--- /dev/null
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+
+
+ <link rel="shortcut icon" href="../../img/favicon.ico">
+
+ <title>HTTP API -- Introduction - PowerDNS</title>
+
+ <link href="../../css/bootstrap-custom.min.css" rel="stylesheet">
+ <link href="../../css/font-awesome-4.0.3.css" rel="stylesheet">
+ <link href="../../css/prettify-1.0.css" rel="stylesheet">
+ <link href="../../css/base.css" rel="stylesheet">
+
+ <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+ <!--[if lt IE 9]>
+ <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+ <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+ <![endif]-->
+
+
+ </head>
+
+ <body>
+
+ <div class="navbar navbar-default navbar-fixed-top" role="navigation">
+ <div class="container">
+
+ <!-- Collapsed navigation -->
+ <div class="navbar-header">
+ <!-- Expander button -->
+ <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+ <span class="sr-only">Toggle navigation</span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ </button>
+
+ <!-- Main title -->
+ <a class="navbar-brand" href="../..">PowerDNS</a>
+ </div>
+
+ <!-- Expanded navigation -->
+ <div class="navbar-collapse collapse">
+ <!-- Main navigation -->
+ <ul class="nav navbar-nav">
+
+
+ <li class="dropdown active">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">PowerDNS Server <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../..">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../changelog/">Changelogs</a>
+ </li>
+
+ <li >
+ <a href="../../types/">Supported DNS Record Types</a>
+ </li>
+
+ <li >
+ <a href="../../common/logging/">Logging and Performance Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../common/security/">Security settings & considerations</a>
+ </li>
+
+ <li class="active">
+ <a href="./">HTTP API -- Introduction</a>
+ </li>
+
+ <li >
+ <a href="../intro/">HTTP API -- Discussion</a>
+ </li>
+
+ <li >
+ <a href="../api_spec/">HTTP API -- API Specification</a>
+ </li>
+
+ <li >
+ <a href="../features/">HTTP API -- Design and Features</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Authoritative <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../authoritative/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/installation/">Installing and Running</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/upgrading/">Upgrading</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/modes-of-operation/">Modes of Operation</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/virtual/">Virtual Hosting</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/fancy-records/">Fancy Records</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/performance/">Performance Tuning and Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/migration/">Migrating to PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/recursion/">Recursion with the Authoritative Server</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/dnssec/">Serve DNSSEC Signed Data</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-bind/">Backend: BIND</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-db2/">Backend: DB2</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-generic-mypgsql/">Backend: Generic MySQL and PostGreSQL</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-gsqlite/">Backend: Generic SQLite</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-ldap/">Backend: LDAP</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-lmdb/">Backend: LMDB</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-oracle/">Backend: Oracle</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-pipe/">Backend: Pipe</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-random/">Backend: Random</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-remote/">Backend: Remote</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-tinydns/">Backend: TinyDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-deprecated/">Deprecated Backends</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Recursor <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../recursor/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/security/">Security of the Recursor</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/stats/">Recursor Statistics</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/performance/">Performance Tuning</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/scripting/">Scripting</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/dns64/">DNS64 support</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Security <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../security/">Security Policy</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2012-01/">Advisory 2012-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-02/">Advisory 2010-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-01/">Advisory 2010-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-03/">Advisory 2008-03</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-02/">Advisory 2008-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-01/">Advisory 2008-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-02/">Advisory 2006-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-01/">Advisory 2006-01</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Tools and Appendices <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../appendix/backend-writers-guide/">Backend Writer's Guide</a>
+ </li>
+
+ <li >
+ <a href="../../appendix/compiling-powerdns/">Compiling PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../tools/analysis/">DNS Analysis Tools</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+ </ul>
+
+ <!-- Search, Navigation and Repo links -->
+ <ul class="nav navbar-nav navbar-right">
+
+<!-- <li >
+ <a rel="next" href="../../common/security/">
+ <i class="fa fa-arrow-left"></i> Previous
+ </a>
+ </li>
+ <li >
+ <a rel="prev" href="../intro/">
+ Next <i class="fa fa-arrow-right"></i>
+ </a>
+ </li> -->
+
+ </ul>
+ </div>
+ </div>
+</div>
+
+ <div class="container">
+ <div class="col-md-3"><div class="bs-sidebar hidden-print affix well" role="complementary">
+ <ul class="nav bs-sidenav">
+
+ <li class="main active"><a href="#powerdns-api">PowerDNS API</a></li>
+
+ <li><a href="#try-it">Try it</a></li>
+
+ <li><a href="#try-it-recursor-edition">Try it (Recursor edition)</a></li>
+
+ <li><a href="#api-specification">API Specification</a></li>
+
+ <li><a href="#additional-help">Additional help</a></li>
+
+
+ </ul>
+</div></div>
+ <div class="col-md-9" role="main">
+
+<h1 id="powerdns-api">PowerDNS API</h1>
+<p>PowerDNS features a built-in API. For the Authoritative Server, starting with
+version 3.4, for the Recursor starting with version 3.6.</p>
+<p>At the time of writing this, these versions were not released, but preliminary
+support is available in git.</p>
+<p>You can get suitable packages for testing (RPM or DEB) from these links:</p>
+<ul>
+<li>https://autotest.powerdns.com/job/auth-git-semistatic-deb-amd64/lastSuccessfulBuild/artifact/</li>
+<li>https://autotest.powerdns.com/job/auth-git-semistatic-rpm-amd64/lastSuccessfulBuild/artifact/</li>
+<li>https://autotest.powerdns.com/job/recursor-git-semistatic-pkgs-amd64/lastSuccessfulBuild/artifact/</li>
+</ul>
+<h2 id="try-it">Try it</h2>
+<p>Install PowerDNS Authoritative with one of the gsql backends (i.e. MySQL,
+PostgreSQL or SQLite3).</p>
+<p>Then configure as follows:</p>
+<pre class="prettyprint well"><code>experimental-json-interface=yes
+webserver=yes
+webserver-password=changeme
+</code></pre>
+<p>After restarting <code>pdns_server</code>, the following examples should start working:</p>
+<pre class="prettyprint well"><code># List zones
+curl -v http://a:changeme@127.0.0.1:8081/servers/localhost/zones | jq .
+# Create new zone "example.org" with nameservers ns1.example.org, ns2.example.org
+curl -X POST --data '{"name":"example.org", "kind": "Native", "masters": [], "nameservers": ["ns1.example.org", "ns2.example.org"]}' -v http://a:changeme@127.0.0.1:8081/servers/localhost/zones | jq .
+# Show the new zone
+curl -v http://a:changeme@127.0.0.1:8081/servers/localhost/zones/example.org | jq .
+</code></pre>
+<p><code>jq</code> is a highly recommended tool for pretty-printing JSON. If you don't have
+<code>jq</code>, try <code>json_pp</code> or <code>python -mjson.tool</code> instead.</p>
+<h2 id="try-it-recursor-edition">Try it (Recursor edition)</h2>
+<p>Install PowerDNS Recursor, configured as follows:</p>
+<pre class="prettyprint well"><code>experimental-webserver=yes
+experimental-webserver-password=changeme
+auth-zones=
+forward-zones=
+forward-zones-recurse=
+</code></pre>
+<p>After restarting <code>pdns_recursor</code>, the following examples should start working:</p>
+<pre class="prettyprint well"><code>curl -v http://a:changeme@127.0.0.1:8082/servers/localhost | jq .
