post https://{applicationQualifiedDomain}.us.wristband.dev/api/v1/custom-domains//activate
Activates the specified custom domain. When a custom domain is active it will be used in the following places:
- For redirects to Wristband hosted pages
- For action links in emails
- For the issuer URL inside access and ID tokens
- For the default OAuth 2 and SIWA IDP redirect URLs
- For the default SAML 2 SP URLs.
- For the endpoint URLs returned from the
/.well-known/openid-configuration
API.
Note, a custom domain can only be activated if it has a state of VERIFIED
or VERIFIED_WITH_ERRORS
. Also, only one custom domain can be
active for a single owner at a time. If the activate API is called and another custom domain is active for the same owner, the other custom
domain will be deactivated as part of this API call.
Required Permissions
Below is the list of required permissions needed to interact with this API.
For each permission the allowed permission boundaries are also specified.
Permission | Boundary | Description |
---|---|---|
custom-domain:manage-activation | Application | The subject can activate custom domains under the application that the subject belongs to. |
Tenant | The subject can activate custom domains associated to the tenant that the subject belongs to. | |
Tenant Inclusion List | The subject can activate custom domains associated to tenants specified in the tenant inclusion list. | |
Tenant Exclusion List | The subject can activate custom domains associated to tenants that belong to the subject's application but are not included in the tenant exclusion list. |