Managing Your Domains
Domain Management allows customers to register their domains with Oracle Cloud Infrastructure, as being their domain, which blocks others from claiming that domain in the future using new cloud accounts. OCI customers can redirect new user sign-up attempts that use a corporate email address from that customer's domains.
For example, if you work at "Company A" and "companyA" is the domain name, for anyone who comes to Oracle Cloud Infrastructure and tries to create a tenancy with "companyA" in the email domain, such an attempt will be prevented and they will be directed instead to OCI.
As a result, with Domain Management, large enterprises can more easily control their environments, by knowing who is creating tenancies, and can apply corporate policy onto such tenancies. They can securely verify ownership of your domains, and more easily control spending and management of resources.
Required IAM Policy
To use Oracle Cloud Infrastructure, you must be granted security access in a policy by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with your administrator what type of access you have and which compartment to work in.
To use Domain Management, the following policies are required:
Allow group domainUsers to manage organizations-domain in compartmentA
Allow group domainUsers to manage organizations-domain-governance in compartmentA
Adding and Verifying Domains
- Domain: The name of the domain.
- Notifications: Links to the Notifications
topic. Topics aren't created, however, until verification has occurred.Important
When a domain has been verified and the topics has been created, customers receive an email to confirm their subscription. You must confirm the email subscription before you can start receiving email notifications. - TXT Record: The generated TXT record.
- Email: The domain email.
- Status: The domain verification status:
- Pending: Verification in process.
- Failed: Verification no good after 72 hours.
- Active: Verified and governance enabled.
- Disabled: Verified but not governed.
- Releasing: Customer requested removal (work request triggered).
- Released: Work request complete, will be removed from the Domain Management page after seven days.
- Date: The last modified date. Updates when verified, enabled, disabled, or if the email was updated.
- Enable or disable governance
- Update the email
- Remove the domain
When you first add a new domain, governance is disabled by default, and it status is set to Pending. After the status has changed to Active, governance can then be enabled or disabled.
Turning on Enable Governance prevents others from creating an Oracle Cloud account with your verified domain. If you need to allow others to create an account with your domain, select Disable Governance from the .
To enable governance for an active domain:
- Open the navigation menu and click Governance & Administration. Under Tenancy Management, click Domain Management.
- Click the Actions menu () and select Enable Governance. A Turn on Domain Governance confirmation is displayed.
- Agree to the Oracle Notification Service Rates. For more information, see Notifications.
- Click Yes, turn on.
To disable governance for an active domain:
- Open the navigation menu and click Governance & Administration. Under Tenancy Management, click Domain Management.
- Click the Actions menu () and select Disable Governance. A Turn off Domain Governance confirmation is displayed, indicating which domains are to be disabled.
- Click Confirm.
To update the email address for an active domain:
- Open the navigation menu and click Governance & Administration. Under Tenancy Management, click Domain Management.
- Click the Actions menu () and select Update Email. An Update Email box is displayed.
- Enter the new email address and click Save.
To remove an active domain:
- Open the navigation menu and click Governance & Administration. Under Tenancy Management, click Domain Management.
- Click the Actions menu () and select Remove Domain. A confirmation is displayed confirming which domain you're removing.
- Click Remove Domain.
Domain Revocation
Oracle regularly checks that a claimed domain is still valid and assigned to the correct owner. If a domain does not pass this verification check, you receive an email notification and you have 72 hours to update the TXT record information. If no action is taken, the domain is revoked.
If the domain is revoked but you want to reclaim it, you can add and verify the domain again.
Using the API
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.
Use the following operations in the Organizations API to manage domains: