Domain Reservation Commands
Commands for managing reserved domains in Keeper Enterprise
Overview
Keeper Commander provides domain management capabilities for enterprise administrators to reserve and manage domains. These commands allow Keeper Admin to claim domains for their enterprise, ensuring that user accounts with email addresses from these domains can only be created within the authorized enterprise.
What's a Reserved Domain? A reserved domain is a DNS domain (e.g. company.com) that has been registered to a specific Keeper enterprise tenant. Once reserved, only that enterprise can create accounts with email addresses from that domain, preventing unauthorized account creation.
User Commands
Enterprise Administrator Commands
These commands are available to Keeper Administrators for managing enterprise domains:
domain list– View all reserved domains for your enterprisedomain reserve– Reserve and remove domains from your enterprise
Terminology
The table below describes domain management terminology used in Keeper's platform.
Reserved Domain
A DNS domain that has been verified and claimed by an enterprise. Only this enterprise can create user accounts with email addresses from this domain.
Domain Verification
The process of proving domain ownership by adding a DNS TXT record containing a Keeper-provided token.
Verification Token
A unique string generated by Keeper that must be added to your domain's DNS TXT records to prove ownership.
Enterprise Admin
The highest level of administrative access in Keeper Enterprise, required to manage reserved domains.
Domain Management Commands
domain list - List Reserved Domains
domain list - List Reserved DomainsLists all domains currently reserved for your enterprise.
Command Syntax
domain list [--format=FORMAT] [--output=FILE]Alias: ld
Parameters
--format: Output format (tableorjson). Default:table--output: Output file name for exporting results
Permission Required: Enterprise Admin
Examples
Example 1: Display reserved domains in table format
My Vault> domain list
Domain Name
--------------------
example.com
company.com
enterprise.netExample 2: Display reserved domains as JSON
My Vault> domain list --format=json
[
"example.com",
"company.com",
"enterprise.net"
]Example 3: Save domain list to file
My Vault> domain list --format=json --output=domains.json
Results saved to domains.jsonExample 4: Using alias command
My Vault> dl
Domain Name
-------------
example.com
company.comdomain reserve - Reserve and Manage Domains
domain reserve - Reserve and Manage DomainsReserve, verify, or remove domains from your enterprise. This command supports a three-step workflow for domain verification.
Command Syntax
domain reserve --action=ACTION --domain=DOMAINAlias: dr
Parameters
--action: Required. Action to perform:token– Generate verification token for DNSadd– Add domain after DNS verificationdelete– Remove reserved domain
--domain: Required. The domain name to manage (e.g.,example.com)
Permission Required: Enterprise Admin
Domain Reservation Workflow
Step 1: Generate Verification Token
Generate a DNS verification token for your domain.
Command Syntax
domain reserve --action token --domain DOMAINExamples
Example 1: Generate token for domain
My Vault> domain reserve --action token --domain example.com
Token generated successfully!
Domain: example.com
Token: abc123def456ghi789
Next steps:
1. Log into your domain registrar or DNS provider
2. Add a TXT record for domain "example.com" with value:
abc123def456ghi789
3. Wait for DNS propagation (may take a few minutes)
4. Run: domain reserve --action add --domain example.comStep 2: Add Domain After Verification
After adding the TXT record to your DNS, verify and reserve the domain.
Command Syntax
domain reserve --action add --domain DOMAINExamples
Example 1: Add verified domain
My Vault> domain reserve --action add --domain example.com
Domain "example.com" has been reserved for the enterpriseStep 3: Remove Reserved Domain
Remove a domain from your enterprise's reserved list.
Optional Parameters
--force: for skip confirmation prompt
Command Syntax
domain reserve --action delete --domain DOMAIN --forceExamples
Example 1: Remove domain with --force flag (for skip confirmation prompt)
My Vault> domain reserve --action delete --domain old-company.com --force
Domain "old-company.com" has been removed from the enterpriseExample 2: Remove domain without --force flag
My Vault> domain reserve --action delete --domain old-company.com
Are you sure you want to delete domain "old-company.com"? (y/n): y
Domain "old-company.com" has been removed from the enterpriseDNS Configuration Guide
Adding TXT Record for Domain Verification
Step-by-Step Process
Generate Token
domain reserve --action token --domain example.comAccess DNS Provider
Log into your domain registrar or DNS hosting provider (e.g., GoDaddy, Cloudflare, Route53, Namecheap)
Add TXT Record
Record Type: TXT
Host/Name:
example.comValue:
abc123def456ghi789(use your actual token)
Add Domain
domain reserve --action add --domain example.com
Complete Workflow Example
Here's a complete example of reserving a new domain:
# Step 1: List current domains
My Vault> domain list
Domain Name
-------------
company.com
# Step 2: Generate token for new domain
My Vault> domain reserve --action token --domain newacquisition.com
Token generated successfully!
Domain: newacquisition.com
Token: def789ghi123jkl456
Next steps:
1. Log into your domain registrar or DNS provider
2. Add a TXT record for domain "newacquisition.com" with value:
def789ghi123jkl456
3. Wait for DNS propagation (may take a few minutes)
4. Run: domain reserve --action add --domain newacquisition.com
# Step 3: [User adds TXT record to DNS]
# Step 4: Add domain after verification
My Vault> domain reserve --action add --domain newacquisition.com --force
Domain "newacquisition.com" has been reserved for the enterprise
# Step 5: Verify the domain was added
My Vault> domain list
Domain Name
------------
company.com
newacquisition.comFor more information about Keeper Commander, visit the Commander CLI Documentation.
Last updated
Was this helpful?