SSO Domain Validation

Article author
Jing Wen Ng
  • Updated

To ensure a secure and trusted SSO (Single Sign-On) setup, domain verification is now a required step before activating SSO on Remote. This process confirms that your company owns the domain being used for authentication.

How Does It Work?

1. Access Security Settings

Navigate to your company's security configuration:

  1. Log into your administrative account
  2. Go to Company Settings
  3. Click on the Security card
  4. Select Single Sign-On (SSO)
    Screenshot 2025-06-27 at 08.21.03-mh.png

Note: If you haven't verified at least one domain, the SSO functionality will be disabled.

2: Add Your Domain

  1. Click the "Add Domain" button
  2. Enter your domain name (e.g., yourcompany.com)
  3. Click "Add Domain and Continue"
    Screenshot 2025-06-27 at 08.21.03-mh (1).png

3: Generate and Copy the TXT Record

Once you've added your domain, the system will generate a unique TXT record. This record serves as proof of ownership.

  1. The system displays a unique TXT record value
  2. Click the "Copy" button to copy this record to your clipboard (If you're unsure how to do this, please refer to your DNS provider’s documentation or contact your IT administrator.)
  3. Keep this window open – you'll need to return here after updating your DNS
    Screenshot 2025-06-27 at 08.21.03-mh (2).png

Important: Each domain receives its own unique TXT record. If you're verifying multiple domains, each will have a different verification code.

Step 4: Verify Your Domain

After adding the TXT record to your DNS:

  1. Return to the verification window
  2. Click "Verify Domain"
  3. The system will check if the TXT record matches
    Screenshot 2025-06-27 at 08.21.03-mh (3).png

Verification Timeline: usually it takes a few minutes to propagate, but sometimes could take up to 72 hours. If it takes longer than that, please ensure domain / TXT record etc is added correctly

If verification fails immediately, don't worry – DNS propagation takes time. Try again in 15-30 minutes.

Who Is Affected and Why Is This Important?

This update affects all companies using or setting up SSO for their organization. Domain validation secures your SSO configuration, safeguarding against unauthorized access. In the future, we'll require domain validation before the SSO setup, so we strongly recommend completing this process as soon as possible if you're setting up SSO.

To access the Zendesk help center using Remote SSO credentials, you'll need to verify your domain. This additional step enhances security and simplifies access across platforms.

FAQs

How long does domain validation take?

It can take up to 72 hours for the system to verify your domain after you add the TXT record to your DNS.

What happens if I disable SSO and re-enable it?

If you disable SSO, any domains you’ve already verified will remain verified. You can re-enable SSO at any time without needing to verify the domain again. However, if you delete the verified domains from the SSO dashboard, you’ll need to add and verify your domain again before SSO can be activated.

Can I have multiple domains in my SSO setup?

Yes, you can configure SSO with multiple domains. Each domain must be added and verified individually before it can be used in your SSO configuration. Make sure to complete the domain verification process for every domain you plan to include.

Why isn't my domain verifying after adding the TXT record?

Check your TXT record format

Make sure you've copied the exact TXT record from your Remote admin dashboard. The most common issue is incorrect formatting.

Correct format:

remote-domain-verification=566077b8-318a-47ae-8592-2446b692e165

Common mistakes to avoid:

  • Using only the verification code without the prefix
  • Adding extra characters or spaces
  • Missing the equals sign (=)

Check where you've added the record

The TXT record must be added to your root domain, not a subdomain.

Correct (root domain):

  • remote.com

Incorrect (subdomain):

  • sub.remote.com

<div class="callout"> If your DNS tool doesn't accept an empty record name, use @ instead. The @ symbol represents your root domain. </div>

Still having issues?

Double-check that:

  1. You've added the record to the same domain you declared in your SSO configuration
  2. You've waited a few minutes for the DNS changes to take effect
  3. There are no extra spaces before or after the TXT record

If you have any questions or need further assistance, please contact us.

Was this article helpful?

1 out of 1 found this helpful

Have more questions? Submit a request

Related articles

Comments

0 comments

Article is closed for comments.