diff --git a/src/routes/settings.js b/src/routes/settings.js
index 3320c0898..eed74f14c 100644
--- a/src/routes/settings.js
+++ b/src/routes/settings.js
@@ -101,9 +101,7 @@ function getDnsConfig(req, res, next) {
 function setDnsConfig(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
 
-    if (req.body.provider !== 'route53') return next(new HttpError(400, 'provider is required'));
-    if (typeof req.body.accessKeyId !== 'string') return next(new HttpError(400, 'accessKeyId is required'));
-    if (typeof req.body.secretAccessKey !== 'string') return next(new HttpError(400, 'secretAccessKey is required'));
+    if (typeof req.body.provider !== 'string') return next(new HttpError(400, 'provider is required'));
 
     settings.setDnsConfig(req.body, function (error) {
         if (error && error.reason === SettingsError.BAD_FIELD) return next(new HttpError(400, error.message));
diff --git a/src/settings.js b/src/settings.js
index 3cf13724c..57af50eea 100644
--- a/src/settings.js
+++ b/src/settings.js
@@ -241,17 +241,26 @@ function setDnsConfig(dnsConfig, callback) {
     assert.strictEqual(typeof dnsConfig, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    if (dnsConfig.provider !== 'route53') return callback(new SettingsError(SettingsError.BAD_FIELD, 'provider must be route53'));
-    if (dnsConfig.accessKeyId === '') return callback(new SettingsError(SettingsError.BAD_FIELD, 'accessKeyId must not be empty'));
-    if (dnsConfig.secretAccessKey === '') return callback(new SettingsError(SettingsError.BAD_FIELD, 'secretAccessKey must not be empty'));
+    var credentials;
 
-    var credentials = {
-        provider: dnsConfig.provider,
-        accessKeyId: dnsConfig.accessKeyId,
-        secretAccessKey: dnsConfig.secretAccessKey,
-        region: dnsConfig.region || 'us-east-1',
-        endpoint: dnsConfig.endpoint || null
-    };
+    if (dnsConfig.provider === 'route53') {
+        if (typeof dnsConfig.accessKeyId !== 'string') return callback(new SettingsError(SettingsError.BAD_FIELD, 'accessKeyId must not a string'));
+        if (typeof dnsConfig.secretAccessKey !== 'string') return callback(new SettingsError(SettingsError.BAD_FIELD, 'secretAccessKey must not be a string'));
+
+        credentials = {
+            provider: dnsConfig.provider,
+            accessKeyId: dnsConfig.accessKeyId,
+            secretAccessKey: dnsConfig.secretAccessKey,
+            region: dnsConfig.region || 'us-east-1',
+            endpoint: dnsConfig.endpoint || null
+        };
+    } else if (dnsConfig.provider === 'caas') {
+        credentials = {
+            provider: dnsConfig.provider
+        };
+    } else {
+        return callback(new SettingsError(SettingsError.BAD_FIELD, 'provider must be route53 or caas'));
+    }
 
     settingsdb.set(exports.DNS_CONFIG_KEY, JSON.stringify(credentials), function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));