getDomainDNSInfo — Retrieving DNS settings

The getDomainDNSInfo method retrieves all DNS information that SiteLock holds for a given site. This includes provisioning status, configuration status, nameservers, and all DNS records.

Request format

  • SiteLockOnlineRequest: This element is used to delineate the full API request.

    • authentication: The partner’s username, password, and branding

      • username: The partner’s API username

      • password: The partner’s API password

    • manageDomainDNS: The method name

      • site_id: The ID of the site for which to retrieve the DNS settings

Example request

<SiteLockOnlineRequest>
    <authentication>
        <user>Username</user>
        <password>Password</password>
     </authentication>
    <getDomainDNSInfo>
        <site_id>12</site_id>
    </getDomainDNSInfo>
</SiteLockOnlineRequest>

Response format

  • SiteLockOnlineResponse: This element is used to delineate the full API response.

    • getDomainDNSInfo: The method name

      • domain: The domain’s DNS information

        • configured: The status of the DNS service. The value can be one of the following:

          • 1: The DNS records are configured and the domain’s nameservers point to SiteLock.

          • 0: The DNS records aren’t yet configured. The SiteLock Dashboard will prompt the user to configure them.

        • dns_key_rotation: Specifies whether the DNSSEC keys are rotated by customer or partner. The default value is customer. This element is present if DNSSEC is enabled for the domain.

        • dnssec_enabled: Specifies whether DNSSEC is enabled (1) or disabled (0). By default, DNSSEC is disabled.

        • hostname: The domain name for which the DNS settings were retrieved

        • nameservers: A list of nameservers

          • nameserver: (Repeatable) A nameserver

        • records: A list of DNS records

          • record: (Repeatable) A DNS record

            • host: If the value is a subdomain, then the element contains the subdomain name. If it’s a domain, an empty value is returned.

            • priority: An integer value indicating the priority of the target domain. A smaller value indicates a higher priority. If there’s only one record, the priority isn’t applied.

            • target: The target IP address, domain, or subdomain. The value depends on the type of DNS record (see the type element).

            • ttl: The DNS TTL in seconds. The value can be one of the following:

              • 120: The record is cached for 120 seconds.

              • 300: The record is cached for 300 seconds.

              • 600: The record is cached for 600 seconds.

              • 1800: The record is cached for 1,800 seconds.

              • 3600: The record is cached for 3,600 seconds.

              • 21600: The record is cached for 21,600 seconds.

              • 43200: The record is cached for 43,200 seconds.

              • 86400: The record is cached for 86,400 seconds.

            • type: The type of DNS record. The value can be one of the following:

              • A: This record maps a domain or subdomain to an IPv4 address.

              • AAAA: This record maps a domain or subdomain to an IPv6 address.

              • ALIAS: This record maps a domain or subdomain to another domain or subdomain.

              • CAA: This record specifies the CA that is allowed to issue certificates for a domain. If no CAA record is present, any CA is allowed to issue a certificate for the domain.

              • CNAME: This record maps a domain or subdomain to another domain or subdomain. It’s used only when there are no other records for that name.

              • MX: This record specifies the mail server responsible for accepting email messages on behalf of a domain name.

              • NS: This record specifies which nameservers are authoritative for a domain.

              • TXT: This record allows domain administrators to insert text content into DNS records, for example, to prove domain ownership.

              • SRV: This record specifies the domain and port for specific services such as Voice over Internet Protocol (VoIP), instant messaging, and more.

              • DNSKEY: This record specifies the public zone signing key (ZSK) or key signing key (KSK) required for DNSSEC.

            • content: The public zone signing key (ZSK) or key signing key (KSK). The first number in the element’s value identifies whether it’s a ZSK (256) or KSK (257).

            • created_at: This timestamp indicates when the record was created

            • domain_id: For internal use only

            • external_zone_record_id: For internal use only

            • regions: For internal use only

            • system_record: For internal use only

            • updated_at: This timestamp indicates when the record was updated

            • uuid: A unique UUID string that identifies the DNS record

            • weight: A relative weight for records with the same priority. A higher value means more preferred. The value can be in the range of 0-65535.

            • port: The TCP or UDP port on which the service listens. The value can be in the range of 0-65535.

            • service: The symbolic name of the service in a SRV record.

            • protocol: The transport protocol of the service in a SRV record. This is usually either TCP or UDP.

            • flag: A flags byte implements an extensible signaling system for future use in CAA records. The value can be in the range of 0-255.

            • tag: The tag portion of a CAA record. The value can be one of the following:

              • issue: Authorizes a single certificate authority to issue a certificate of any type for the domain.

              • issuewild: Authorizes a single certificate authority to issue only a wildcard certificate for the domain.

              • iodef: Specifies the URL to which a certificate authority may report policy violations.

        • dsrecords: A list of DS records

          • dsrecord: (Repeatable) A DS record

            • algorithm: The algorithm that was used to generate the signature

            • created_at: This timestamp indicates when the record was created

            • digest: The hash value of the DNSKEY record (in hexadecimal format)

            • digest_type: The type of algorithm that was used to create the digest

            • keytag: A numerical value that identifies the referenced DNSKEY record

            • record_uuids: A list of UUID strings that identify the matching DNSKEY records

              • record_uuid: A UUID string that identifies the matching DNSKEY record. The value references the UUID of the DNSKEY record.

