SSO Domain Verification

Domain Verification

The first step is to verify ownership of your domain by adding a DNS TXT record. Access your domain's DNS settings or management interface where you'll need to add a TXT record. The record should follow the format "chariot=<verification-id>", where <verification-id> is the unique verification ID assigned to your account. You can find this value in the SSO setup dialog on the Account Settings page, where it is available to copy and paste.

At your DNS management interface, set the text record for your root domain. For example, if your domain is YourDomain.com and your record is set at the root level (@), you would add a TXT record with the value shown in the SSO setup dialog. Within the PGP setup pop-up, you can copy and paste this value.

Once set, your DNS TXT record might look something like this:

To verify that your record has been published, you can run the command dig +short TXT YourDomain.com if on a Mac or nslookup -type=TXT YourDomain.com if using Windows, and look for your record in the output.

Conclusion

Once you've added and verified the TXT record, you can proceed with configuring SSO for your organization. Note that DNS changes may take up to 48 hours to propagate across all DNS servers, though they typically take effect within a few hours. If you encounter any issues during the verification process, ensure that the TXT record is properly formatted and that you're using the verification ID shown in the SSO setup dialog. For additional assistance, contact our support team.

The following articles discus Okta and Azure SSO in more detail.If you encounter any difficulties during setup or need assistance with SSO, reach out to support@praetorian.com for help.