Domain verification

Verify one or multiple domains to prove that you or your organization owns those domains. Domain verification allows your organization to centrally manage all its employees' Atlassian accounts and apply authentication policies. Authentication policies that currently exist include password requirements and SAML, and we'll eventually include requiring two-step verification.

After verifying your domain, all users with existing Atlassian accounts under that domain will receive an email explaining that they are transitioning to a managed account. Anyone signing up to a new Atlassian account with that domain will see that they are getting a managed account.

Example of domain claim verification

With domain claim verification, an administrator confirms they own the domain (@example.com) that their organization uses for their Atlassian account. This allows them to manage all accounts (alana@example.comjim@example.comjulie@example.com...) within that email domain.

When Atlassian accounts aren't within any claimed domains, the individual account holder still manages their own accounts unless another site has performed a domain verification on her account. For example, after you've claimed @example.com for your organization, if you add janet@anotherdomain.com as a site user, you won't have control over Janet's account because you haven't claimed @anotherdomain.com.

Verify your domain

Your domain is everything that comes after the @ symbol in your email address and the email addresses of your users. For example, Atlassian has the domain @atlassian.com. You can verify your domain in two different ways:

  • HTTPS—Upload an HTML file to the root folder of your domain's website.
  • DNS TXT—Copy a TXT record to your domain name system (DNS).

To verify your domain, go to Site Administration > Domains, enter the domain you want to verify, and click Add domain. Because you can verify more than one domain, you can add multiple domains with the Add domain button. Once they're added, they'll stay in your verified list, unless another site verifies the same domain. Click Verify for the domain you want to verify.

To verify your domain over HTTPS:

HTTPS is mandatory for hosting the HTML file, and it needs to be a valid SSL certificate from a certificate authority (self-signed certificates won't work). Only one redirection to a www domain prefix is allowed. For example, if your domain is @example.com, domains can only be successfully verified on https://example.com or https://www.example.com. You can't verify domains that redirect to a second domain.

  1. After clicking Verify, you'll see the Verify over HTTPS popup. Download the HTML file.
  2. Upload the HTML file to the root directory of your domain.

  3. Click Verify domain in the popup.

If the verification process can locate the file you uploaded at the root directory, the status of the domain updates to Verified.

After verification is successful, we'll periodically check for the verification file for security purposes. If the file is ever deleted, we won't be able to tell that you still own your domain, so your domain will lose its verification status. If this happens, any authentication policies in place for that domain, including SAML, won't apply.

To verify your domain using DNS:

If you don't have access to your root folder, verifying via DNS is your other option.

It may take up to 72 hours for you to know whether your domain verification has been successful, but you'll most likely find out much sooner.

  1. From the Verify over HTTPS popup, click the DNS method link. You'll open the Verify using DNS popup.

  2. Click Copy to clipboard to copy the value for your TXT record.
  3. From your DNS, find the settings page for adding a new record.
  4. Select the option for adding a new record and paste the value you copied from the Verify domain popup to the Value field. Your DNS may also refer to it as Answer or Description.
  5. Your DNS record may also include the following fields:
    • Record type: Enter TXT
    • Name/Host/AliasLeave the default (@ or blank)
    • Time to live (TTL): Enter 86400
  6. Save the record.
  7. Return to the Site administration, and click Verify domain in the popup.

Because it can take up to 72 hours for the TXT record changes to take effect, you won't know right away whether your domain verification was successful. Check your Domains page soon after you perform these steps for your verification status.

After verification is successful, we'll periodically check your DNS for the TXT record. If someone deletes or updates the TXT record with incorrect information, we'll send you an email letting you know that you have a certain amount of time to update the TXT record. If you don't, your domain will no longer be verified. If your domain loses its verification status and you had a password policy in place for that domain, the policy will no longer apply to new users.

Domain verification issues

Refer to this section if you have special circumstances when trying to verify your domain.

If a CMS manages your website

You may not be able to directly add a file to your website's root folder. As a workaround, you can copy the verification token from the downloaded file and publish it to an existing page that's less than 256kB in the same location (https://example.com/atlassian-domain-verification.html). This way should successfully verify your domain.

If you can't verify with a file upload / HTTPS

For enhanced security, the domain verification process makes HTTPS mandatory for hosting the HTML file. Your domains need to have a valid SSL certificate from a certificate authority (self-signed certificates won't work).

Only one redirection to a www domain prefix is allowed. For example, you can only successfully verify domains on https://example.com and/or https://www.example.com. You can't verify domains that redirect to a second domain.

If we've contacted you about the new Atlassian account login experience and it's important for you to keep your password policy but you're unable to verify your domains with HTTPS, we recommend that you temporarily defer your transition to Atlassian account to a later date.

If you're using G Suite

Your users authenticate with Google. Because you verify your domain as part of your integration with Google, you can't verify your domain from your Atlassian Cloud site. If you want to claim your domain, you'll need to disconnect the G Suite integration.

If your users for another domain aren't connected through G Suite, you can still claim that domain and set a password policy for those users.

If you want to verify a domain that you don't own

To protect the privacy and security of Atlassian's users, it's not possible to verify domains that you don't own.

If you'd like to apply a password policy to these users, ask them to change their email address to a domain that you can verify, or send them invitations to email addresses with the domain.

If you have two different Atlassian Cloud sites

You can only verify a domain for one Atlassian Cloud site. However, if you configure a password policy for one domain, that policy applies to accounts on the verified domain across both of your sites. Make sure that you configure the password policy on the same Atlassian site where you verify your domain.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport