TSIGKeys¶

New in version 4.2.0.

TSIGKeys can be manipulated via the API.

TSIGKey Endpoints¶

GET /servers/{server_id}/tsigkeys¶

Get all TSIGKeys on the server, except the actual key

Parameters:	server_id (string) – The id of the server
Status Codes:	200 OK – List of TSIGKey objects Returns: array of `TSIGKey` objects 400 Bad Request – The supplied request was not valid Returns: `Error` object 404 Not Found – Requested item was not found Returns: `Error` object 422 Unprocessable Entity – The input to the operation was not valid Returns: `Error` object 500 Internal Server Error – Internal server error Returns: `Error` object

POST /servers/{server_id}/tsigkeys¶

Add a TSIG key

This methods add a new TSIGKey. The actual key can be generated by the server or be provided by the client

Parameters:

server_id (string) – The id of the server

Status Codes:

201 Created – Created Returns: TSIGKey object
400 Bad Request – The supplied request was not valid Returns: Error object
404 Not Found – Requested item was not found Returns: Error object
409 Conflict – An item with this name already exists Returns: Error object
422 Unprocessable Entity – The input to the operation was not valid Returns: Error object
500 Internal Server Error – Internal server error Returns: Error object

GET /servers/{server_id}/tsigkeys/{tsigkey_id}¶

Get a specific TSIGKeys on the server, including the actual key

Parameters:	server_id (string) – The id of the server to retrieve the key from tsigkey_id (string) – The id of the TSIGkey. Should match the “id” field in the TSIGKey object
Status Codes:	200 OK – OK. Returns: `TSIGKey` object 400 Bad Request – The supplied request was not valid Returns: `Error` object 404 Not Found – Requested item was not found Returns: `Error` object 422 Unprocessable Entity – The input to the operation was not valid Returns: `Error` object 500 Internal Server Error – Internal server error Returns: `Error` object

PUT /servers/{server_id}/tsigkeys/{tsigkey_id}¶

The TSIGKey at tsigkey_id can be changed in multiple ways:

Changing the Name, this will remove the key with tsigkey_id after adding.
Changing the Algorithm
Changing the Key

Only the relevant fields have to be provided in the request body.

Parameters:

server_id (string) – The id of the server to retrieve the key from
tsigkey_id (string) – The id of the TSIGkey. Should match the “id” field in the TSIGKey object

Status Codes:

200 OK – OK. TSIGKey is changed. Returns: TSIGKey object
400 Bad Request – The supplied request was not valid Returns: Error object
404 Not Found – Requested item was not found Returns: Error object
409 Conflict – An item with this name already exists Returns: Error object
422 Unprocessable Entity – The input to the operation was not valid Returns: Error object
500 Internal Server Error – Internal server error Returns: Error object

DELETE /servers/{server_id}/tsigkeys/{tsigkey_id}¶

Delete the TSIGKey with tsigkey_id

Parameters:	server_id (string) – The id of the server to retrieve the key from tsigkey_id (string) – The id of the TSIGkey. Should match the “id” field in the TSIGKey object
Status Codes:	204 No Content – OK, key was deleted 400 Bad Request – The supplied request was not valid Returns: `Error` object 404 Not Found – Requested item was not found Returns: `Error` object 422 Unprocessable Entity – The input to the operation was not valid Returns: `Error` object 500 Internal Server Error – Internal server error Returns: `Error` object

Objects¶

TSIGKey¶

A TSIG key that can be used to authenticate NOTIFY, AXFR, and DNSUPDATE queries.

Object Properties:
	name (string) – The name of the key id (string) – The ID for this key, used in the TSIGkey URL endpoint. algorithm (string) – The algorithm of the TSIG key key (string) – The Base64 encoded secret key, empty when listing keys. MAY be empty when POSTing to have the server generate the key material type (string) – Set to “TSIGKey”

Examples¶

Generating a new TSIG key¶

POST /servers/localhost/tsigkeys HTTP/1.1
X-Api-Key: secret
Content-Type: application/json

{"name": "mytsigkey", "algorithm": "hmac-sha256"}

Will yield a response similar to this (several headers omitted):

HTTP/1.1 201 Created
Content-Type: application/json

{"algorithm": "hmac-sha256", "id": "mytsigkey.", "key": "ayZmdUpT5xh7H21p3UUHJWZgF2F2jNncqx5SQkRIWbqReuwieiVBG8jtEieb/njCbjrLtQkjVsgoiKCtsqNsdQ==", "name": "mytsigkey", "type": "TSIGKey"}

Modifying the key material¶

PUT /servers/localhost/tsigkeys/mytsigkey. HTTP/1.1
X-Api-Key: secret
Content-Type: application/json

{"name": "mytsigkey", "key": "GQNyFy1QagMUarHmiSgsIJajghdTGJGVcN5TRVwgbclzxGyhQR1uYLCOyJ/uj9uj12jyeLwzJuW12wCI9PYv7Q=="}

HTTP/1.1 200 Ok
Content-Type: application/json

{"algorithm": "hmac-sha256", "id": "mytsigkey.", "key": "GQNyFy1QagMUarHmiSgsIJajghdTGJGVcN5TRVwgbclzxGyhQR1uYLCOyJ/uj9uj12jyeLwzJuW12wCI9PYv7Q==", "name": "mytsigkey", "type": "TSIGKey"}

Previous topic

Next topic

Contents

This Page