diff --git a/src/routes/domains.js b/src/routes/domains.js
index 96fca14bc..148ad9e2a 100644
--- a/src/routes/domains.js
+++ b/src/routes/domains.js
@@ -7,7 +7,7 @@ exports = module.exports = {
     update: update,
     del: del,
 
-    getDnsRecord: getDnsRecord,
+    getDnsRecords: getDnsRecords,
 
     verifyDomainLock: verifyDomainLock
 };
@@ -155,17 +155,18 @@ function del(req, res, next) {
     });
 }
 
-function getDnsRecord(req, res, next) {
+function getDnsRecords(req, res, next) {
     assert.strictEqual(typeof req.params.domains, 'string');
 
     if (!('subdomain' in req.query)) return next(new HttpError(400, 'subdomain is required'));
     if (!('type' in req.query)) return next(new HttpError(400, 'type is required'));
 
-    domains.getDnsRecords(req.query.subdomain, req.params.domain, req.query.type, function (error, result) {
-        if (error && error.reason === DomainsError.NOT_FOUND) return next(new HttpError(404, error.message));
+    domains.getDnsRecords(req.query.subdomain, req.params.domain, req.query.type, function (error, values) {
+        if (error && error.reason === DomainsError.NOT_FOUND) return next(new HttpError(404, error.message)); // domain (and not record!) not found
         if (error && error.reason === DomainsError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));
+        if (error && error.reason === DomainsError.ACCESS_DENIED) return next(new HttpSuccess(200, { error: { reason: error.reason, message: error.message }}));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(200, result));
+        next(new HttpSuccess(200, { values })); // empty array when no dns record
     });
 }
\ No newline at end of file