+curl -v http://a:changeme@127.0.0.1:8082/servers/localhost/zones | jq .
+</code></pre>
+<h2 id="api-specification">API Specification</h2>
+<p>The complete API docs are available in <code>api_specs.md</code>.</p>
+<h2 id="additional-help">Additional help</h2>
+<p>For additional help, come to the <code>#powerdns</code> IRC channel on <code>irc.oftc.net</code>.</p>
+</div>
+ </div>
+
+
+
+ <script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
+ <script src="../../js/bootstrap-3.0.3.min.js"></script>
+ <script src="../../js/prettify-1.0.min.js"></script>
+ <script src="../../js/base.js"></script>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+
+
+ <link rel="shortcut icon" href="../../img/favicon.ico">
+
+ <title>HTTP API -- API Specification - PowerDNS</title>
+
+ <link href="../../css/bootstrap-custom.min.css" rel="stylesheet">
+ <link href="../../css/font-awesome-4.0.3.css" rel="stylesheet">
+ <link href="../../css/prettify-1.0.css" rel="stylesheet">
+ <link href="../../css/base.css" rel="stylesheet">
+
+ <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+ <!--[if lt IE 9]>
+ <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+ <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+ <![endif]-->
+
+
+ </head>
+
+ <body>
+
+ <div class="navbar navbar-default navbar-fixed-top" role="navigation">
+ <div class="container">
+
+ <!-- Collapsed navigation -->
+ <div class="navbar-header">
+ <!-- Expander button -->
+ <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+ <span class="sr-only">Toggle navigation</span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ </button>
+
+ <!-- Main title -->
+ <a class="navbar-brand" href="../..">PowerDNS</a>
+ </div>
+
+ <!-- Expanded navigation -->
+ <div class="navbar-collapse collapse">
+ <!-- Main navigation -->
+ <ul class="nav navbar-nav">
+
+
+ <li class="dropdown active">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">PowerDNS Server <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../..">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../changelog/">Changelogs</a>
+ </li>
+
+ <li >
+ <a href="../../types/">Supported DNS Record Types</a>
+ </li>
+
+ <li >
+ <a href="../../common/logging/">Logging and Performance Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../common/security/">Security settings & considerations</a>
+ </li>
+
+ <li >
+ <a href="../README/">HTTP API -- Introduction</a>
+ </li>
+
+ <li >
+ <a href="../intro/">HTTP API -- Discussion</a>
+ </li>
+
+ <li class="active">
+ <a href="./">HTTP API -- API Specification</a>
+ </li>
+
+ <li >
+ <a href="../features/">HTTP API -- Design and Features</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Authoritative <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../authoritative/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/installation/">Installing and Running</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/upgrading/">Upgrading</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/modes-of-operation/">Modes of Operation</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/virtual/">Virtual Hosting</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/fancy-records/">Fancy Records</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/performance/">Performance Tuning and Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/migration/">Migrating to PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/recursion/">Recursion with the Authoritative Server</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/dnssec/">Serve DNSSEC Signed Data</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-bind/">Backend: BIND</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-db2/">Backend: DB2</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-generic-mypgsql/">Backend: Generic MySQL and PostGreSQL</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-gsqlite/">Backend: Generic SQLite</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-ldap/">Backend: LDAP</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-lmdb/">Backend: LMDB</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-oracle/">Backend: Oracle</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-pipe/">Backend: Pipe</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-random/">Backend: Random</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-remote/">Backend: Remote</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-tinydns/">Backend: TinyDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-deprecated/">Deprecated Backends</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Recursor <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../recursor/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/security/">Security of the Recursor</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/stats/">Recursor Statistics</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/performance/">Performance Tuning</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/scripting/">Scripting</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/dns64/">DNS64 support</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Security <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../security/">Security Policy</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2012-01/">Advisory 2012-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-02/">Advisory 2010-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-01/">Advisory 2010-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-03/">Advisory 2008-03</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-02/">Advisory 2008-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-01/">Advisory 2008-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-02/">Advisory 2006-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-01/">Advisory 2006-01</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Tools and Appendices <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../appendix/backend-writers-guide/">Backend Writer's Guide</a>
+ </li>
+
+ <li >
+ <a href="../../appendix/compiling-powerdns/">Compiling PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../tools/analysis/">DNS Analysis Tools</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+ </ul>
+
+ <!-- Search, Navigation and Repo links -->
+ <ul class="nav navbar-nav navbar-right">
+
+<!-- <li >
+ <a rel="next" href="../intro/">
+ <i class="fa fa-arrow-left"></i> Previous
+ </a>
+ </li>
+ <li >
+ <a rel="prev" href="../features/">
+ Next <i class="fa fa-arrow-right"></i>
+ </a>
+ </li> -->
+
+ </ul>
+ </div>
+ </div>
+</div>
+
+ <div class="container">
+ <div class="col-md-3"><div class="bs-sidebar hidden-print affix well" role="complementary">
+ <ul class="nav bs-sidenav">
+
+ <li class="main active"><a href="#api-spec">API Spec</a></li>
+
+ <li><a href="#design-goals">Design Goals</a></li>
+
+ <li><a href="#data-format">Data format</a></li>
+
+ <li><a href="#rest">REST</a></li>
+
+ <li><a href="#not-so-rest">not-so-REST</a></li>
+
+ <li><a href="#authentication">Authentication</a></li>
+
+ <li><a href="#errors">Errors</a></li>
+
+ <li><a href="#url">URL: /</a></li>
+
+
+ <li class="main "><a href="#general-collections-interface">General Collections Interface</a></li>
+
+ <li><a href="#get">GET</a></li>
+
+ <li><a href="#post">POST</a></li>
+
+
+ <li class="main "><a href="#servers">Servers</a></li>
+
+ <li><a href="#server_resource">server_resource</a></li>
+
+ <li><a href="#url-servers">URL: /servers</a></li>
+
+ <li><a href="#url-serversserver95id">URL: /servers/:server_id</a></li>
+
+
+ <li class="main "><a href="#config">Config</a></li>
+
+ <li><a href="#config95setting95resource">config_setting_resource</a></li>
+
+ <li><a href="#url-serversserver95idconfig">URL: /servers/:server_id/config</a></li>
+
+ <li><a href="#url-serversserver95idconfigconfig95setting95name">URL: /servers/:server_id/config/:config_setting_name</a></li>
+
+
+ <li class="main "><a href="#zones">Zones</a></li>
+
+ <li><a href="#zone_collection">zone_collection</a></li>
+
+ <li><a href="#url-serversserver95idzones">URL: /servers/:server_id/zones</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95id">URL: /servers/:server_id/zones/:zone_id</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95idnotify">URL: /servers/:server_id/zones/:zone_id/notify</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95idaxfr-retrieve">URL: /servers/:server_id/zones/:zone_id/axfr-retrieve</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95idcheck">URL: /servers/:server_id/zones/:zone_id/check</a></li>
+
+
+ <li class="main "><a href="#zone-metadata">Zone Metadata</a></li>
+
+ <li><a href="#zone95metadata95resource">zone_metadata_resource</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95namemetadata">URL: /servers/:server_id/zones/:zone_name/metadata</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95namemetadatametadata95kind">URL: /servers/:server_id/zones/:zone_name/metadata/:metadata_kind</a></li>
+
+
+ <li class="main "><a href="#cryptokeys">CryptoKeys</a></li>
+
+ <li><a href="#cryptokey95resource">cryptokey_resource</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95namecryptokeys">URL: /servers/:server_id/zones/:zone_name/cryptokeys</a></li>
+
+ <li><a href="#url-serversserver95idzoneszone95namecryptokeyscryptokey95id">URL: /servers/:server_id/zones/:zone_name/cryptokeys/:cryptokey_id</a></li>
+
+
+ <li class="main "><a href="#cache-access">Cache Access</a></li>
+
+
+ <li class="main "><a href="#logging-statistics">Logging & Statistics</a></li>
+
+ <li><a href="#url-serversserver95idsearch-logqsearch95term">URL: /servers/:server_id/search-log?q=:search_term</a></li>
+
+ <li><a href="#url-serversserver95idstatistics">URL: /servers/:server_id/statistics</a></li>
+
+ <li><a href="#url-serversserver95idtrace">URL: /servers/:server_id/trace</a></li>
+
+ <li><a href="#url-serversserver95idfailures">URL: /servers/:server_id/failures</a></li>
+
+
+ <li class="main "><a href="#data-overrides">Data Overrides</a></li>
+
+ <li><a href="#override95type">override_type</a></li>
+
+ <li><a href="#url-serversserver95idoverrides">URL: /servers/:server_id/overrides</a></li>
+
+ <li><a href="#url-serversserver95idoverridesoverride95id">URL: /servers/:server_id/overrides/:override_id</a></li>
+
+
+ </ul>
+</div></div>
+ <div class="col-md-9" role="main">
+
+<h1 id="api-spec">API Spec</h1>
+<p>This API runs over HTTP, preferably HTTPS.</p>
+<h2 id="design-goals">Design Goals</h2>
+<ul>
+<li>Discovery endpoint</li>
+<li>Unified API Scheme for Daemons & Console.
