@bbaade, your message is a bit sparse but I gather you have a domain, e.g. "example.com.“, registered with provider X and you wanted to delegate the DNS hosting to deSEC?
If so, you need to know that the zone file currently active at provider X would cease to be relevant after delegation. So any records added to that zone, including NS and DS records would become irrelevant. So it does not matter wether provider X supports DS records in that zone file or not.
What you actually want is setting the NS glue records and the DS record for “example.com.” in the parent zone, e.g. "com.“. Now usually you don’t have direct access to TLD registries. So your current provider/registrar would have to communicate the changes to them.
Some domain registrars have an interface or an API for this but probably not all. If your provider can’t help you there then you will either need to move your domain to a provider that supports this or forget about using deSEC (or any other DNS hoster) for your domain. (You could still register a subdomain under dedyn.io and put a CNAME into your domain. But that would not be fully secure as the CNAME itself would not be secured.)
Note: If my initial assumption is false, and you want to delegate a subdomain, e.g. "sub.example.com.“ to deSEC then you will have a different problem:
Your parent domain is now "example.com.“ and you would need to add the NS glue and DS records to the zone of that domain. Unless your current provider supports DNSSEC for “example.com.” any DS records in the domain "example.com.“ would be insecure and thus your delegated subdomain would remain insecure (and probably non-functional for many clients behind validating resolvers). The chain of trust from “.” → “com.” → “example.com.” → “sub.example.com.” would be broken.
HTH
fiwswe