SSO Domain Validation

Article author
Jing Wen Ng
  • Updated

SSO domain validation is a new security measure to verify customers' domain ownership. This process enhances security by ensuring that only authorized users can claim and configure SSO for their own domain(s).

How Does It Work?

  1. Customer requests domain verification*: Company admin reaches out to Remote to verify their domain.
  2. Share TXT record: Remote team provides the TXT record to the admin for adding to their DNS server with the domains registered on Remote.
  3. Add the TXT record to DNS: Company admin adds the provided TXT record to their domain's DNS settings.
  4. Automated verification: The system automatically checks for the TXT record and verifies the domain.
  5. Receive notification: Once the domain is verified, the company admin(s) receive an in-platform notification confirming successful validation.

*Please note: This initial step is temporary. We plan to display the TXT record within the platform in the future, which will significantly streamline the process for you.

Who Is Affected and Why Is This Important?

This update affects all companies using or setting up SSO for their organization. Domain validation secures your SSO configuration, safeguarding against unauthorized access. In the future, we'll require domain validation before the SSO setup, so we strongly recommend completing this process as soon as possible if you're setting up SSO.

To access the Zendesk help center using Remote SSO credentials, you'll need to verify your domain. This additional step enhances security and simplifies access across platforms.

FAQs

How long does domain validation take?

It can take up to 72 hours for the system to verify your domain after you add the TXT record to your DNS.

What happens if I disable SSO and re-enable it?

When you disable SSO, the existing TXT record will expire. A new one will be generated when you reactivate SSO, requiring re-validation. Please reach out to Remote for your new TXT record and follow the instructions on the step-by-step guide.

What if I have multiple domains in my SSO setup?

You will need to validate all domains using the same TXT record. Make sure the TXT record is added to the DNS for each domain in your SSO configuration.

Why isn't my domain verifying after adding the TXT record?

Check your TXT record format

Make sure you've copied the exact TXT record from your Remote admin dashboard. The most common issue is incorrect formatting.

Correct format:

remote-domain-verification=566077b8-318a-47ae-8592-2446b692e165

Common mistakes to avoid:

  • Using only the verification code without the prefix
  • Adding extra characters or spaces
  • Missing the equals sign (=)

Check where you've added the record

The TXT record must be added to your root domain, not a subdomain.

Correct (root domain):

  • remote.com

Incorrect (subdomain):

  • sub.remote.com

<div class="callout"> If your DNS tool doesn't accept an empty record name, use @ instead. The @ symbol represents your root domain. </div>

Still having issues?

Double-check that:

  1. You've added the record to the same domain you declared in your SSO configuration
  2. You've waited a few minutes for the DNS changes to take effect
  3. There are no extra spaces before or after the TXT record

If you have any questions or need further assistance, please contact us.

Was this article helpful?

1 out of 1 found this helpful

Have more questions? Submit a request

Related articles

Comments

0 comments

Article is closed for comments.