+ Think of the Console Server as a proxy for all your pdns deployments.</li>
+<li>Have API docs (this!) for other consumers</li>
+</ul>
+<h2 id="data-format">Data format</h2>
+<p>Input data format: JSON.</p>
+<p>Output data formats: JSON, JSONP</p>
+<p>All GET requests support appending a <code>_callback</code> URL parameter, which, if
+present, will turn the response into a JSONP response.</p>
+<p>The <code>Accept:</code> header determines the output format. An unknown value or
+<code>*/*</code> will cause a <code>400 Bad Request</code>.</p>
+<p>All text is UTF-8 and HTTP headers will reflect this.</p>
+<p>Data types:</p>
+<ul>
+<li>empty fields: <code>null</code> but present</li>
+<li>Regex: implementation defined</li>
+<li>Dates: ISO 8601</li>
+</ul>
+<h2 id="rest">REST</h2>
+<ul>
+<li>GET: List/Retrieve. Success reply: <code>200 OK</code></li>
+<li>POST: Create. Success reply: <code>201 Created</code>, with new object as body.</li>
+<li>PUT: Update. Success reply: <code>200 OK</code>, with modified object as body.</li>
+<li>DELETE: Delete. Success reply: <code>200 OK</code>, no body.</li>
+</ul>
+<h2 id="not-so-rest">not-so-REST</h2>
+<p>For interactions that do not directly map onto CRUD, we use these:</p>
+<ul>
+<li>GET: Query. Success reply: <code>200 OK</code></li>
+<li>PUT: Action/Execute. Success reply: <code>200 OK</code></li>
+</ul>
+<h2 id="authentication">Authentication</h2>
+<p>Clients SHOULD support:</p>
+<ul>
+<li>HTTP Basic Auth (used by pdns, pdnsmgrd)</li>
+<li>OAuth (used by pdnscontrol)</li>
+<li><strong>TODO</strong>: Not implemented yet.</li>
+</ul>
+<h2 id="errors">Errors</h2>
+<p>Response code <code>4xx</code> or <code>5xx</code>, depending on the situation. Never return <code>2xx</code>
+for an error!</p>
+<ul>
+<li>Invalid JSON body from client: <code>400 Bad Request</code></li>
+<li>JSON body from client not a hash: <code>400 Bad Request</code></li>
+<li>Input validation failed: <code>422 Unprocessable Entity</code></li>
+</ul>
+<p>Error responses have a JSON body of this format:</p>
+<pre class="prettyprint well"><code>{
+ "error": "short error message",
+ "errors": [
+ { ... },
+ ]
+}
+</code></pre>
+<p>Where <code>errors</code> is optional, and the contents are error-specific.</p>
+<h2 id="url">URL: /</h2>
+<p>Allowed methods: <code>GET</code></p>
+<pre class="prettyprint well"><code>{
+ "server_url": "/servers{/server}",
+ "api_features": [],
+}
+</code></pre>
+<p><strong>TODO</strong>:</p>
+<ul>
+<li>Not yet implemented.</li>
+<li><code>api_features</code></li>
+<li><code>servers_modifiable</code></li>
+<li><code>oauth</code></li>
+</ul>
+<h1 id="general-collections-interface">General Collections Interface</h1>
+<p>Collections generally support <code>GET</code> and <code>POST</code> with these meanings:</p>
+<h2 id="get">GET</h2>
+<p>Retrieve a list of all entries.</p>
+<p>The special <code>type</code> and <code>url</code> fields are included in the response objects:</p>
+<ul>
+<li><code>type</code>: name of the resource type</li>
+<li><code>url</code>: url to the object</li>
+</ul>
+<p>Response format:</p>
+<pre class="prettyprint well"><code>[
+ obj1
+ [, further objs]
+]
+</code></pre>
+<p>Example:</p>
+<pre class="prettyprint well"><code>[
+ {
+ "type": "AType",
+ "id": "anid",
+ "url": "/atype/anid",
+ "a_field": "a_value"
+ },
+ {
+ "type": "AType",
+ "id": "anotherid",
+ "url": "/atype/anotherid",
+ "a_field": "another_value"
+ }
+]
+</code></pre>
+<h2 id="post">POST</h2>
+<p>Create a new entry. The client has to supply the entry in the request body,
+in JSON format. <code>application/x-www-form-urlencoded</code> data MUST NOT be sent.</p>
+<p>Clients SHOULD not send the 'url' field.</p>
+<p>Client body:</p>
+<pre class="prettyprint well"><code>obj1
+</code></pre>
+<p>Example:</p>
+<pre class="prettyprint well"><code>{
+ "type": "AType",
+ "id": "anewid",
+ "a_field": "anew_value"
+}
+</code></pre>
+<h1 id="servers">Servers</h1>
+<p><strong>TODO</strong>: further routes</p>
+<h2 id="server_resource">server_resource</h2>
+<p>Example with server <code>"localhost"</code>, which is the only server returned by pdns.</p>
+<p>pdnsmgrd and pdnscontrol MUST NOT return “localhost”, but SHOULD return
+other servers.</p>
+<pre class="prettyprint well"><code>{
+ "type": "Server",
+ "id": "localhost",
+ "url": "/servers/localhost",
+ "daemon_type": "recursor",
+ "version": "VERSION",
+ "config_url": "/servers/localhost/config{/config_setting}",
+ "zones_url": "/servers/localhost/zones{/zone}",
+}
+</code></pre>
+<p>Note: On a pdns server, the servers collection is read-only, and the only
+allowed returned server is read-only as well.
+On a pdnscontrol server, the servers collection is read-write, and the
+returned server resources are read-write as well. Write permissions may
+depend on the credentials you have supplied.</p>
+<ul>
+<li>daemon_type
+ May be one of <code>authoritative</code>, <code>recursor</code>.</li>
+</ul>
+<h2 id="url-servers">URL: /servers</h2>
+<p>Collection access.</p>
+<p>Allowed REST methods:</p>
+<ul>
+<li>pdns: <code>GET</code></li>
+<li>pdnsmgrd: <code>GET</code></li>
+<li>pdnscontrol: <code>GET</code>, <code>PUT</code>, <code>POST</code>, <code>DELETE</code></li>
+</ul>
+<h2 id="url-serversserver95id">URL: /servers/:server_id</h2>
+<p>Returns a single server_resource.</p>
+<h1 id="config">Config</h1>
+<h2 id="config95setting95resource">config_setting_resource</h2>
+<pre class="prettyprint well"><code>{
+ "type": "ConfigSetting",
+ "name": "config_setting_name",
+ "value": "config_setting_value"
+}
+</code></pre>
+<h2 id="url-serversserver95idconfig">URL: /servers/:server_id/config</h2>
+<p>Collection access.</p>
+<p>Allowed REST methods: <code>GET</code>, <code>POST</code></p>
+<h4 id="post_1">POST</h4>
+<p>Creates a new config setting. This is useful for creating configuration for new backends.</p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h2 id="url-serversserver95idconfigconfig95setting95name">URL: /servers/:server_id/config/:config_setting_name</h2>
+<p>Allowed REST methods: <code>GET</code>, <code>PUT</code></p>
+<p><strong>NOTE</strong>: only the Recursors <code>allow_from</code> configuration setting can be retrieved or modified.</p>
+<h1 id="zones">Zones</h1>
+<p>Authoritative DNS Zones.</p>
+<p>A Resource Record Set (below as "RRset") are all records for a given name and type.</p>
+<p>Comments are per-RRset.</p>
+<h2 id="zone_collection">zone_collection</h2>
+<pre class="prettyprint well"><code>{
+ "id": "<id>",
+ "name": "<string>",
+ "type": "Zone",
+ "url": "/servers/:server_id/zones/:id",
+ "kind": "<kind>",
+ "serial": <int>,
+ "notified_serial": <int>,
+ "masters": ["<ip>", ...],
+ "dnssec": <bool>,
+ "nsec3param": "<nsec3param record>",
+ "nsec3narrow": <bool>,
+ "presigned": <bool>,
+ "soa_edit": "<string>",
+ "soa_edit_api": "<string>",
+ "nameservers": ["<string>", ...],
+ "servers": ["<string>", ...],
+ "recursion_desired": <bool>,
+ "records": [<record>, ...],
+ "comments": [<comment>, ...],
+}
+</code></pre>
+<h5 id="parameters">Parameters:</h5>
+<ul>
+<li>
+<p><code>id</code>
+ Opaque zone id (string), assigned by the Server. Do not interpret.
+ Guaranteed to be safe for embedding in URLs.</p>
+</li>
+<li>
+<p><code>kind</code>
+ Authoritative: <code><kind></code>: <code>Native</code>, <code>Master</code> or <code>Slave</code>
+ Recursor: <code><kind></code>: <code>Native</code>, or <code>Forwarded</code></p>
+</li>
+<li>
+<p><code>dnssec</code>
+ inferred from <code>presigned</code> being <code>true</code> XOR presence of at
+ least one cryptokey with <code>active</code> being <code>true</code>.</p>
+</li>
+</ul>
+<p>Switching <code>dnssec</code> to <code>true</code> (from <code>false</code>) sets up DNSSEC signing
+ based on the other flags, this includes running the equivalent of
+ <code>secure-zone</code> and <code>rectify-zone</code>. This also applies to newly created
+ zones.
+ If <code>presigned</code> is <code>true</code>, no DNSSEC changes will be made to the zone
+ or cryptokeys.
+ <strong>Note</strong>: Authoritative only.</p>
+<p><strong>TODO</strong>: <code>dnssec</code>, <code>nsec3narrow</code>, <code>nsec3param</code>, <code>presigned</code> are not yet implemented.</p>
+<ul>
+<li>
+<p><code>soa_edit</code> MAY be set to change the <code>SOA-EDIT</code> zone setting. See
+ http://doc.powerdns.com/html/domainmetadata.html for more information.
+ <strong>Note</strong>: Authoritative only.</p>
+</li>
+<li>
+<p><code>soa_edit_api</code> MAY be set. If it is set, on changes to the contents of
+ a zone made through the API, the SOA record will be edited according to
+ the SOA-EDIT-API rules. (Which are the same as the SOA-EDIT rules.)
+ <strong>Note</strong>: Authoritative only.</p>
+</li>
+<li>
+<p><code>notified_serial</code>, <code>serial</code> MUST NOT be sent in client bodies.
+ <strong>Note</strong>: Authoritative only.</p>
+</li>
+<li>
+<p><code>nameservers</code> MAY be sent in client bodies during creation, and MUST
+ NOT be sent by the server. Simple list of strings of nameserver names.
+ <strong>Note</strong>: Authoritative only. Not required for slave zones.</p>
+</li>
+<li>
+<p><code>servers</code>: list of forwarded-to servers, including port.
+ <strong>Note</strong>: Recursor only.</p>
+</li>
+<li>
+<p><code>recursion_desired</code>: for <code>Forwarded</code> zones, if the RD bit should
+ be set.
+ <strong>Note</strong>: Authoritative only.</p>
+</li>
+<li>
+<p><code>records</code>: list of DNS records in the zone.
+ <strong>Note</strong>: Modifications are supported on Authoritative only.</p>
+</li>
+<li>
+<p><code>comments</code>: list of comments in the zone.
+ <strong>Note</strong>: Authoritative only.</p>
+</li>
+</ul>
+<h5 id="notes">Notes:</h5>
+<p>Turning on DNSSEC with custom keys: just create the zone with <code>dnssec</code>
+set to <code>false</code>, and add keys using the cryptokeys REST interface. Have
+at least one of them <code>active</code> set to <code>true</code>.</p>
+<p>Changes made through the Zones API will always yield valid zone data,
+and the zone will be properly "rectified". If changes are made through
+other means (e.g. direct database access), this is not guranteed to be
+true and clients SHOULD trigger rectify.</p>
+<p>Backends might implement additional features (by coincidence or not).
+These things are not supported through the API.</p>
+<p>When creating a slave zone, it is recommended to not set any of
+<code>nameservers</code>, <code>records</code>.</p>
+<h2 id="url-serversserver95idzones">URL: /servers/:server_id/zones</h2>
+<p>Allowed REST methods: <code>GET</code>, <code>POST</code></p>
+<h4 id="post_2">POST</h4>
+<p>Creates a new domain.</p>
+<ul>
+<li><code>dnssec</code>, <code>nsec3narrow</code>, <code>presigned</code>, <code>nsec3param</code>, <code>active-keys</code> are OPTIONAL.</li>
+<li><code>dnssec</code>, <code>nsec3narrow</code>, <code>presigned</code> default to <code>false</code>.</li>
+<li>The server MUST create a SOA record. The created SOA record SHOULD have
+serial set to the value given as <code>serial</code> (or 0 if missing), use the
+nameserver name, email, TTL values as specified in the pdns configuration
+(<code>default-soa-name</code>, <code>default-soa-mail</code>, etc).
+These default values can be overridden by supplying a custom SOA record in
+the records list.
+If <code>soa_edit_api</code> is set, the SOA record is edited according to the SOA-EDIT-API
+rules before storing it. (Also applies to custom SOA records.)</li>
+</ul>
+<p><strong>TODO</strong>: <code>dnssec</code>, <code>nsec3narrow</code>, <code>nsec3param</code>, <code>presigned</code> are not yet implemented.</p>
+<h2 id="url-serversserver95idzoneszone95id">URL: /servers/:server_id/zones/:zone_id</h2>
+<p>Allowed methods: <code>GET</code>, <code>PUT</code>, <code>DELETE</code>, <code>PATCH</code>.</p>
+<h4 id="get_1">GET</h4>
+<p>Returns zone information.</p>
+<h4 id="delete">DELETE</h4>
+<p>Deletes this zone, all attached metadata and rrsets.</p>
+<h4 id="patch">PATCH</h4>
+<p>Modifies present RRsets and comments.</p>
+<p><strong>Note</strong>: Authoritative only.</p>
+<p>Client body for PATCH:</p>
+<pre class="prettyprint well"><code>{ "rrsets":
+ [
+ {
+ "name": <string>,
+ "type": <string>,
+ "changetype": <changetype>,
+ "records":
+ [
+ {
+ "content": <string>,
+ "name": <string>,
+ "priority": <int>,
+ "ttl": <int>,
+ "type": <string>,
+ "disabled": <bool>
+ }, ...
+ ],
+ "comments":
+ [
+ {
+ "account": <string>,
+ "content": <string>,
+ "modfied_at": <int>
+ }, ...
+ ]
+ },
+ { ... }
+ ]
+}
+</code></pre>
+<p>Having <code>type</code> inside an RR differ from <code>type</code> at the top level is an error.</p>
+<ul>
+<li>
+<p><code>name</code>
+ Full name of the RRset to modify. (Example: <code>foo.example.org</code>)</p>
+</li>
+<li>
+<p><code>type</code>
+ Type of the RRset to modify. (Example: <code>AAAA</code>)</p>
+</li>
+<li>
+<p><code>changetype</code>
+ Must be <code>REPLACE</code> or <code>DELETE</code>.
+ With <code>DELETE</code>, all existing RRs matching <code>name</code> and <code>type</code> will be deleted, incl. all comments.
+ With <code>REPLACE</code>: when <code>records</code> is present, all existing RRs matching <code>name</code> and <code>type</code> will be deleted, and then new records given in <code>records</code> will be created.
+ If no records are left, any existing comments will be deleted as well.
+ When <code>comments</code> is present, all existing comments for the RRs matching <code>name</code> and <code>type</code> will be deleted, and then new comments given in <code>comments</code> will be created.</p>
+</li>
+<li>
+<p><code>records</code>
+ List of new records (replacing the old ones). Must be empty when <code>changetype</code> is set to <code>DELETE</code>.
+ An empty list results in deletion of all records (and comments).</p>
+</li>
+<li>
+<p><code>comments</code>
+ List of new comments (replacing the old ones). Must be empty when <code>changetype</code> is set to <code>DELETE</code>.
+ An empty list results in deletion of all comments.
+ <code>modified_at</code> is optional and defaults to the current server time.</p>
+</li>
+</ul>
+<h4 id="put">PUT</h4>
+<p>Modifies basic zone data (metadata).</p>
+<p>Allowed fields in client body: all except <code>id</code> and <code>url</code>.</p>
+<p>Changing <code>name</code> renames the zone, as expected.</p>
+<h2 id="url-serversserver95idzoneszone95idnotify">URL: /servers/:server_id/zones/:zone_id/notify</h2>
+<p>Allowed methods: <code>PUT</code></p>
+<p>Send a DNS NOTIFY to all slaves.</p>
+<p>Fails when zone kind is not <code>Master</code> or <code>Slave</code>, or <code>master</code> and <code>slave</code> are
+disabled in pdns configuration. Only works for <code>Slave</code> if renotify is on.</p>
+<p>Not supported for recursors.</p>
+<p>Clients MUST NOT send a body.</p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h2 id="url-serversserver95idzoneszone95idaxfr-retrieve">URL: /servers/:server_id/zones/:zone_id/axfr-retrieve</h2>
+<p>Allowed methods: <code>PUT</code></p>
+<p>Retrieves the zone from the master.</p>
+<p>Fails when zone kind is not <code>Slave</code>, or <code>slave</code> is disabled in pdns
+configuration.</p>
+<p>Not supported for recursors.</p>
+<p>Clients MUST NOT send a body.</p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h2 id="url-serversserver95idzoneszone95idcheck">URL: /servers/:server_id/zones/:zone_id/check</h2>
+<p>Allowed methods: <code>GET</code></p>
+<p>Verify zone contents/configuration.</p>
+<p>Return format:</p>
+<pre class="prettyprint well"><code>{
+ "zone": "<zone_name>",
+ "errors": ["error message1", ...],
+ "warnings": ["warning message1", ...]
+}
+</code></pre>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h1 id="zone-metadata">Zone Metadata</h1>
+<h2 id="zone95metadata95resource">zone_metadata_resource</h2>
+<pre class="prettyprint well"><code>{
+ "type": "Metadata",
+ "kind": <metadata_kind>,
+ "metadata": [
+ "value1",
+ ...
