Domain Reservation Commands

Commands for managing reserved domains in Keeper Enterprise

Overview

Keeper Commander provides domain management capabilities for enterprise administrators to reserve and manage domains. These commands allow Keeper Admin to claim domains for their enterprise, ensuring that user accounts with email addresses from these domains can only be created within the authorized enterprise.

What's a Reserved Domain? A reserved domain is a DNS domain (e.g. company.com) that has been registered to a specific Keeper enterprise tenant. Once reserved, only that enterprise can create accounts with email addresses from that domain, preventing unauthorized account creation.

Domain Reservation Commands are available with the Keeper backend update 17.6.5 in December 2025

User Commands

Enterprise Administrator Commands

These commands are available to Keeper Administrators for managing enterprise domains:

domain list – View all reserved domains for your enterprise
domain reserve – Reserve and remove domains from your enterprise

Terminology

The table below describes domain management terminology used in Keeper's platform.

Terminology

Description

Reserved Domain

A DNS domain that has been verified and claimed by an enterprise. Only this enterprise can create user accounts with email addresses from this domain.

Domain Verification

The process of proving domain ownership by adding a DNS TXT record containing a Keeper-provided token.

Verification Token

A unique string generated by Keeper that must be added to your domain's DNS TXT records to prove ownership.

Enterprise Admin

The highest level of administrative access in Keeper Enterprise, required to manage reserved domains.

Domain Management Commands

Command

Alias

Action

Description

Permission

domain list

dl

List all reserved domains

Enterprise Admin

domain reserve

dr

token

Generate verification token

Enterprise Admin

domain reserve

dr

add

Add verified domain

Enterprise Admin

domain reserve

dr

delete

Remove reserved domain

Enterprise Admin

`domain list` - List Reserved Domains

Lists all domains currently reserved for your enterprise.

Command Syntax

domain list [--format=FORMAT] [--output=FILE]

Alias: ld

Parameters

--format: Output format (table or json). Default: table
--output: Output file name for exporting results

Permission Required: Enterprise Admin

Examples

Example 1: Display reserved domains in table format

My Vault> domain list
Domain Name
--------------------
example.com
company.com
enterprise.net

Example 2: Display reserved domains as JSON

My Vault> domain list --format=json
[
  "example.com",
  "company.com",
  "enterprise.net"
]

Example 3: Save domain list to file

My Vault> domain list --format=json --output=domains.json
Results saved to domains.json

Example 4: Using alias command

My Vault> dl
Domain Name
-------------
example.com
company.com

`domain reserve` - Reserve and Manage Domains

Reserve, verify, or remove domains from your enterprise. This command supports a three-step workflow for domain verification.

Command Syntax

domain reserve --action=ACTION --domain=DOMAIN

Alias: dr

Parameters

--action: Required. Action to perform:
- token – Generate verification token for DNS
- add – Add domain after DNS verification
- delete – Remove reserved domain
--domain: Required. The domain name to manage (e.g., example.com)

Permission Required: Enterprise Admin

Domain Reservation Workflow

Step 1: Generate Verification Token

Generate a DNS verification token for your domain.

Command Syntax

domain reserve --action token --domain DOMAIN

Examples

Example 1: Generate token for domain

My Vault> domain reserve --action token --domain example.com

Token generated successfully!

Domain: example.com
Token:  abc123def456ghi789

Next steps:
1. Log into your domain registrar or DNS provider
2. Add a TXT record for domain "example.com" with value:
   abc123def456ghi789
3. Wait for DNS propagation (may take a few minutes)
4. Run: domain reserve --action add --domain example.com

Step 2: Add Domain After Verification

After adding the TXT record to your DNS, verify and reserve the domain.

Command Syntax

domain reserve --action add --domain DOMAIN

Examples

Example 1: Add verified domain

My Vault> domain reserve --action add --domain example.com
Domain "example.com" has been reserved for the enterprise

Step 3: Remove Reserved Domain

Remove a domain from your enterprise's reserved list.

Optional Parameters

--force : for skip confirmation prompt

Command Syntax

domain reserve --action delete --domain DOMAIN --force

Examples

Example 1: Remove domain with --force flag (for skip confirmation prompt)

My Vault> domain reserve --action delete --domain old-company.com --force
Domain "old-company.com" has been removed from the enterprise

Example 2: Remove domain without --force flag

My Vault> domain reserve --action delete --domain old-company.com
Are you sure you want to delete domain "old-company.com"? (y/n): y
Domain "old-company.com" has been removed from the enterprise

DNS Configuration Guide

Adding TXT Record for Domain Verification

Step-by-Step Process

Generate Token

domain reserve --action token --domain example.com

Access DNS Provider
- Log into your domain registrar or DNS hosting provider (e.g., GoDaddy, Cloudflare, Route53, Namecheap)
Add TXT Record
- Record Type: TXT
- Host/Name: example.com
- Value: abc123def456ghi789 (use your actual token)

Add Domain

domain reserve --action add --domain example.com

Complete Workflow Example

Here's a complete example of reserving a new domain:

# Step 1: List current domains
My Vault> domain list
Domain Name
-------------
company.com

# Step 2: Generate token for new domain
My Vault> domain reserve --action token --domain newacquisition.com

Token generated successfully!

Domain: newacquisition.com
Token:  def789ghi123jkl456

Next steps:
1. Log into your domain registrar or DNS provider
2. Add a TXT record for domain "newacquisition.com" with value:
   def789ghi123jkl456
3. Wait for DNS propagation (may take a few minutes)
4. Run: domain reserve --action add --domain newacquisition.com

# Step 3: [User adds TXT record to DNS]

# Step 4: Add domain after verification
My Vault> domain reserve --action add --domain newacquisition.com --force
Domain "newacquisition.com" has been reserved for the enterprise

# Step 5: Verify the domain was added
My Vault> domain list
Domain Name
------------
company.com
newacquisition.com

For more information about Keeper Commander, visit the Commander CLI Documentation.

PreviousEmail Configuration Commands NextMiscellaneous Commands

Last updated 1 month ago

Was this helpful?

hashtagOverview

hashtagUser Commands

hashtagEnterprise Administrator Commands

hashtagTerminology

hashtagDomain Management Commands

hashtagdomain list - List Reserved Domains

hashtagdomain reserve - Reserve and Manage Domains

hashtagDomain Reservation Workflow

hashtagStep 1: Generate Verification Token

hashtagStep 2: Add Domain After Verification

hashtagStep 3: Remove Reserved Domain

hashtagDNS Configuration Guide

hashtagAdding TXT Record for Domain Verification

hashtagComplete Workflow Example

Overview

User Commands

Enterprise Administrator Commands

Terminology

Domain Management Commands

`domain list` - List Reserved Domains

`domain reserve` - Reserve and Manage Domains

Domain Reservation Workflow

Step 1: Generate Verification Token

Step 2: Add Domain After Verification

Step 3: Remove Reserved Domain

DNS Configuration Guide

Adding TXT Record for Domain Verification

Complete Workflow Example