digital-identity-platform-docs
digital-identity-platform-docs / supabase/functions/verify_custom_domain
supabase/functions/verify_custom_domain
Fileoverview
Verify Custom Domain Edge Function
Verifies DNS configuration for a custom domain and provisions the Caddy vhost if DNS verification succeeds.
Cloudflare Architecture Context
| Attribute | Value |
|---|---|
| Classification | 🔵 BACKEND-ONLY |
| Position | App Backend (domain verification) |
| Receives Public Traffic | No (dashboard only) |
| Latency Sensitive | No |
| Safe to Retry | Yes (DNS check is idempotent) |
| Failure Behavior | Updates domain status to 'error' |
KV Sync: On successful verification, calls sync-edge-config to add the new host to:
- EDGE_CONFIG (allowed_hosts array)
- SITE_REGISTRY (per-host lookup)
Note: ROUTING_MAP is updated by infra-provisioner after Caddy setup.
Endpoint
POST /verify_custom_domain
Auth
Required - JWT verified by Supabase
Remarks
Verification process:
- Fetches domain record with container details
- Determines expected DNS value based on dns_method (A or CNAME)
- Queries Cloudflare DNS-over-HTTPS to verify record
- If DNS matches, calls Infrastructure Provisioner to add Caddy vhost
- Updates domain status to 'ready' or 'error'
DNS Methods:
a: Expects A record pointing to assigned edge server IPcname: Expects CNAME record pointing to container's edge_hostname
Tables touched:
- custom_domains (read/write)
- sgtm_containers (read via join)
External services:
- Cloudflare DNS-over-HTTPS (cloudflare-dns.com)
- Infrastructure Provisioner (INFRA_PROVISIONER_URL) for Caddy setup
Example
json
{ "domain_id": "uuid" }