This API creates a new TSIG (Transaction Signature) key for securing DNS zone transfers and updates within a specified cluster. TSIG keys ensure secure communication between DNS servers by authenticating DNS messages. It supports multiple algorithms to provide flexibility with different hashing mechanisms, ensures that only trusted servers can exchange DNS data, and prevents unauthorized DNS updates and zone transfers. This API strengthens DNS security by enforcing TSIG-based authentication, ensuring trusted and encrypted communication between DNS servers within a cluster.
Method: POST
https://{appconsole_IP}:{9443}/api/dns/tsig/
The following headers must be included in the API request for successful authentication and data submission:
Authorization: DDI Central's OAuth implementation uses the Bearer authentication scheme. Hence, while making API calls, access_token obtained via the OAuth 2.0 Client Credentials Grant must be included in the Authorization header of API requests. This token verifies the client’s identity and ensures appropriate permissions for accessing resources.
The Authorization Header follows the format below:
headers = { "Authorization": "Bearer {bearer_tk}" }
Content-Type: Required in the header to indicate the media type of the resource being sent. It helps the server at the receiving end understand how to process the transmitted request body.
The Content-Type Header follows the format below:
headers ={ "Content-Type": "application/json" }
"chennai2"."tsig13"."HMAC-MD5""HMAC-SHA1""HMAC-SHA256""HMAC-MD5"."yCPav0xvvdJQbQuFF8LxBw==".
* - Mandatory parameter.
Copied
{
"cluster_name":"chennai2",
"key_name":"tsig13",
"algorithm":"HMAC-MD5",
"secret_key":"yCPav0xvvdJQbQuFF8LxBw=="
}
Copied
{
"message":"Tsig key added successfully."
}