W-21743430-goddady-fa

Author: failup

modules/ROOT/nav.adoc

@@ -18,6 +18,10 @@
  ** xref:manage-versions-instances-concept.adoc[Manage API Instance Versions]
  ** xref:configure-multiple-credential-providers.adoc[Configure Multiple Client Provider]
  ** xref:govern-api-instances.adoc[Govern API Instances]
+ ** xref:godaddy-overview.adoc[Agent verification (GoDaddy ANS)]
+ *** xref:godaddy-set-up.adoc[]
+ *** xref:godaddy-register-agent.adoc[]
+ *** xref:godaddy-verify-agent.adoc[]
 * xref:api-groups-landing-page.adoc[Manage API Groups]
  ** xref:api-groups-creating-groups.adoc[Create API Groups]
  ** xref:api-groups-modifying-groups.adoc[Modify API Groups]

modules/ROOT/pages/godaddy-overview.adoc

@@ -54,7 +54,7 @@ Verification status is reflected in Anypoint Exchange:
 
 Before registering an agent, ensure that your environment is properly configured.
 
-For more information, see xref:<NEW_PAGE_ID>[Prepare your environment for agent verification].
+For more information, see xref:godaddy-set-up.adoc[Prepare your environment for agent verification].
 
 == See also
 

modules/ROOT/pages/godaddy-register-agent.adoc

@@ -2,7 +2,7 @@
 
 Create an agent instance in API Manager to expose your agent and configure its runtime, endpoint, and routing settings.
 
-After creating the agent instance, you can verify its identity using GoDaddy ANS to associate it with a trusted domain and enable its verified status in Anypoint Exchange.
+After creating the agent instance, you can verify its identity using GoDaddy ANS to associate it with a domain and enable its verified status in Anypoint Exchange.
 
 == Requirements
 
@@ -12,7 +12,7 @@ Before you begin, make sure that:
 * You have access to a target runtime (for example, Flex Gateway)
 * You have the required permissions to manage API instances
 
-== Create an new agent instance
+== Create an agent instance
 
 . In Anypoint Platform, go to *API Manager*.
 . Click *Add new instance*.
@@ -24,9 +24,9 @@ Before you begin, make sure that:
 +
 . Configure the endpoint settings:
 +
-* *Consumer endpoint*: The public endpoint where the agent will be exposed  
+* *Consumer endpoint*: The public endpoint where the agent is exposed  
 +
-This endpoint is used later for identity verification.
+This endpoint is used to derive the domain that identifies the agent during verification.
 +
 . Configure the upstream service:
 +
@@ -44,4 +44,8 @@ After creating the agent instance:
 * Complete domain validation to enable verified status
 * Confirm that the agent displays as verified in Anypoint Exchange
 
-For more information, see xref:placeholderside[Verify an agent using GoDaddy ANS].
+Before verification, ensure that your environment is properly configured.
+
+For more information, see xref:<NEW_PAGE_ID>[Prepare your environment for agent verification].
+
+For more information about verification, see xref:goddady-verify-agent.adoc[Verify an agent using GoDaddy ANS].

modules/ROOT/pages/godaddy-set-up.adoc

@@ -0,0 +1,67 @@
+= Prepare your environment for agent verification
+
+Before verifying an agent using GoDaddy Agent Name Service (ANS), you must configure your environment to support domain-based identity validation.
+
+Verification requires a custom domain, a configured runtime environment, and secure communication settings.
+
+== Custom domain
+
+Agent verification requires a custom domain (vanity domain) that you own and control.
+
+* The domain is used to establish the agent’s identity
+* You must be able to create and manage DNS records for the domain
+* MuleSoft-managed domains such as `cloudhub.io` are not supported
+
+The domain associated with your agent must match the consumer endpoint used during registration.
+
+== Private space
+
+Agents must be deployed in a private space to support custom domains and TLS configuration.
+
+If you do not already have a private space, create one in Runtime Manager before proceeding.
+
+For more information, see xref:cloudhub-2::ps-manage.adoc[Private Spaces].
+
+== TLS context
+
+A TLS context must be configured in your private space for the domain used by the agent.
+
+TLS configuration enables secure communication and is required to complete verification. API Manager validates that a TLS context exists for the domain before allowing verification to proceed.
+
+To configure a TLS context:
+
+. In Anypoint Platform, go to *Runtime Manager*.
+. Select your private space.
+. Open the *TLS* or *Domains and TLS* section.
+. Create a new TLS context for your domain.
+. Upload a valid certificate for the domain.
+
+Make sure that:
+
+* The TLS context is associated with your domain
+* The certificate is valid and active
+* The domain matches the consumer endpoint used by the agent
+
+If no TLS context is configured, verification cannot proceed and an error is displayed.
+
+TIP: Use a wildcard certificate (for example, `*.example.com`) to support multiple agents on the same domain.
+
+== Secret group access
+
+Agent verification requires access to a secret group in Secrets Manager.
+
+The secret group is used to store generated security artifacts such as keystores and identity credentials.
+
+Make sure that:
+
+* At least one secret group exists
+* You have permission to write to the selected secret group
+
+If you do not have the required permissions, you cannot complete verification.
+
+== Next steps
+
+After completing the environment setup:
+
+* xref:godaddy-register-agent.adoc[Create an agent instance]
+* xref:goddady-verify-agent.adoc[Verify an agent using GoDaddy ANS]

