POST - Create a DS record in a zone

Purpose

This API call is designed to create a Delegate Signature (DS) record in a zone within a Windows DNS cluster environment.

Request URL 

Method: POST

https://{appconsole_IP}:{9443}/api/dns/zone/{zone_pk}/DS/

Request Headers

The following headers must be included in the API request for successful authentication and data submission:

Authorization: DDI Central's OAuth implementation uses the Bearer authentication scheme. Hence, while making API calls, access_token obtained via the OAuth 2.0 Client Credentials Grant must be included in the Authorization header of API requests. This token verifies the client’s identity and ensures appropriate permissions for accessing resources.

The Authorization Header follows the format below:

headers = { "Authorization": "Bearer {bearer_tk}" }


Content-Type: Required in the header to indicate the media type of the resource being sent. It helps the server at the receiving end understand how to process the transmitted request body.

The Content-Type Header follows the format below:

headers ={ "Content-Type": "application/json" }

Path Parameters

  • zone_pk* long
    • This denotes the unique identifier for the zone.

Request Body

  • domain_name*  string
    •  Specifies the full domain name for which DNS records are being set up.
  • domain_ttl*  int
    •  Defines the Time to Live (TTL) value of the domain name that should be cached by DNS resolvers.
  • zone_name*  string
    •  Represents the main domain or DNS zone this record belongs to.
  • cluster_name*  string
    •  Denotes a specific server cluster where the domain should resolve.
  • records*  an array of string

      A list of DS record objects containing cryptographic data for DNSSEC validation.

    • -keyTag:Identifier for the DNSSEC key, used to match the DS record with its corresponding DNSKEY record.
    • -algorithm:Algorithm number used by the DNSSEC key.
    • -digestType:Digest algorithm type used to create the cryptographic hash.
    • -digest:Cryptographic hash of the DNSKEY record, ensuring the chain of trust between parent and child zones.

 

- Mandatory parameter.

 

 

Sample Request

Copied
Copied{
   "domain_name":"ds35.hellotest109.com.",
   "domain_ttl":86400,
   "zone_name":"hellotest109.com.",
   "cluster_name":"newcluster7",
   "records":[
      {
         "keyTag":2,
         "algorithm":5,
         "digestType":4,
         "digest":"81427470f1c5765d537e2a54b3782b0c519dcf19cd1156a2b67f668fd3f4e94ad36e737b3992ebec64a695fc2d1a670f"
      }
   ]
}

Sample Response

Copied
Copied{
   "ds_domain_id":152,
   "zone_id":5867,
   "domain_name":"ds35.hellotest109.com.",
   "domain_ttl":86400,
   "zone_name":"hellotest109.com.",
   "cluster_name":"wincluster-zoho",
   "records":[
      {
         "keyTag":2,
         "algorithm":5,
         "digestType":4,
         "digest":"81427470f1c5765d537e2a54b3782b0c519dcf19cd1156a2b67f668fd3f4e94ad36e737b3992ebec64a695fc2d1a670f"
      }
   ]
}