To ensure that we uphold both your security and the security of the DAY2 platform, we require that domain ownership is verified through the use of DNS "TXT" records.
For each domain that you wish to enable SSO for, a single TXT record must be created within your DNS zone file and propagated, to allow the DAY2 platform to complete the ownership verification process.
If you have any questions or concerns about this process, please reach out to MontyCloud Support (either via chat or support ticket), or contact your account manager.
Retrieve DAY2 token
On Step 4 of the DAY2™SSO configuration wizard ("Domain Configuration"), a token will be displayed within the info panel.
Copy this token down for use when creating the TXT record, or when liaising with the administrator responsible for your domain.
Publish the DAY2 token to your domain TXT record
- Sign in to your DNS administration system.
- Access the zone records for the domain you wish to enable SSO for. In some systems, this may be called DNS Management, Name Server Management, or even Domain Records. If in doubt, please refer to your DNS system or hosting company's documentation for further advice on how to locate the administrative panel for your domain records.
- Create a new DNS record with the following values:
Record type: Enter 'TXT'
Name/Host/Alias: Leave the default (@ or blank)
Time to live (TTL): Enter '86400'
Value: Use the token provided in Step 4 of the SSO wizard
6. Save the record
Verify your domain
Once the TXT record has been created, you will need to instruct the DAY2 platform to verify each domain you wish to configure for Single Sign-On.
Please note that while additions to DNS zone records are generally accessible within minutes, it is not unusual for changes to take upwards of 48 hours to complete propagation.
We can add your domains for SSO and verify if the record has been set correctly from within the DAY2 Configure SSO wizard by following these steps:
- On Step 4 of the DAY2 "Configure SSO" wizard, enter your domain into the "Enter your Domain" text field.
- Click Add Domain to add the domain to the SSO domain list
- Click Verify to complete the ownership verification process for that domain.
When the process has completed successfully, the status will change for your domain will change to Verified. - Repeat the process for every additional domain you wish to enable SSO for.