Generate DNS Records
developer/v1/reports/generate-recordsGenerates syntactically valid, ready-to-publish email-authentication DNS records for the requested providers and policy preferences. Output includes SPF at the apex, DMARC at _dmarc.<domain>, DKIM selector TXT hints per provider, MTA-STS TXT + policy file body, and TLS-RPT TXT at _smtp._tls.<domain>. No DNS lookup required — all values are computed from provider metadata.
What It Does
Accepts a domain plus comma-separated provider list (google_workspace, microsoft_365, sendgrid, mailgun, amazon_ses, mailchimp, zoho, fastmail, etc.) plus optional DMARC policy and MTA-STS mode. Looks up each provider in an internal provider table and emits the canonical SPF include, DKIM selector(s), and MX hints. Assembles the full SPF record under the 10-lookup limit. Formats DMARC with rua= pointing to a configurable address. Emits a complete MTA-STS policy file (version/mode/mx/max_age) and the companion DNS records. Returns record name, type, TTL, and value for each, ready to paste into DNS management.
Why It's Useful
Writing these records from scratch is error-prone — small syntax errors silently disable the policy. A generator eliminates that class of bug and gives teams a starting point they can diff against an existing configuration.
Use Cases
New Domain Provisioning
Bring a new domain online — generate a complete email-auth record set based on the chosen providers.
Minutes to a production-ready email-auth baseline.
Provider Migration
Moving from one provider to another — generate records for the new provider and diff against current to identify the exact changes to deploy.
Reduce cutover risk.
Template Generation for IaC
Parameterize Terraform/Pulumi modules by consuming generated record values as input.
Consistent DNS records across managed domains.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | The domain to generate records forExample: example.com |
provider | string | Optional | Comma-separated list of email providers (google_workspace, microsoft_365, sendgrid, mailgun, amazon_ses, mailchimp, zoho, fastmail)Example: google_workspace,sendgrid |
Response Fields
| Field | Type | Description |
|---|---|---|
domain | string | The queried domain |
providers | array | Providers the records target |
records | array | Generated records: name, type, ttl, value, description |
mta_sts_policy_file | object | Policy file content + path for https://mta-sts.<domain>/.well-known/mta-sts.txt |
warnings | array | Warnings — e.g., SPF under 10-lookup budget, DMARC aggregate report address not specified |
Code Examples
curl "https://api.edgedns.dev/v1/reports/generate-records" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain=example.com"const response = await fetch(
'https://api.edgedns.dev/v1/reports/generate-records?domain=example.com',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/reports/generate-records',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': 'example.com'
}
)
data = response.json()
print(data)Read the full Generate DNS Records guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
External References
Learn more about the standards and protocols behind this endpoint.
Try This Endpoint
Test the Generate DNS Records endpoint live in the playground.