Skip to content

I suggest you ...

← General

Authorize Domain by API

Add API Functions to Authorize by TXT records to the API.
The way I'd do it would be to add an endpoint to view the TXT Record details you need to add... then a second endpoint to verify the TXT Record is valid...

Abuse Mitigations are pretty easy, cap max hits/min to the second Endpoint as it has to perform DNS lookups to do it.
And the first endpoint can't really be abused anyway as no doubt you combine the user's email plus the domain to get the hash in the TXT record... so that's a nothing function.

This will allow companies which have DNS under management in a system, to turn this into an automated part of DNS management, so that security can just be automated into the platform.

12 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Ryan Tregea shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Scott Marshall commented  ·   ·  Report

    Very keen for the ability to validate domains via the API (it looks like this is not possible?) so we can send our own branded emails to validate access and authenticate clients hosted domains via TXT record.

General

Categories

Feedback and Knowledge Base

(thinking…)