+ ]
+}
+</code></pre>
+<p>Valid values for <code><metadata_kind></code> are specified in <a href="http://doc.powerdns.com/domainmetadata.html">http://doc.powerdns.com/domainmetadata.html</a>.</p>
+<p>Clients MUST NOT modify <code>NSEC3PARAM</code>, <code>NSEC3NARROW</code> or <code>PRESIGNED</code>
+through this interface. The server SHOULD reject updates to these
+metadata.</p>
+<h2 id="url-serversserver95idzoneszone95namemetadata">URL: /servers/:server_id/zones/:zone_name/metadata</h2>
+<p>Collection access.</p>
+<p>Allowed methods: <code>GET</code>, <code>POST</code></p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h2 id="url-serversserver95idzoneszone95namemetadatametadata95kind">URL: /servers/:server_id/zones/:zone_name/metadata/:metadata_kind</h2>
+<p>Allowed methods: <code>GET</code>, <code>PUT</code>, <code>DELETE</code></p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h1 id="cryptokeys">CryptoKeys</h1>
+<h2 id="cryptokey95resource">cryptokey_resource</h2>
+<pre class="prettyprint well"><code>{[
+ "type": "CryptoKey",
+ "id": <int>,
+ "active": <bool>,
+ "keytype": <keytype>,
+ "dnskey": <string>,
+ "content": <string>,
+ "ds": [ <ds>,
+ <ds>,
+ .... ]
+]}
+</code></pre>
+<h5 id="parameters_1">Parameters:</h5>
+<p><code>id</code>: read-only.</p>
+<p><code>keytype</code>: <code><keytype></code> is one of the following: <code>ksk</code> or <code>zsk</code>, and they are
+both mutually exclusive.</p>
+<p><code>dnskey</code>: the DNSKEY for this key</p>
+<p><code>ds</code>: an array with all dses for this key</p>
+<h2 id="url-serversserver95idzoneszone95namecryptokeys">URL: /servers/:server_id/zones/:zone_name/cryptokeys</h2>
+<p>Allowed methods: <code>GET</code>, <code>POST</code></p>
+<h4 id="get_2">GET</h4>
+<p>Returns all public data about cryptokeys, but not <code>content</code>.</p>
+<h4 id="post_3">POST</h4>
+<p>Creates a new, single cryptokey.</p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h5 id="parameters_2">Parameters:</h5>
+<p><code>content</code>: if <code>null</code>, pdns generates a new key. In this case, the
+following additional fields MAY be supplied:</p>
+<ul>
+<li><code>bits</code>: <code><int></code></li>
+<li><code>algo</code>: <code><algo></code></li>
+</ul>
+<p>Where <code><algo></code> is one of the supported key algos in lowercase OR the
+numeric id, see
+<a href="http://rtfm.powerdns.com/pdnssec.html">http://rtfm.powerdns.com/pdnssec.html</a></p>
+<h2 id="url-serversserver95idzoneszone95namecryptokeyscryptokey95id">URL: /servers/:server_id/zones/:zone_name/cryptokeys/:cryptokey_id</h2>
+<p>Allowed methods: <code>GET</code>, <code>PUT</code>, <code>DELETE</code></p>
+<h4 id="get_3">GET</h4>
+<p>Returns all public data about cryptokeys, including <code>content</code>, with all the private data. An array is returned, eventhough a single key is requested.</p>
+<h4 id="put_1">PUT</h4>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h4 id="delete_1">DELETE</h4>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h1 id="cache-access">Cache Access</h1>
+<p><strong>TODO</strong>: Peek at the cache, clear the cache, possibly dump it into a file?</p>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h1 id="logging-statistics">Logging & Statistics</h1>
+<h2 id="url-serversserver95idsearch-logqsearch95term">URL: /servers/:server_id/search-log?q=:search_term</h2>
+<p>Allowed methods: <code>GET</code> (Query)</p>
+<h4 id="get-query">GET (Query)</h4>
+<p>Query the log, filtered by <code>:search_term</code>. Response body:</p>
+<pre class="prettyprint well"><code>[
+ "<log_line>",
+ ...
+]
+</code></pre>
+<h2 id="url-serversserver95idstatistics">URL: /servers/:server_id/statistics</h2>
+<p>Allowed methods: <code>GET</code> (Query)</p>
+<h4 id="get-query_1">GET (Query)</h4>
+<p>Query PowerDNS internal statistics. Response body:</p>
+<pre class="prettyprint well"><code>[
+ {
+ "type": "StatisticItem",
+ "name": "<name>",
+ "value": "<value>"
+ },
+ ...
+]
+</code></pre>
+<p>The statistic entries are dependent on the daemon type.
+Values are returned as strings.</p>
+<h2 id="url-serversserver95idtrace">URL: /servers/:server_id/trace</h2>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h4 id="put-configure">PUT (Configure)</h4>
+<p>Configure query tracing.</p>
+<p>Client body:</p>
+<pre class="prettyprint well"><code>{
+ "domains": "<regex_string>"
+}
+</code></pre>
+<p>Set <code>domains</code> to <code>null</code> to turn off tracing.</p>
+<h4 id="get-query_2">GET (Query)</h4>
+<p>Retrieve query tracing log and current config. Response body:</p>
+<pre class="prettyprint well"><code>{
+ "domains": "<Regex>",
+ log: [
+ "<log_line>",
+ ...
+ ]
+}
+</code></pre>
+<h2 id="url-serversserver95idfailures">URL: /servers/:server_id/failures</h2>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h4 id="put_2">PUT</h4>
+<p>Configure query failure logging.</p>
+<p>Client body:</p>
+<pre class="prettyprint well"><code>{
+ "top-domains": <int>,
+ "domains": "<Regex>",
+}
+</code></pre>
+<h5 id="parameters_3">Parameters:</h5>
+<p><code>top-domains</code> are the number of top resolved domains that are
+automatically monitored for failures.</p>
+<p><code>domains</code> is a Regex of domains that are additionally monitored for
+resolve failures.</p>
+<h4 id="get_4">GET</h4>
+<p>Retrieve query failure logging and current config.</p>
+<p>Response body:</p>
+<pre class="prettyprint well"><code>{
+ "top-domains": <int>,
+ "domains": "<Regex>",
+ "log": [
+ {
+ "first_occurred": <timestamp>,
+ "domain": "<full domain>",
+ "qtype": "<qtype>",
+ "failure": <failure_code>,
+ "failed_parent": "<full parent domain>",
+ "details": "<log message>",
+ "queried_servers": [
+ {
+ "name": <name>,
+ "address": <address>
+ }, ...
+ ]
+ },
+ ...
