OneAnalytics docs

Custom domains

White-label OneAnalytics by serving it from your own domain — analytics.acme.com instead of app.analytics.rstglobal.in. TLS is provisioned automatically via Let's Encrypt; no certificate management on your side.

Supported surfaces

  • App: analytics.acme.com → our app.analytics.rstglobal.in
  • API: api-analytics.acme.comapi.analytics.rstglobal.in
  • Embeds: embed-analytics.acme.comembed.analytics.rstglobal.in
  • Docs (the site you're reading now): docs-analytics.acme.comdocs.analytics.rstglobal.in

All four are optional and independent.

Setup

Settings → Domains → Add:

  1. Enter analytics.acme.com.
  2. We show two DNS records to add:
  • CNAME analytics.acme.com → cname.analytics.rstglobal.in
  • TXT _oa-verify.analytics.acme.com → <token>
  1. Add both in your DNS provider.
  2. Click Verify. Usually takes < 5 minutes; can take up to 24 hours.
  3. Once verified, we request a Let's Encrypt certificate via HTTP-01 challenge — live within 60 s.

Certificates auto-renew 30 days before expiry. You don't need to do anything.

Routing

  • analytics.acme.com/* routes to the app with your tenant as the default.
  • Users hitting the domain are implicitly scoped to your tenant — no tenant selector UI.
  • SAML / SSO flows work on the custom domain (https://analytics.acme.com/saml/acs/...).

Branding

Combine with Settings → Branding:

  • Logo (PNG/SVG, light/dark variants)
  • Brand colour — flows into --brand-60 CSS variable site-wide
  • Favicon
  • Optional custom font URL

Multiple custom domains

A single tenant can attach multiple custom domains (e.g., one per subsidiary). Each is independent — attach separate SSL, separate branding (via theme packs), separate default tenant.

Troubleshooting

  • "Verification failed: no TXT record" — Some providers require you to omit the top-level suffix (_oa-verify alone instead of _oa-verify.analytics.acme.com). Check your provider's docs; DNS propagation can take up to 24 h.
  • "Certificate failed: HTTP-01 challenge" — Your CDN may be intercepting the .well-known/acme-challenge/ path. Disable CDN for that path, or set up a manual DNS-01 challenge (contact support).
  • "Mixed content warnings" — If you embed an iframe of embed.analytics.rstglobal.in inside a page on analytics.acme.com, your CSP needs to allow embed.analytics.rstglobal.in or you should switch the iframe to your custom embed domain too.

Removal

Settings → Domains → Remove — invalidates the cert and stops routing. Users are redirected to app.analytics.rstglobal.in. No data is affected.