Custom Domain

User journeys

Every user-facing flow and the surface that implements it.

Every user-facing flow and the surface that implements it — the completeness map.

Personas

  • Developer / operator — integrates the product, works in the console and via the API.
  • End customer — the SaaS's customer connecting their own domain, works in the widget.
  • Platform operator — self-hosts and monitors the stack.

End-customer journeys (widget)

#As a customer, I want to…Surface / path
C1Enter my domain and have its DNS provider detectedWidget → Domain analysis (POST /v1/domains:check)
C2Connect automatically when possibleWidget → OAuth (oauth:start → callback) or Domain Connect (domainconnect:start)
C3Get exact records to add when manualWidget → Manual config from GET /v1/connections/{id}/records (copy buttons)
C4Paste a scoped provider token to auto-writeWidget → API-token apply (POST /v1/connections/{id}/apply)
C5See progress until my domain is liveWidget → In progress (polls status) → Success
C6Recover from errors / switch to manualWidget → Error screen (retry / switch)
C7Not lose my place accidentallyWidget → exit-confirm + session-expired overlays

Developer journeys (console + API)

#As a developer, I want to…Surface / path
D1Create and manage applicationsConsole → Applications (POST/GET /v1/applications, GET /v1/applications/{id})
D2Create, list, and revoke API keysConsole → API keys (POST/GET/DELETE /v1/applications/{id}/keys)
D3Invite teammates and set rolesConsole → Members (POST /v1/members, PATCH /v1/members/{id}, :accept)
D4Connect a domain from the consoleConsole → Domains (POST /v1/connections)
D5Inspect a connection and drive itConsole → Domain detail (GET /v1/connections/{id}, /records, the apply rails)
D6See which providers auto-configureConsole → Providers (GET /v1/providers, /v1/providers/census)
D7Receive events and inspect deliveriesConsole → Webhooks (POST/GET/DELETE /v1/webhooks, GET /v1/webhook-deliveries)
D8Track usage against quotaConsole → Usage (GET /v1/billing/usage)
D9View and change planConsole → Billing (GET /v1/plans, POST /v1/billing/checkout, /portal)
D10Embed the widget safelyPOST /v1/tokens server-side; the widget JWT is app- (and optionally domain-) scoped

AI-agent journeys (MCP)

An agent drives domains through the MCP server, which wraps the same /v1 API with six tools.

#As an agent, I want to…Tool
M1Check if a domain is available and pricedsearch-domain-availability
M2Suggest available domains from keywordsgenerate-domain-suggestions
M3Register a domain (fail-closed behind an authz callback)create-domain-ordercheck-order-status
M4Connect a domain the user already ownsconnect-domaincheck-connection-status

Platform-operator journeys

#As an operator, I want to…Surface / path
O1Run the whole stack locallymake up
O2Serve HTTPS for live domains automaticallyEdge on-demand TLS gated by ask
O3Provision tenants for signupsPOST /v1/tenants:provision (provision secret)
O4Keep tenants isolatedTenant-scoped handlers; cross-tenant → 404
O5Keep secrets safeHashed keys, one-time provider tokens, sealed console key, no key material in logs

Coverage note

The setup_type values async and mcp exist in the data model; automatic and manual (plus the OAuth, Domain Connect, and API-token rails) are the paths the widget drives today, while agents drive the flow through the MCP server. There is no connection-delete endpoint yet — see Offboarding.

On this page