+ ]
+}
+</code></pre>
+<h5 id="parameters_4">Parameters:</h5>
+<p><code>failed_parent</code> is generally OPTIONAL.</p>
+<p>Where <code><failure_code></code> is one of these:</p>
+<ul>
+<li>
+<p><code>dnssec-validation-failed</code></p>
+<p>DNSSEC Validation failed for this domain.</p>
+</li>
+<li>
+<p><code>dnssec-parent-validation-failed</code></p>
+<p>DNSSEC Validation failed for one of the parent domains. Response
+MUST contain failed_parent.</p>
+</li>
+<li>
+<p><code>nxdomain</code></p>
+<p>This domain was not present on the authoritative nameservers.</p>
+</li>
+<li>
+<p><code>nodata</code></p>
+</li>
+<li>
+<p><code>all-servers-unreachable</code></p>
+<p>All auth nameservers that have been tried did not respond.</p>
+</li>
+<li>
+<p><code>parent-unresolvable</code></p>
+<p>Response MUST contain <code>failed_parent</code>.</p>
+</li>
+<li>
+<p><code>refused</code></p>
+<p>All auth nameservers that have been tried responded with refused.</p>
+</li>
+<li>
+<p><code>servfail</code></p>
+<p>All auth nameservers that have been tried responded with servfail.</p>
+</li>
+<li>
+<p><strong>TODO</strong>: further failures</p>
+</li>
+</ul>
+<h1 id="data-overrides">Data Overrides</h1>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<h2 id="override95type">override_type</h2>
+<p><code>created</code> is filled by the Server.</p>
+<pre class="prettyprint well"><code>{
+ "type": "Override",
+ "id": <int>,
+ "override": "ignore-dnssec",
+ "domain": "nl",
+ "until": <timestamp>,
+ "created": <timestamp>
+}
+
+
+{
+ "type": "Override",
+ "id": <int>,
+ "override": "replace",
+ "domain": "www.cnn.com",
+ "rrtype": "AAAA",
+ "values": ["1.1.1.1", "2.2.2.2"],
+ "until": <timestamp>,
+ "created": <timestamp>
+}
+</code></pre>
+<p><strong>TODO</strong>: what about validation here?</p>
+<pre class="prettyprint well"><code>{
+ "type": "Override",
+ "id": <int>,
+ "override": "purge",
+ "domain": "example.net",
+ "created": <timestamp>
+}
+</code></pre>
+<p>Clears recursively all cached data ("plain" DNS + DNSSEC)</p>
+<p><strong>TODO</strong>: should this be stored? (for history)</p>
+<h2 id="url-serversserver95idoverrides">URL: /servers/:server_id/overrides</h2>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<p>Collection access.</p>
+<p>Allowed Methods: <code>GET</code>, <code>POST</code></p>
+<h2 id="url-serversserver95idoverridesoverride95id">URL: /servers/:server_id/overrides/:override_id</h2>
+<p><strong>TODO</strong>: Not yet implemented.</p>
+<p>Allowed methods: <code>GET</code>, <code>PUT</code>, <code>DELETE</code></p>
+</div>
+ </div>
+
+
+
+ <script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
+ <script src="../../js/bootstrap-3.0.3.min.js"></script>
+ <script src="../../js/prettify-1.0.min.js"></script>
+ <script src="../../js/base.js"></script>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+
+
+ <link rel="shortcut icon" href="../../img/favicon.ico">
+
+ <title>HTTP API -- Design and Features - PowerDNS</title>
+
+ <link href="../../css/bootstrap-custom.min.css" rel="stylesheet">
+ <link href="../../css/font-awesome-4.0.3.css" rel="stylesheet">
+ <link href="../../css/prettify-1.0.css" rel="stylesheet">
+ <link href="../../css/base.css" rel="stylesheet">
+
+ <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+ <!--[if lt IE 9]>
+ <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+ <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+ <![endif]-->
+
+
+ </head>
+
+ <body>
+
+ <div class="navbar navbar-default navbar-fixed-top" role="navigation">
+ <div class="container">
+
+ <!-- Collapsed navigation -->
+ <div class="navbar-header">
+ <!-- Expander button -->
+ <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+ <span class="sr-only">Toggle navigation</span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ </button>
+
+ <!-- Main title -->
+ <a class="navbar-brand" href="../..">PowerDNS</a>
+ </div>
+
+ <!-- Expanded navigation -->
+ <div class="navbar-collapse collapse">
+ <!-- Main navigation -->
+ <ul class="nav navbar-nav">
+
+
+ <li class="dropdown active">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">PowerDNS Server <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../..">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../changelog/">Changelogs</a>
+ </li>
+
+ <li >
+ <a href="../../types/">Supported DNS Record Types</a>
+ </li>
+
+ <li >
+ <a href="../../common/logging/">Logging and Performance Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../common/security/">Security settings & considerations</a>
+ </li>
+
+ <li >
+ <a href="../README/">HTTP API -- Introduction</a>
+ </li>
+
+ <li >
+ <a href="../intro/">HTTP API -- Discussion</a>
+ </li>
+
+ <li >
+ <a href="../api_spec/">HTTP API -- API Specification</a>
+ </li>
+
+ <li class="active">
+ <a href="./">HTTP API -- Design and Features</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Authoritative <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../authoritative/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/installation/">Installing and Running</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/upgrading/">Upgrading</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/modes-of-operation/">Modes of Operation</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/virtual/">Virtual Hosting</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/fancy-records/">Fancy Records</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/performance/">Performance Tuning and Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/migration/">Migrating to PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/recursion/">Recursion with the Authoritative Server</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/dnssec/">Serve DNSSEC Signed Data</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-bind/">Backend: BIND</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-db2/">Backend: DB2</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-generic-mypgsql/">Backend: Generic MySQL and PostGreSQL</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-gsqlite/">Backend: Generic SQLite</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-ldap/">Backend: LDAP</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-lmdb/">Backend: LMDB</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-oracle/">Backend: Oracle</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-pipe/">Backend: Pipe</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-random/">Backend: Random</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-remote/">Backend: Remote</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-tinydns/">Backend: TinyDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-deprecated/">Deprecated Backends</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Recursor <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../recursor/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/security/">Security of the Recursor</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/stats/">Recursor Statistics</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/performance/">Performance Tuning</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/scripting/">Scripting</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/dns64/">DNS64 support</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Security <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../security/">Security Policy</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2012-01/">Advisory 2012-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-02/">Advisory 2010-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-01/">Advisory 2010-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-03/">Advisory 2008-03</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-02/">Advisory 2008-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-01/">Advisory 2008-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-02/">Advisory 2006-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-01/">Advisory 2006-01</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Tools and Appendices <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../appendix/backend-writers-guide/">Backend Writer's Guide</a>
+ </li>
+
+ <li >
+ <a href="../../appendix/compiling-powerdns/">Compiling PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../tools/analysis/">DNS Analysis Tools</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+ </ul>
+
+ <!-- Search, Navigation and Repo links -->
+ <ul class="nav navbar-nav navbar-right">
+
+<!-- <li >
+ <a rel="next" href="../api_spec/">
+ <i class="fa fa-arrow-left"></i> Previous
+ </a>
+ </li>
+ <li >
+ <a rel="prev" href="../../authoritative/">
+ Next <i class="fa fa-arrow-right"></i>
+ </a>
+ </li> -->
+
+ </ul>
+ </div>
+ </div>
+</div>
+
+ <div class="container">
+ <div class="col-md-3"><div class="bs-sidebar hidden-print affix well" role="complementary">
+ <ul class="nav bs-sidenav">
+
+ <li class="main active"><a href="#features-that-should-be-doable-using-the-api">Features that should be doable using the API</a></li>
+
+ <li><a href="#new-console-features">New Console Features</a></li>
+
+ <li><a href="#dnssec-console-for-recursor">DNSSEC Console for Recursor</a></li>
+
+ <li><a href="#meta-features-enabled-by-pdnsmgrd">Meta Features enabled by pdnsmgrd</a></li>
+
+
+ </ul>
+</div></div>
+ <div class="col-md-9" role="main">
+
