An authenticated domain allows you to remove the "via" or "sent on behalf of" message that your recipients see when they read your emails. Authenticating a domain allows you to replace sendgrid.net with your personal sending domain. You will be required to create a subdomain so that SendGrid can generate the DNS records which you must give to your host provider. If you choose to use Automated Security, SendGrid will provide you with 3 CNAME records. If you turn Automated Security off, you will get 2 TXT records and 1 MX record.
Domain Authentication was formerly called "Domain Whitelabel".
For more information, please see How to set up domain authentication.
Each user may have a maximum of 3,000 authenticated domains and 3,000 link brandings. This limit is at the user level, meaning each Subuser belonging to a parent account may have its own 3,000 authenticated domains and 3,000 link brandings.
This endpoint allows you to authenticate a domain.
If you are authenticating a domain for a subuser, you have two options:
Bearer <<YOUR_API_KEY_HERE>>
The on-behalf-of
header allows you to make API calls from a parent account on behalf of the parent's Subusers or customer accounts. You will use the parent account's API key when using this header. When making a call on behalf of a customer account, the property value should be "account-id" followed by the customer account's ID (e.g., on-behalf-of: account-id <account-id>
). When making a call on behalf of a Subuser, the property value should be the Subuser's username (e.g., on-behalf-of: <subuser-username>
). See On Behalf Of for more information.
application/json
Domain being authenticated.
The subdomain to use for this authenticated domain.
The username associated with this domain.
The IP addresses that will be included in the custom SPF record for this authenticated domain.
Specify whether to use a custom SPF or allow SendGrid to manage your SPF. This option is only available to authenticated domains set up for manual security.
Whether to use this authenticated domain as the fallback if no authenticated domains match the sender's domain.
Whether to allow SendGrid to manage your SPF records, DKIM keys, and DKIM key rotation.
Add a custom DKIM selector. Accepts three letters or numbers.
The region of the domain. Allowed values are global
and eu
. The default value is global
.
The ID of the authenticated domain.
The ID of the user that this domain is associated with.
The subdomain to use for this authenticated domain.
The domain to be authenticated.
The username that this domain will be associated with.
The IPs to be included in the custom SPF record for this authenticated domain.
Indicates whether this authenticated domain uses custom SPF.
Indicates if this is the default authenticated domain.
Indicates if this authenticated domain was created using the legacy whitelabel tool. If it is a legacy whitelabel, it will still function, but you'll need to create a new authenticated domain if you need to update it.
Indicates if this authenticated domain uses automated security.
Indicates if this is a valid authenticated domain.
The DNS records used to authenticate the sending domain.
1const client = require("@sendgrid/client");2client.setApiKey(process.env.SENDGRID_API_KEY);34const data = {5domain: "example.com",6subdomain: "news",7username: "john@example.com",8ips: ["192.168.1.1", "192.168.1.2"],9custom_spf: true,10default: true,11automatic_security: false,12custom_dkim_selector: "string",13region: "global",14};1516const request = {17url: `/v3/whitelabel/domains`,18method: "POST",19body: data,20};2122client23.request(request)24.then(([response, body]) => {25console.log(response.statusCode);26console.log(response.body);27})28.catch((error) => {29console.error(error);30});