Skip to main content

DNS Made Easy Integration Setup

This guide walks you through integrating DNS Made Easy with RAD Security to ingest your managed domains/zones and DNS records, including GTD/failover configuration, for external attack-surface analysis. DNS Made Easy provides managed authoritative DNS. RAD Security connects to the DNS Made Easy API and pulls your zones and records on a scheduled basis. DNS Made Easy is DNS-only — it does not handle domain registration or TLS issuance. It complements CSC Global, which covers registration and TLS.
Read-only integration: RAD Security only reads data from DNS Made Easy. It never creates, modifies, or deletes domains or DNS records in your account.

Prerequisites

Before you begin, ensure you have:
  • A DNS Made Easy account on a Business plan or higher (required for API access)
  • Ability to generate an API Key and Secret Key in the Control Panel
  • Access to a RAD Security workspace with integration permissions
Business plan required: DNS Made Easy’s API requires a Business plan or higher. If your account is on a lower tier, API calls are rejected and the integration cannot connect.

Understanding Integration Components

RAD Security authenticates with a DNS Made Easy API Key and Secret Key. You supply both; RAD signs each request using HMAC-SHA1 with the secret key.
The integration authenticates with HMAC request signing, which depends on accurate time. RAD Security handles request signing and time synchronization automatically — you only need to provide the two keys.
DNS Made Easy offers a sandbox environment for testing. Enable the Sandbox option to use the sandbox API instead of production. Sandbox keys are issued separately from the sandbox control panel.

Step 1: Generate API Keys in DNS Made Easy

1

Sign in to the Control Panel

Log in to the DNS Made Easy Control Panel. For sandbox keys, use the sandbox control panel at sandbox.dnsmadeeasy.com.
2

Open Account Information

Navigate to Config → Account Information, where API access is managed.
3

Generate API Key and Secret Key

Generate your API Key and Secret Key.
Copy the Secret Key immediately and store it securely in a password manager or secrets vault. You will need both keys to configure the integration.
Exact Control Panel navigation and labels may vary. See the DNS Made Easy API documentation for the current steps to generate API keys.

Configure in RAD Security

Navigate to your RAD Security workspace and configure the DNS Made Easy integration with the following parameters:

Required Parameters

ParameterDescription
API KeyDNS Made Easy API key
Secret KeyDNS Made Easy secret key

Optional Parameters

ParameterDescription
SandboxUse the DNS Made Easy sandbox API instead of production (boolean; default off)
The integration authenticates with HMAC request signing, which depends on accurate time. This is handled by RAD Security automatically.

Verify Integration

1

Check Connection Status

  1. Navigate to Data Sources > Integrations > Domain Security in RAD Security
  2. Locate your DNS Made Easy integration
  3. Verify the connection status shows as Connected
Your DNS Made Easy integration is now configured! RAD Security will ingest your managed domains and DNS records on a scheduled basis.

What Data is Synced

  • Managed domains/zones as domain assets
  • Nameservers
  • DNSSEC status
  • A/AAAA/CNAME/MX/TXT/NS/SRV/CAA records
  • GTD/failover configuration
DNS Made Easy is DNS-only — it does not cover domain registration or TLS issuance. Pair it with CSC Global for registration and TLS coverage.

Use Cases

Attack Surface Analysis

Map your external footprint across managed zones and DNS records.

DNS Posture Hygiene

Track nameservers, DNSSEC status, and record configuration across your zones.

Failover Visibility

Surface GTD/failover configuration to understand traffic-steering and resilience setup.

Complementary DNS Coverage

Combine operational DNS from DNS Made Easy with registration and TLS from CSC Global.

Troubleshooting

Possible causes:
  • Incorrect API Key or Secret Key
Solution:
  • Verify both keys are copied correctly (no extra spaces)
  • Regenerate the keys in Config → Account Information and update them in RAD Security
  • Confirm sandbox keys are used only with the Sandbox option enabled
Possible causes:
  • The account is not on a Business plan or higher, so API access is unavailable
Solution:
  • Upgrade the DNS Made Easy account to a Business plan or higher to enable the API
Possible causes:
  • HMAC request signing rejected due to time drift (rare)
Solution:
  • This is handled by RAD Security automatically; no action is normally required
Possible causes:
  • The account has no managed domains
Solution:
  • Confirm the account has managed domains/zones in the DNS Made Easy Control Panel

Security Best Practices

Use a Service Account

Generate API keys under a dedicated account rather than a personal login.

Rotate Keys

Regenerate the API Key and Secret Key periodically according to your security policy.

Secure Storage

Store the Secret Key in a secrets vault. Never commit it to version control.

Use Sandbox for Testing

Validate configuration against the sandbox before connecting production.

Additional Resources

DNS Made Easy API

Official DNS Made Easy API documentation

Domain Security Overview

Learn about RAD’s domain security integrations

Next Steps

CSC Global Setup

Complement DNS Made Easy with registration and TLS from CSC Global

Domain Security Overview

Explore other domain security integration options

Data Sources

Connect additional security data sources