+<h1 id="features-that-should-be-doable-using-the-api">Features that should be doable using the API</h1>
+<h2 id="new-console-features">New Console Features</h2>
+<ul>
+<li>RBAC</li>
+<li>User Management</li>
+<li>Audit Trail, light Edition</li>
+<li>Cache Viewing</li>
+<li>Versioning / Rollback</li>
+<li>for Zone data?</li>
+<li>pcap capture triggering (-> pdnsmgr)</li>
+<li>Zone (de)provisioning</li>
+<li>with DNSSEC</li>
+<li>Improved Graphite</li>
+</ul>
+<h2 id="dnssec-console-for-recursor">DNSSEC Console for Recursor</h2>
+<ul>
+<li>recent failures (not just DNSSEC)</li>
+<li>trigger live logging (e.g. for “*.nl”)</li>
+<li>DNSSEC partial blanking (“don’t check *.gov”)</li>
+<li>DNSSEC temporary blanking (“not for next 24h”)</li>
+</ul>
+<h2 id="meta-features-enabled-by-pdnsmgrd">Meta Features enabled by pdnsmgrd</h2>
+<ul>
+<li>start</li>
+<li>stop</li>
+<li>upgrade</li>
+<li>restart</li>
+<li>TODO: can/should we do this inproc?</li>
+<li><em>pcap</em></li>
+<li>TODO: How will this work?</li>
+<li>Should this happen in-daemon?</li>
+</ul>
+</div>
+ </div>
+
+
+
+ <script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
+ <script src="../../js/bootstrap-3.0.3.min.js"></script>
+ <script src="../../js/prettify-1.0.min.js"></script>
+ <script src="../../js/base.js"></script>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+
+
+ <link rel="shortcut icon" href="../../img/favicon.ico">
+
+ <title>HTTP API -- Discussion - PowerDNS</title>
+
+ <link href="../../css/bootstrap-custom.min.css" rel="stylesheet">
+ <link href="../../css/font-awesome-4.0.3.css" rel="stylesheet">
+ <link href="../../css/prettify-1.0.css" rel="stylesheet">
+ <link href="../../css/base.css" rel="stylesheet">
+
+ <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+ <!--[if lt IE 9]>
+ <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+ <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+ <![endif]-->
+
+
+ </head>
+
+ <body>
+
+ <div class="navbar navbar-default navbar-fixed-top" role="navigation">
+ <div class="container">
+
+ <!-- Collapsed navigation -->
+ <div class="navbar-header">
+ <!-- Expander button -->
+ <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+ <span class="sr-only">Toggle navigation</span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ <span class="icon-bar"></span>
+ </button>
+
+ <!-- Main title -->
+ <a class="navbar-brand" href="../..">PowerDNS</a>
+ </div>
+
+ <!-- Expanded navigation -->
+ <div class="navbar-collapse collapse">
+ <!-- Main navigation -->
+ <ul class="nav navbar-nav">
+
+
+ <li class="dropdown active">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">PowerDNS Server <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../..">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../changelog/">Changelogs</a>
+ </li>
+
+ <li >
+ <a href="../../types/">Supported DNS Record Types</a>
+ </li>
+
+ <li >
+ <a href="../../common/logging/">Logging and Performance Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../common/security/">Security settings & considerations</a>
+ </li>
+
+ <li >
+ <a href="../README/">HTTP API -- Introduction</a>
+ </li>
+
+ <li class="active">
+ <a href="./">HTTP API -- Discussion</a>
+ </li>
+
+ <li >
+ <a href="../api_spec/">HTTP API -- API Specification</a>
+ </li>
+
+ <li >
+ <a href="../features/">HTTP API -- Design and Features</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Authoritative <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../authoritative/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/installation/">Installing and Running</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/upgrading/">Upgrading</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/modes-of-operation/">Modes of Operation</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/virtual/">Virtual Hosting</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/fancy-records/">Fancy Records</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/performance/">Performance Tuning and Monitoring</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/migration/">Migrating to PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/recursion/">Recursion with the Authoritative Server</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/dnssec/">Serve DNSSEC Signed Data</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-bind/">Backend: BIND</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-db2/">Backend: DB2</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-generic-mypgsql/">Backend: Generic MySQL and PostGreSQL</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-gsqlite/">Backend: Generic SQLite</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-ldap/">Backend: LDAP</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-lmdb/">Backend: LMDB</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-oracle/">Backend: Oracle</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-pipe/">Backend: Pipe</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-random/">Backend: Random</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-remote/">Backend: Remote</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-tinydns/">Backend: TinyDNS</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/backend-deprecated/">Deprecated Backends</a>
+ </li>
+
+ <li >
+ <a href="../../authoritative/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Recursor <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../recursor/">Introduction</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/security/">Security of the Recursor</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/stats/">Recursor Statistics</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/performance/">Performance Tuning</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/scripting/">Scripting</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/dns64/">DNS64 support</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/internals/">Internals</a>
+ </li>
+
+ <li >
+ <a href="../../recursor/settings/">List of Settings</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Security <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../security/">Security Policy</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2012-01/">Advisory 2012-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-02/">Advisory 2010-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2010-01/">Advisory 2010-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-03/">Advisory 2008-03</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-02/">Advisory 2008-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2008-01/">Advisory 2008-01</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-02/">Advisory 2006-02</a>
+ </li>
+
+ <li >
+ <a href="../../security/powerdns-advisory-2006-01/">Advisory 2006-01</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+
+ <li class="dropdown">
+ <a href="#" class="dropdown-toggle" data-toggle="dropdown">Tools and Appendices <b class="caret"></b></a>
+ <ul class="dropdown-menu">
+
+ <li >
+ <a href="../../appendix/backend-writers-guide/">Backend Writer's Guide</a>
+ </li>
+
+ <li >
+ <a href="../../appendix/compiling-powerdns/">Compiling PowerDNS</a>
+ </li>
+
+ <li >
+ <a href="../../tools/analysis/">DNS Analysis Tools</a>
+ </li>
+
+ </ul>
+ </li>
+
+
+ </ul>
+
+ <!-- Search, Navigation and Repo links -->
+ <ul class="nav navbar-nav navbar-right">
+
+<!-- <li >
+ <a rel="next" href="../README/">
+ <i class="fa fa-arrow-left"></i> Previous
+ </a>
+ </li>
+ <li >
+ <a rel="prev" href="../api_spec/">
+ Next <i class="fa fa-arrow-right"></i>
+ </a>
+ </li> -->
+
+ </ul>
+ </div>
+ </div>
+</div>
+
+ <div class="container">
+ <div class="col-md-3"><div class="bs-sidebar hidden-print affix well" role="complementary">
+ <ul class="nav bs-sidenav">
+
+ <li class="main active"><a href="#big-picture">Big Picture</a></li>
+
+
+ <li class="main "><a href="#secondary-goals">“Secondary” goals</a></li>
+
+
+ </ul>
+</div></div>
+ <div class="col-md-9" role="main">
+
+<p>Everything open for discussion.</p>
+<p>TODO:</p>
+<ul>
+<li>Everything marked as <strong>TODO</strong></li>
+<li>Finish data management (tsigkeys, …)</li>
+<li>Incorporate applicable ideas from http://mailman.powerdns.com/pipermail/pdns-users/2013-February/009613.html</li>
+</ul>
+<h1 id="big-picture">Big Picture</h1>
+<ul>
+<li>HTTP with SSL in-process in Auth & Recursor</li>
+<li>JSON API</li>
+<li>make it really great for us and other consumers</li>
+<li>“unified” API across Daemons and Console</li>
+<li>pdnsmgrd</li>
+<li>cease to do SSL proxying</li>
+<li>become completely optional component</li>
+<li>only for “meta” features</li>
+<li>Console</li>
+<li>get rid of all the API hacks</li>
+<li>new features as detailed below</li>
+<li>CLI tool</li>
+<li>should talk to daemons and Console (if there)</li>
+<li>“Pure” OOTB install</li>
+<li>miniature single page js app for users not installing pdnscontrol</li>
+</ul>
+<h1 id="secondary-goals">“Secondary” goals</h1>
+<ul>
+<li>keep everything lean</li>
+<li>minimal intrusions into existing code</li>
+</ul>
+</div>
+ </div>
+
+
+
+ <script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
+ <script src="../../js/bootstrap-3.0.3.min.js"></script>
+ <script src="../../js/prettify-1.0.min.js"></script>
+ <script src="../../js/base.js"></script>
+ </body>
+</html>
\ No newline at end of file