For Single Sign-On (SSO) to work in FAMAC, it must first be confirmed that you have control over the domain used for login. This ensures that only users with email addresses belonging to the approved domain can log in via SSO, and that only administrators with access to the domain's DNS settings can activate SSO in FAMAC.
The verification is carried out by adding a TXT record in DNS, which FAMAC uses to confirm ownership. Once the domain is verified, it can be linked to a SAML configuration and SSO can be activated.
Read more about setting up Setting up Single Sign-On (SSO) in FAMAC
Read more about setting up SAML SSO setup for Microsoft Entra ID in FAMAC
Step-by-step guide
Only users with the role of building owner administrator have access to this menu item.
- Navigate to Basic Settings > Security > Domains.
- Click on New domain and enter the domain name (for example your-domain.com).
-
(Optional) Choose whether users should only be able to log in via SSO by enabling the option “Force users to use SSO on login”.
- It is recommended that this feature is activated after the SSO integration has been thoroughly tested and confirmed to work as expected.
- Once the domain is added, copy the verification key (Key) from the table.
- Log in to your domain administrator (for example Domeneshop, GoDaddy, Azure, AWS Route 53, among others).
-
Create a new TXT record in the DNS for the domain with the following values:
Field Value Hostname your-domain.com TTL 1 hour (FAMAC checks weekly for continued ownership.) Type TXT Value famac-domain-verification=your-verification-key - Save the DNS change, and wait for it to take effect.
- Click on Verify domain in FAMAC to check the status. This button can be used multiple times as needed.
- Once the DNS lookup is updated, the domain will be marked as verified in FAMAC.
📌 Important information:
- DNS changes can take up to 24–48 hours depending on the DNS provider's update frequency.
- Publishing of the TXT record can be verified using tools such as nslookup or an online DNS checker.