Articles in this section

Domain control

Catherine
  • Updated

Having a single company-managed subscription is the best way to advance team collaboration, ensure that content is created and stays in your account, and simplify security compliance.

Available on: Enterprise plan
Set up by: Company Admins/System Administrators

Domain control is a company-level feature that helps to manage users who sign up for Miro on their own. It works by monitoring the activity of users within your corporate domain(s) and providing you with several management options. 

With Domain control you can:

  • Uncover user activity within your domain(s) and invite them to join your Enterprise subscription
  • Prevent users within your domain(s) from creating their own subscriptions
  • Automatically add newly registered users within your domain(s) to designated teams

As soon as you verify your company domains as a part of the Domain control setup, all the Miro users within your corporate domains become your Managed users. This gives you a larger control over your company’s employees' accounts. Learn more.

How to set up Domain control

Verify your domain

A domain can only be owned by one Enterprise account at a time. As a result, you need to follow these steps to verify each of your domains before Domain control can be used to manage users. 

  • Step 1. Add your domain(s) to Miro.
    • Go to Settings > Company > Security > Domain control and click the Add a domain button. Type in your domain and click Request verification

add_domain_button.jpg
Domain control in Company settings

  • Step 2. Receive the verification code.
    • We'll send you an e-mail with a verification code (this may take some time). You will need this code for Step 3.
  • Step 3. Create a TXT-record.
    • Go to the DNS records of your domain and create a new TXT-record using the specifications below. Your IT personnel, a Domain Admin, or the Network team may be best suited to assist. Updating the TXT record can be done through the administration console or dashboard of the domain's hosting provider. List of DNS providers.
        • Value/Answer/Description = “miro-verification=[INSERT CODE]”  
        • Name/Host/Alias is left blank (or type @ to add a subdomain)
        • Time to live (TTL) = “86400” (can also be inherited from the default configuration)

create_a_txt_record.jpg
Creating a new TXT-record

  • Step 4. Wait for the record to become public.
    • It may take up to 72 hours for a new record to appear. Try Google Toolbox to check if the TXT-record starting with ‘miro-verification’ is listed for your domain. Here's what the result looks like when provided to us by Google:

results_from_Google.jpg
Checking domain verification

  • Step 5. Let us know.
    • Reply to our email to let us know that we can now verify your domain
  • Step 6. Leave the DNS-record.
    • After we complete the verification on our end, please do not remove the DNS-record for continuous verification

Rules when verifying domains

  • You will need to create a separate record for each top-level domain and each subdomain you use

  • If it's not possible for you to add 2 TXT records with the same name, you may imitate the address as a subdomain (i.e. instead of verifying yourdomain.com please verify mirovalidation.yourdomain.com)

  • You should incorporate all the zones that are used for the verified domain configuration

  • The FQDN is expected to be the same as your domain address

  • We advise verifying both for internal and external DNS

 

Set up domain settings

Domain settings determine how newly registered users within your domain(s) are managed. 

After a domain is verified, click the three dots > edit domain settings to access the Domain control settings. You should choose the domain settings for each verified domain as well as designate any default teams.

edit_domain_settings.jpg
Accessing Domain control settings

There are three options: 

  • Off (default setting): newly registered users with your domain(s) will have the chance to request to join your subscription. They won't be able to join or learn any details about it without Company Admin's approval. Company admins can configure how requests are managed
  • Capture new users: all newly registered users with your domain(s) will automatically join your subscription. You choose one or more teams that they'll join by default. Captured users are provisioned the default account license
  • Full control: works identical to Capture new users but also prohibits newly registered and existing users with your domain(s) from creating any new teams outside of your subscription. With this setting, the end-users will see no option to create or purchase new teams

domain_control_settings.jpg
Domain control settings

 

Captured and Uncaptured Users

A user is considered Captured when they are (1) in your Enterprise subscription and (2) have your corporate email domain. This includes invited, deactivated users, and guests

An Uncaptured user is a user with your corporate email domain but is not in your Enterprise subscription.

Domain control is the only way to get visibility into the count of uncaptured users other than requesting a Domain audit from your Customer Success Manager (you can request a domain audit from the Domain control settings).

The following 2 cases can increase the number of Uncaptured users:

The following 2 cases can decrease the number of Uncaptured users:

  • The Uncaptured user is added to your Enterprise account
  • An invitation to an unregistered user expires after 30 days from the invitation date
Was this article helpful?
Yes, thanks Not really
Sorry about that! Why wasn't the article helpful?
If you would like to get a reply from the Miro Support team, please create a ticket here
Thank you for your feedback!
Error! Please try later...
Return to top

Related articles