing profile. use after retrieving a profile's current settings to apply changes.

Setup

Setup guide

  1. 11. Open your NextDNS account at my.nextdns.io and navigate to Account → API. 2. Generate a new API key and copy it to your clipboard. 3. In Switchy, click Integrations in the left sidebar, then find NextDNS and click Connect. 4. Paste your API key into the prompt and click Authorize. 5. Switchy confirms the connection and lists your existing profiles. 6. Open any Space and type '@NextDNS list my profiles' to verify the integration works. 7. The MCP returns your profile IDs and names — you'll reference these IDs in subsequent commands. 8. To test a write operation, try '@NextDNS add example.com to the denylist for profile abc123' (replace abc123 with a real profile ID). 9. Check your NextDNS dashboard to confirm the domain appears in the blocklist. 10. You're ready to manage DNS filtering from Switchy.

What teammates see: by default, memories from Nextdns are scoped to the Space (PROJECT visibility) - you can mark any memory PRIVATE or share it ORG-wide.

Works well with

Top models

Compatibility data appears once enough Spaces have used this MCP together with a given model.

How Switchy teams use it

Not enough Spaces yet to publish anonymised usage stats (we require ≥ 50 Spaces per week).

Starter prompts

List All Profiles

@NextDNS list all my profiles with their IDs and current settings
Open in a Space →

Block a Domain

@NextDNS add tracker.example.com to the denylist for profile abc123
Open in a Space →

Review Query Analytics

@NextDNS show me domain analytics for profile abc123 over the past 24 hours
Open in a Space →

Export DNS Logs

@NextDNS download the DNS logs for profile abc123 and give me the export URL
Open in a Space →

Create New Profile

@NextDNS create a new profile named 'Remote Team' with default security settings
Open in a Space →

Example outputs

Illustrative - representative of the model's voice and quality, not literal recordings.

Prompt

@nextdns show me which devices made the most DNS queries in the last 24 hours on my home profile

Output

Based on the analytics for your home profile, here's the device breakdown for the last 24 hours: 1. iPhone-Living-Room: 8,342 queries (42% of total) 2. Work-Laptop: 4,156 queries (21%) 3. Smart-TV: 3,891 queries (19%) 4. iPad-Kitchen: 2,203 queries (11%) 5. Security-Camera-Front: 1,408 queries (7%) The iPhone shows unusually high query volume — likely background app refresh or a misbehaving app. Would you like me to drill into which domains that device is hitting most frequently?

Notes

This example demonstrates the analytics retrieval capability. You'll need your profile ID handy (visible in the NextDNS dashboard). The MCP returns aggregated metrics, not real-time streams — expect a few minutes' delay for recent queries to appear in analytics.

Prompt

@nextdns block all .zip and .mov domains on my family profile to prevent phishing attacks

Output

I've added both TLDs to your family profile's security blocklist: ✓ .zip — now blocked ✓ .mov — now blocked Any DNS queries for domains ending in these TLDs will be blocked at the DNS level across all devices using this profile. This prevents browsers from even resolving addresses like malicious-file.zip or fake-video.mov, which are commonly used in phishing campaigns. The block takes effect immediately for all connected devices.

Notes

This showcases the security configuration capability. Adding TLDs to the blocklist is a write operation — it modifies your live DNS filtering rules. Before running this, confirm you won't break legitimate services (some companies use .mov for internal tools). Changes propagate within seconds.

Prompt

@nextdns my kid's tablet has been slow lately — pull the last week of DNS logs and tell me if any domains are being hit excessively

Output

I've downloaded the DNS logs for your kid's tablet profile (last 7 days). Analysis shows one domain is responsible for 64% of all queries: **ads.mobile-game-network.com** — 18,429 queries This is an ad-serving domain from a mobile game. The game is making requests every 8-12 seconds, even when backgrounded. This constant polling degrades battery life and can slow the device. I recommend adding this domain to your denylist or uninstalling the app. Would you like me to block it now?

Notes

This example pairs the log-download tool with AI reasoning to surface insights. Note that clearing logs is permanent and cannot be undone — the MCP will warn you before executing that operation. Log exports can be large; the MCP provides a download URL rather than inline JSON for multi-day ranges.