            • updated_at: This timestamp indicates when the record was updated

      • site_id: The ID of the site for which the DNS settings were retrieved

      • state: The status of the DNS add-on. The value can be one of the following:

        • pending: The add-on hasn’t been provisioned yet.

        • provisioned: The add-on has been provisioned.

      • webhook_url: The webhook URL for receiving event notifications. The webhook URL is present if DNSSEC key rotation is managed by the partner (the value of dns_key_rotation is partner).

      • status: The status of the request, either ok or error

Example response

<SiteLockOnlineResponse>
    <getDomainDNSInfo>
        <domain>
            <configured>0</configured>
            <dns_key_rotation>partner</dns_key_rotation>
            <dnssec_enabled>1</dnssec_enabled>
            <hostname>example.com</hostname>
            <nameservers>
                <nameserver>ns1.sitelocksecure.com</nameserver>
                <nameserver>ns2.sitelocksecure.com</nameserver>
                <nameserver>ns3.sitelocksecure.com</nameserver>
                <nameserver>ns4.sitelocksecure.com</nameserver>
            </nameservers>
            <records>
                <record>
                    <host>a</host>
                    <priority>0</priority>
                    <target>108.179.226.51</target>
                    <ttl>3600</ttl>
                    <type>A</type>
                    <uuid>f0f4eda0-3f47-45c1-8ba8-092f41193314</uuid>
                </record>
                <record>
                    <host>docs</host>
                    <priority>0</priority>
                    <target>108.179.209.51</target>
                    <ttl>1800</ttl>
                    <type>A</type>
                    <uuid>28c758ae-537f-406b-b13f-cd566dd489ab</uuid>
                </record>
                <record>
                    <name />
                    <content>256 3 8 AwEAAck+DuFUsuy36pE8M83qIXXwAjBmS8wRyS4VNyo/rT7ons3XRN2rbH1fUtTeyCXR0VL4LeNdScJaOkHjbCLKX05zEuh3kB+HGISUhd0t25K0kDXlS5wIzDHyWtA93Iz4ahOO7cTGGAy9L7gKDN29nz77tsBFtQoGNA92nvFY5Vah</content>
                    <created_at>2022-05-23T20:04:02.080126Z</created_at>
                    <domain_id>73a640ec-25be-4824-8082-f64238acaae2</domain_id>
                    <external_zone_record_id>2705706</external_zone_record_id>
                    <priority>0</priority>
                    <regions>global</regions>
                    <system_record>1</system_record>
                    <ttl>3600</ttl>
                    <type>DNSKEY</type>
                    <updated_at>2022-05-23T20:04:02.080126Z</updated_at>
                    <uuid>710a7e6e-c49d-4025-a8e7-3a365a5476a8</uuid>
                </record>
                <record>
                    <name />
                    <content>257 3 8 AwEAAcB6CaloD653iEG5Bct6V22s/4tAtHmeP3V6eqArj6n3G4dKwYCSiC0WYtYsIQXkmmD1MFw90k/w/B/3jRFh18HL4SKl+CvjLuDxdKNkDAxk/1Nsbg/QiHn2JmyXF3d1NIKK1/DMQ8nsj19Vgab+qaKu6+X4ZEq+qgWH57tl+sWCQ3qLoKmWfD3HD+eZsRhtsvtHeknbWVnrMQC5SSPGRdE=</content>
                    <created_at>2022-05-23T20:04:02.077159Z</created_at>
                    <domain_id>73a640ec-25be-4824-8082-f64238acaae2</domain_id>
                    <external_zone_record_id>2705705</external_zone_record_id>
                    <priority>0</priority>
                    <regions>global</regions>
                    <system_record>1</system_record>
                    <ttl>3600</ttl>
                    <type>DNSKEY</type>
                    <updated_at>2022-05-23T20:04:02.077159Z</updated_at>
                    <uuid>e1490fb0-0e3f-47e0-a5cb-7a90f37a0170</uuid>
                </record>
            </records>
            <dsrecords>
                <dsrecord>
                    <algorithm>8</algorithm>
                    <created_at>2022-05-23T20:04:01Z</created_at>
                    <digest>3F34EFB6AE1A70C897DF60DEB790512E0CAB929B8550BFC383A1075622AC2C89</digest>
                    <digest_type>2</digest_type>
                    <keytag>13534</keytag>
                    <record_uuids>
                        <record_uuid>710a7e6e-c49d-4025-a8e7-3a365a5476a8</record_uuid>
                        <record_uuid>e1490fb0-0e3f-47e0-a5cb-7a90f37a0170</record_uuid>
                    </record_uuids>
                    <updated_at>2022-05-23T20:04:01Z</updated_at>
                </dsrecord>
            </dsrecords>
        </domain>
        <site_id>29839460</site_id>
        <state>provisioned</state>
        <webhook_url>https://webhook.domain.com/</webhook_url>
        <status>ok</status>
    </getDomainDNSInfo>
</SiteLockOnlineResponse>