xgp
commented
1 year ago Hi @matheushent. Thanks for the message.
Once a domain is added to an organization, it automatically generates a TXT record that must created by the user. You can find those values to display to the user with these API methods:
Once the user has created the TXT records, you can start a verification using this API method:
That kicks off a DNS query to verify the TXT record is present.
If you want to see it in an app, we've just released the phasetwo-admin-portal app, which is basically an admin console for users (with the appropriate permissions) to self-manage aspects of their organization. There is a UI for domain verification already built there.
Let me know if that clears it up at all.
matheushent
Hi,
I've been experimenting keycloak-orgs for a while and I couldn't manage to understand properly how domains are verified for organizations.
What I understood is the code calls a function to start the verification process and this function with do some logic to verify it. What is still hazy is how this verification happens in the backend... I understood it will look for some TXT records, but, how do I configure this? Let's say I have my own domain, how do I show to users the record values?