modules/ROOT/pages/godaddy-verify-agent.adoc

@@ -10,10 +10,12 @@ Before verifying an agent, make sure that:
 
 * The agent instance is created and deployed in API Manager
 * A valid consumer endpoint is configured for the agent
-* You have a GoDaddy account with API key and secret
+* You have GoDaddy API credentials (API key and secret)
 * You have access to manage DNS records for the domain
 * You have access to a secret group in Secrets Manager
 
+For infrastructure requirements such as domain configuration and TLS setup, see xref:godaddy-set-up.adoc[Prepare your environment for agent verification].
+
 == Start agent verification
 
 . In Anypoint Platform, go to *API Manager*.
@@ -28,38 +30,39 @@ In this step:
 
 * Confirm or update the *Consumer endpoint*
 +
-The consumer endpoint is used to derive the domain that will be verified. This value becomes part of the agent’s identity and cannot be changed after registration.
+The consumer endpoint is used to derive the domain that will be verified. Only the hostname is used. This domain becomes part of the agent’s identity and cannot be changed after registration.
 
 * Select a *Secret group*
 +
 The secret group is used to store credentials and generated security artifacts required for verification.
 
-NOTE: You must have access to at least one secret group to continue. 
+You must have access to at least one secret group with sufficient permissions to continue. 
+
+If the domain or environment is not correctly configured, validation errors are displayed and you cannot proceed.
 
 == Step 2: Enter GoDaddy ANS credentials
 
-In this step, provide your GoDaddy credentials:
+Provide your GoDaddy credentials:
 
 * *API key*
 * *API secret*
 
-These credentials are required to authenticate with GoDaddy ANS and initiate the verification process.
+These credentials are used to authenticate with GoDaddy ANS and initiate the verification process.
 
-If you don’t already have these credentials, generate them in your GoDaddy account. 
-In GoDaddy, go to your developer or API settings and create a new API key and secret.
-
-Make sure the credentials have the required permissions to manage domain verification.
+If you don’t already have these credentials, generate them in your GoDaddy account.
 
 == Step 3: Verify domain ownership (ACME)
 
-To prove domain ownership, you must create a DNS TXT record.
+To prove domain ownership, create a DNS TXT record using the provided values.
 
-. Copy the provided record details.
+. Copy the record details.
 . In your DNS provider, create the TXT record.
 . Return to API Manager and click *Verify*.
 
 API Manager checks whether the record has been propagated and validated.
 
+NOTE: ACME records expire after a limited time. If they expire, new records are generated automatically when you retry verification.
+
 == Step 4: Verify DNS records
 
 After ACME verification, additional DNS records are generated.
@@ -68,15 +71,15 @@ After ACME verification, additional DNS records are generated.
 . Add them to your DNS provider.
 . Click *Verify*.
 
-These records enable secure communication and complete the identity verification process.
+These records enable secure communication and complete the verification process.
 
 == Verification process
 
 Verification is asynchronous and depends on DNS propagation and external validation.
 
 * Status updates are displayed in API Manager
 * Verification can take several minutes or longer depending on DNS updates
-* API Manager continuously checks the status after verification is initiated
+* API Manager continues checking the status after verification is initiated
 
 You can close the verification dialog and return later. The status continues to update in the background.