## TSIG-ALLOW-DNSUPDATE
This setting allows you to set the TSIG key required to do an [DNS update](dnsupdate.md). If
[GSS-TSIG](tsig.md#gss-tsig) is enabled, you can put kerberos principals here as well.
+
+## Extra metadata
+Through the API and on the [`pdnsutil set-meta`](dnssec.md#pdnsutil) commandline, metadata unused by PowerDNS can be added.
+It is mandatory to prefix this extra metadata with "X-" and the name of the external application; the API will only allow this metadata if it starts with "X-".
Clients MUST NOT modify `NSEC3PARAM`, `NSEC3NARROW`, `PRESIGNED` and
`LUA-AXFR-SCRIPT` through this interface. The server rejects updates to
-these metadata. Modifications to custom metadata kinds are rejected
-through this interface.
+these metadata. Modifications to custom metadata kinds starting with `X-` is allowed as well.
URL: /api/v1/servers/:server\_id/zones/:zone\_name/metadata
self.assertEquals(r.status_code, 200)
self.assertEquals(rdata["metadata"], [])
+ def test_create_external_zone_metadata(self):
+ payload_metadata = {"metadata": ["My very important message"]}
+ r = self.session.put(self.url("/api/v1/servers/localhost/zones/example.com/metadata/X-MYMETA"),
+ data=json.dumps(payload_metadata))
+ self.assertEquals(r.status_code, 200)
+ rdata = r.json()
+ self.assertEquals(rdata["metadata"], payload_metadata["metadata"])
+
def test_create_slave_zone(self):
# Test that nameservers can be absent for slave zones.
name, payload, data = self.create_zone(kind='Slave', nameservers=None, masters=['127.0.0.2'])