Articles in this section

Domain control

Catherine
  • Updated

Available on: Enterprise plan
Set up by: Company Admin/System Administrator 

Having a single company-managed subscription is the best way to advance team collaboration, ensure that content is created and stays in your account, and simplify security compliance.

In this article:

  1. Feature Description
  2. How to set up
    2.1. Verify your domain
    2.2. Set up domain settings

Feature Description

Domain control is a company-level feature that helps to get Miro users from your corporate domains to join your Enterprise subscription. Domain control is applied to both newly registered users and those who use their own Miro accounts. You’ll be able to:

  • Capture newly registered users into your Enterprise subscription automatically and add them to the designated teams (this includes the users provisioned via SCIM and JIT);
  • Prevent users with your corporate email domain(s) from creating their own subscriptions;
  • Uncover user activity in your domain and invite users to join your subscription.

⚠️ Please note:

  • Invited users are considered as captured;
  • Deactivated users are considered as captured;
  • Non-team users are considered as captured.

That means that the following 2 cases can change the number of Uncaptured users:

  • Removing a user from the organization (since the profile is not deleted from the system and still exists and the user simply stops being connected to your Enterprise account user removal will increase the counter);
  • The expiration of the pending invitation to an unregistered user (an unconfirmed profile is deleted from the system).

How to set up

✏️ A domain can be occupied by one Enterprise account only.

Domain_list.pngList of controlled domains

Verify your domain

  1. Go to Settings > Your Company > Security > Domain control and click Add a domain button. Type in your domain and click on Request verification.

  2. We'll send you an e-mail with a verification code (this may take some time).

  3. Go to DNS records of your domain and create a new TXT-record.

    ⚠️ Attention: If you need assistance with how to create this record in your domain, Google provides links to many common DNS providers.

    • Use verification code as the Value field (may also be named Answer or Description); 
    • Leave Name/Host/Alias field blank to add your domain or put @ there to add a subdomain;
    • Set Time to live (TTL) to '86400' (TTL can also be inherited from the default configuration).
      mceclip0.png
  4. Wait for the new DNS-record to become public. Note that It may take up to 72 hours for a new record to appear. Try Google Toolbox to check if the TXT-record starting with miro-verification’ is listed for your domain. Here's how the result should look like when provided to us by Google:

  5. Reply to our email to let us know that we can verify your domain. After we complete the verification on our end, please do not remove the DNS-record for continuous verification.

⚠️ Rules

  • You will need to create a separate record for each top-level domain and each subdomain you use
  • If it's not possible for you to add 2 TXT records with the same name, you may imitate the address as a subdomain (i.e. instead of verifying yourdomain.com please verify mirovalidation.yourdomain.com).
  • You should incorporate all the zones that are used for the verified domain configuration.
  • The FQDN is expected to be the same as your domain address. 
  • We advise verifying both for internal and external DNS. 

Set up domain settings

You'll be able to see additional information for your verified domain and open domain settings in the context menu behind three dots.
Domain_control_settings.png
Domain settings menu

The Number of uncaptured users stands for users in your corporate domain who are not in your subscription.

Request domain audit for insights on users' activity in your domain. Our Success team will get in touch with you shortly to provide the report along with recommendations.

Domain settings control how new users from your domain can join your subscription and if a new subscription can be created using your corporate email:

  • Off (default setting): newly registered users will have the chance to request an invitation in your subscription, but won't be able to join or learn any details about it without Company Admin's approval. NB: the users from your domain are not automatically added to your subscription and any of them can create new teams.
    ✏️ Company admins can configure the way in which a user requests to join a discoverable team.
  • Capture new users: all newly registered users with email in your domain will automatically join your subscription. You can also choose one or several teams which they'll join by default.

    Captured users will get the following license:

    • For Enterprise subscriptions without Flexible Licensing Program: a full license if you don't use Day Passes; an Occasional license if you do. If your subscription runs out of licenses the users start getting provisioned under the Free Restricted license.
    • For Enterprise subscriptions with Flexible Licensing Program activated: Free or Free Restricted license depending on the default account license.

     

  • Full control: capture new users plus prohibit users with emails in your corporate domain(s) from creating any new teams outside of your subscription. 
    With this setting, the end-users will see no option to create or purchase new teams from the app. Having googled outside the app to find the pricing page, they will be shown the following message:
    Domain_control_image.png
Was this article helpful?
Yes, thanks Not really
Sorry about that! Why wasn't the article helpful?
If you would like to get a reply from the Miro Support team, please create a ticket here
Thank you for your feedback!
Error! Please try later...
Return to top

Related articles