Connect Domain

User journeys

Every user-facing flow, the surface that implements it, and the automated test that verifies it.

Every user-facing flow, the surface that implements it, and the automated test that verifies it. This is the completeness map: each story below maps to a working path.

Personas

  • Developer / operator — integrates the product, works in the console and via the API.
  • End customer — the SaaS's customer connecting their own domain, works in the widget.
  • Platform operator — self-hosts and monitors the stack.

End-customer journeys (widget)

#As a customer, I want to…Surface / pathVerified by
C1Enter my domain and have its DNS provider detectedWidget → Enter domain → Domain analysis (POST /v1/domains:check)browser-e2e
C2Connect automatically when possibleWidget → Automatic setup (POST /v1/connections, delegated write)it.sh (adapter path)
C3Get exact records to add when manualWidget → Manual configuration (copy buttons)browser-e2e
C4See progress until my domain is liveWidget → In progress (polls records:check) → Successbrowser-e2e
C5Recover from errors / switch to manualWidget → Error screen (retry / switch)widget flow (widget.ts)
C6Not lose my place accidentallyWidget → exit-confirm + session-expired overlayswidget flow

Developer journeys (console + API)

#As a developer, I want to…Surface / pathVerified by
D1Create and manage applicationsConsole → Applications (list/create) + Application detail (edit)console-smoke, it.sh (PATCH)
D2Create, list, and revoke API keysConsole → API keys / Application detail (POST/GET/DELETE keys)it.sh (key lifecycle), console-smoke
D3Connect a domain from the consoleConsole → Domains → Connect a domain (POST /v1/connections)console-smoke, it.sh
D4Inspect a connection and drive itConsole → Domain detail: verify, records:check, archive, DNS diff, certit.sh, console-smoke
D5Enable automatic DNS for an appConsole → Application detail → Delegated DNS credentialit.sh (adapter), console-smoke
D6See which providers auto-configureConsole → Providers grid (GET /v1/providers)console-smoke
D7Receive events, inspect + replay deliveriesConsole → Webhooks (register, log, replay)it.sh (deliver/retry/replay), console-smoke
D8Track usage against quotaConsole → Usage (GET /v1/usage)console-smoke
D9View and change planConsole → Billing (GET /v1/plans, /subscription, POST /v1/subscriptions)console-smoke, it.sh (quota)
D10Embed the widget safelyPOST /v1/tokens server-side; allowed_originsit.sh, Widget SDK
D11Install the console as an app / use offline shellPWA (manifest + service worker)console-smoke (PWA assets)

Platform-operator journeys

#As an operator, I want to…Surface / pathVerified by
O1Run the whole stack locallymake devmanual / e2e
O2Serve HTTPS for live domains automaticallyEdge on-demand TLS gated by aske2e (real TLS)
O3Monitor health and cert-renewal riskGET /metrics (Prometheus gauges)it.sh (metrics)
O4Keep tenants isolatedTenant-scoped handlers; cross-tenant → 404it.sh (isolation, IDOR guard)
O5Keep secrets safeEncrypted credentials, no key material in logsit.sh (log hygiene), unit tests

Coverage note

Setup types semiautomatic, shared_login, async, and api exist in the data model but are intentionally not built in the widget yet (documented in Ownership and setup types). Everything else above is implemented and exercised by the test suites listed.

On this page