Here's why. I'm using LetsEncrypt to get SSL certificates for my domain. The web server for the domains are actually not at Sonic, only the DNS is. The web server uses LetsEncrypt to get his SSL certificates. So far, this has worked well by using the web-server based challenges, with the "certbot" script which I have installed on my web server, and I'm getting host-specific certificates (for example one for www.example.com). So far, so good.
For truly bizarre reasons, I now need to get a wildcard certificate, for *.example.com. That can't be done with a web server challenge to a single host; it needs to be done by adding "text" DNS records to the domain. The good people who write the various certbot-like tools for LetsEncrypt have automated too ... if the DNS server provides an API for allowing text records to be updated by the LetsEncrypt scripts.
A few years ago, I remember learning that Sonic has some sort of API for DNS updates, but now I can't find it. Anyone know?