Use-case deep-dives

School IT filtering at district scale

When NextDNS MCP makes sense for multi-site DNS policy

A 12-person IT team managing DNS filtering across 8 schools needs to block new malware domains fast and audit which sites students hit most. The NextDNS MCP is the right call here because it exposes profile-level denylist and analytics tools that let the team script policy updates across all sites from a shared Switchy workspace. The 43 tools cover the full CRUD loop: create profiles per campus, add blocked TLDs in bulk, pull per-device analytics, and clear logs after each audit cycle. The API key auth means no OAuth dance for each team member. The threshold: if your team only touches DNS settings once a quarter, the MCP is overkill—just use the NextDNS dashboard. But if you're triaging new block requests daily or running monthly compliance reports, scripting through Switchy cuts the manual work by half. Start with the Get Analytics Domains and Add Denylist Domain tools to handle the most common requests.

MSP client DNS troubleshooting

How the NextDNS MCP speeds up per-client log pulls

A 3-person managed service provider supports 40 small-business clients, each with their own NextDNS profile. When a client reports "the internet is slow" or "I can't reach this vendor site," the team needs to pull DNS logs fast and check if a blocklist rule is the culprit. The NextDNS MCP wins here because the Download Logs and Get Analytics Domains tools let the team query any client's profile from one Switchy workspace without logging into 40 separate dashboards. The trade-off: if your clients are on different DNS providers, this MCP only helps for the NextDNS subset. And if you're pulling logs more than twice a week per client, consider whether NextDNS's log retention limits (varies by plan) will bite you. For typical break-fix work, though, the MCP turns a 5-minute dashboard hunt into a 30-second Switchy query. Pair it with the Clear Logs tool to reset after each troubleshooting session.

Remote team parental control sync

Why this MCP is borderline for family DNS management

A fully remote 6-person startup wants to help employees set up NextDNS profiles for their kids' devices and share best-practice blocklists across the team. The NextDNS MCP could work—Create Profile and Add Blocked TLD let the team script new profiles and share denylist templates in Switchy—but it's a stretch. The 43 tools are built for admin-level DNS ops, not end-user parental controls, so most of the toolset (analytics aggregation, log exports, profile deletion) won't get used. The real threshold: if your team is already using NextDNS for corporate filtering and wants to extend the same policies to home networks, the MCP makes sense. If this is purely a personal-use case with no overlap to work DNS, the NextDNS web UI is simpler and doesn't require API key management. Use the MCP only if you're treating family DNS as an extension of your team's security posture.

Frequently asked

What does the NextDNS MCP let me do in Switchy?

It lets your team manage DNS filtering profiles, block domains or TLDs, pull query analytics by device or domain, and download logs. You can create new profiles, modify security settings, and clear logs — all without leaving Switchy. Useful if you run DNS-level ad blocking or security policies across multiple devices or locations.

Do I need a NextDNS paid plan to use this MCP?

You need a NextDNS account and an API key, which you generate in your NextDNS dashboard. The free tier supports up to 300,000 queries per month; beyond that you'll need a paid plan. The MCP itself doesn't impose extra limits, but your NextDNS subscription does.

Can the NextDNS MCP block specific websites for my team?

Yes. Use the Add Denylist Domain tool to block individual domains or Add Blocked TLD to block entire top-level domains like .xyz or .tk. Changes apply to whichever profile you specify, so you can enforce different policies for different device groups or office locations.

Why use this MCP instead of the NextDNS dashboard?

The MCP lets you script or automate DNS policy changes alongside other workflows in Switchy — for example, blocking a domain immediately after a security alert from another integration. If you only tweak settings once a month, the dashboard is fine; if you need programmatic control, the MCP saves time.

Who on my team should connect the NextDNS MCP?

Whoever manages your DNS filtering or network security. That person generates the API key in NextDNS and pastes it into Switchy. Once connected, anyone with workspace access can run the tools, so limit workspace membership if you want to restrict who can modify blocklists or clear logs.

Data last verified 607 hours ago.Sources aggregated hourly to weekly. See docs/architecture/model-directory.md.