diff --git a/octodns/provider/dnsimple.py b/octodns/provider/dnsimple.py
index e3b0a20..f83098e 100644
--- a/octodns/provider/dnsimple.py
+++ b/octodns/provider/dnsimple.py
@@ -30,16 +30,19 @@ class DnsimpleClientUnauthorized(DnsimpleClientException):
 
 
 class DnsimpleClient(object):
-    BASE = 'https://api.dnsimple.com/v2/'
 
-    def __init__(self, token, account):
+    def __init__(self, token, account, sandbox):
         self.account = account
         sess = Session()
         sess.headers.update({'Authorization': 'Bearer {}'.format(token)})
         self._sess = sess
+        if sandbox:
+            self.base = 'https://api.sandbox.dnsimple.com/v2/'
+        else:
+            self.base = 'https://api.dnsimple.com/v2/'
 
     def _request(self, method, path, params=None, data=None):
-        url = '{}{}{}'.format(self.BASE, self.account, path)
+        url = '{}{}{}'.format(self.base, self.account, path)
         resp = self._sess.request(method, url, params=params, json=data)
         if resp.status_code == 401:
             raise DnsimpleClientUnauthorized()
@@ -89,17 +92,19 @@ class DnsimpleProvider(BaseProvider):
         token: letmein
         # Your account number (required)
         account: 42
+        # Use sandbox (optional)
+        sandbox: true
     '''
     SUPPORTS_GEO = False
     SUPPORTS_DYNAMIC = False
     SUPPORTS = set(('A', 'AAAA', 'ALIAS', 'CAA', 'CNAME', 'MX', 'NAPTR', 'NS',
                     'PTR', 'SPF', 'SRV', 'SSHFP', 'TXT'))
 
-    def __init__(self, id, token, account, *args, **kwargs):
+    def __init__(self, id, token, account, sandbox=False, *args, **kwargs):
         self.log = logging.getLogger('DnsimpleProvider[{}]'.format(id))
         self.log.debug('__init__: id=%s, token=***, account=%s', id, account)
         super(DnsimpleProvider, self).__init__(id, *args, **kwargs)
-        self._client = DnsimpleClient(token, account)
+        self._client = DnsimpleClient(token, account, sandbox)
 
         self._zone_records = {}
 
diff --git a/requirements.txt b/requirements.txt
index eadad34..0ff0f7f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,8 @@
 PyYaml==5.3
 azure-common==1.1.24
 azure-mgmt-dns==3.0.0
-boto3==1.11.9
-botocore==1.14.9
+boto3==1.11.13
+botocore==1.14.13
 dnspython==1.16.0
 docutils==0.16
 dyn==1.8.1
@@ -14,13 +14,13 @@ ipaddress==1.0.23
 jmespath==0.9.4
 msrestazure==0.6.2
 natsort==6.2.1
-ns1-python==0.13.0
+ns1-python==0.14.0
 ovh==0.5.0
 pycountry-convert==0.7.2
 pycountry==19.8.18
 python-dateutil==2.8.1
 requests==2.22.0
-s3transfer==0.3.2
+s3transfer==0.3.3
 setuptools==44.0.0
 six==1.14.0
 transip==2.0.0
diff --git a/tests/test_octodns_provider_dnsimple.py b/tests/test_octodns_provider_dnsimple.py
index e3a9b8d..b918962 100644
--- a/tests/test_octodns_provider_dnsimple.py
+++ b/tests/test_octodns_provider_dnsimple.py
@@ -38,7 +38,13 @@ class TestDnsimpleProvider(TestCase):
             break
 
     def test_populate(self):
+
+        # Sandbox
+        provider = DnsimpleProvider('test', 'token', 42, 'true')
+        self.assertTrue('sandbox' in provider._client.base)
+
         provider = DnsimpleProvider('test', 'token', 42)
+        self.assertFalse('sandbox' in provider._client.base)
 
         # Bad auth
         with requests_mock() as mock: