Custom Domain Setup¶

To enable communication between the system and participants in the remote access process, several endpoints are available on the Main Server. These endpoints are grouped by operation type. When accessing system endpoints, participants use domain-based addresses.

Examples

For example, the agent application uses the go.getscreen.me domain by default to communicate with the SaaS server, while automated HTTP API requests are sent to the api.getscreen.me domain.

By default, all endpoints are bound to the primary domain specified in the license, and the system operates within a single domain.

However, you can customize domain names for different types of endpoints as needed.

Endpoint Types¶

All endpoints are categorized by type based on their access level and intended use. Each type serves a specific role and is used by different participants in the process.

Type	Access	Purpose	Participants
`dashboard`	Web interface of the user dashboard	Provides technicians with access to their account dashboard	Authorized technicians
`operator`	Web interface of the connection window	Used for remote connection links to devices	Authorized and unauthorized technicians
`public`	Public web interface	Used for invitation pages, instructions, and access code entry forms	End users receiving Quick Support
`agent`	Server interface	Handles data exchange between the server and remote devices	Agent application on the remote device
`api`	API interface	Provides programmatic access to server data	Any participant

Domain Setup¶

To configure and enable a custom domain for a specific endpoint, you need to:

update the Main Server configuration
point your domain to the Main Server IP address in DNS settings
add the new domain to the Main Server license

Main Server Configuration¶

All requests to endpoints are handled by the running instance of the Main Server. Therefore, you must specify custom domains for each endpoint type in the server/config.json configuration file using the bind parameter.

Parameter	Type	Description
`bind.[].listen`	`string`	Address in the format `ip:port` used to listen for incoming requests for a role. The IP address can be omitted, but it is required if the server has multiple public IP addresses.
`bind.[].route.[].role`	`string`	Comma-separated list of endpoint types served by this route
`bind.[].route.[].host`	`string`	Domain name
`bind.[].route.[].cert`	`string`	Path to the public SSL certificate
`bind.[].route.[].key`	`string`	Path to the private SSL certificate key

Example

server/config.json

{
  "bind": [
    {
      "listen": ":433",
      "route": [
        {
          "host": "dash.example.com:433",
          "role": "dashboard,agent",
          "cert": "cert/server.crt",
          "key": "cert/server.key",
        }
      ]
    }
  ]
}

Server Configuration

You can find a full list of server configuration parameters on the Main Server Configuration page.

Adding DNS Records¶

To ensure that requests are routed to the Main Server, you need to create an A record pointing to the server’s IP address in the DNS settings of your custom domain or subdomain.

License Update¶

For the Main Server to bind to a custom domain, your license must allow it. You will need to contact technical support, request an updated license file, and apply it to your server.

Contact Support

Subdomains Are Allowed

If you are using a subdomain of the primary licensed domain, you do not need to update your license. Subdomains are allowed by default.

Before You Start¶

During custom domain configuration, you may encounter situations that require preparation. Review the following points in advance to ensure uninterrupted system operation.

SSL Certificate Issuance¶

For new domains, you will need SSL certificate files. You are responsible for obtaining them and monitoring their expiration dates.

Reinstalling Agent Applications¶

When customizing the domain for the agent endpoint, reinstalling older versions of agent applications may be required.

Single Sign-On (SSO)¶

If SSO integration was configured before splitting endpoints across different domains, you will need to update the metadata files with the new connection settings.

Login via Single Sign-On (SAML)

You can configure single sign-on for technicians through your authentication provider. Learn more in the Connecting with SAML SSO guide.

Importing Technicians from Active Directory¶

If LDAP integration was configured before splitting endpoints across domains, you will need to update the domain and/or connection port in the connection settings.

Importing technicians from LDAP

You can import users from your Active Directory as technicians for your team. Learn more in the Integration with Active Directory guide.