- Add your domain in your dashboard.
- Configure DNS settings on your domain provider.
- Allow time for DNS to propagate and TLS certificates to be automatically provisioned.
Looking to set up a subpath like
example.com/docs? See /docs subpath.Add your custom domain
- Navigate to the Custom domain setup page in your dashboard.
- Enter your domain name. For example,
docs.example.comorwww.example.com. - Click Add domain.

Configure your DNS
- On your domain provider’s website, navigate to your domain’s DNS settings.
- Create a new DNS record with the following values:
Verification TXT records
After you add a custom domain, the dashboard displays twoTXT records that you must add at your DNS provider:
_acme-challenge record authorizes Let’s Encrypt to issue a TLS certificate for your domain, and the _cf-custom-hostname record verifies that you control the domain.
The dashboard polls DNS in the background and marks each record with a green check once it verifies the expected value. After saving records at your DNS provider, allow a short time for propagation before status updates appear.
DNS propagation
DNS changes typically take 1-24 hours to propagate globally, though it can take up to 48 hours in some cases. Use a tool like DNSChecker to verify your DNS configuration is correct. Once your DNS records are active, your documentation is first accessible via HTTP. HTTPS is available after Mintlify provisions your TLS certificate.Automatic TLS provisioning
After you add yourTXT records and your DNS records resolve correctly, Mintlify generates a free SSL/TLS certificate for your site using Let’s Encrypt.
This typically completes within a few hours of DNS propagation, though it can take up to 24 hours in rare cases. Certificates are automatically renewed before expiration.
CAA records
If your domain uses CAA (Certification Authority Authorization) records, you must authorize Let’s Encrypt to issue certificates for your domain. Add the following CAA record to your DNS settings:Reserved paths
Mintlify reserves the/.well-known/acme-challenge path for certificate validation. You cannot redirect or rewrite this path. If you have configured redirects or rewrites for this path, certificate provisioning fails.
Cloudflare-proxied domains
If your domain is already proxied through Cloudflare (the proxy status shows an orange cloud), the verificationTXT records cannot show as verified before you update your CNAME. This happens even when the records resolve correctly with tools like dig or DNSChecker. Cloudflare’s proxy prevents the verification from completing until traffic for the hostname routes to Mintlify.
For Cloudflare-proxied domains, follow these steps:
- Add the verification
TXTrecords at your DNS provider. - Update your
CNAMErecord to point tocname.mintlify.builderswithout waiting for theTXTrecords to show as verified. - Wait for verification and TLS provisioning to complete. Your site may briefly serve an invalid certificate during provisioning.
CNAME record’s proxy status to DNS only (gray cloud) instead. This allows the standard pre-validation flow to complete before you switch traffic.
Provider-specific settings
Cloudflare encryption mode
Cloudflare encryption mode
If Cloudflare is your DNS provider, you must enable the “Full (strict)” mode for the SSL/TLS encryption setting. Additionally, disable “Always Use HTTPS” in your Edge Certificates settings. Cloudflare’s HTTPS redirect blocks Let’s Encrypt from validating your domain during certificate provisioning.
Retry validation
If your domain is still pending validation after adding the verificationTXT record, you can retry validation manually from your dashboard.
- Navigate to the Custom domain setup page in your dashboard.
- Find your pending custom domain.
- Click Retry validation.
Lifecycle and ongoing maintenance
_acme-challenge TXT values change over time
The value shown for the _acme-challenge.<your-domain> TXT record is not permanent. Let’s Encrypt issues a new certificate before each renewal, and every issuance requires a fresh validation token. When Mintlify rotates the certificate, the dashboard updates the _acme-challenge value your DNS provider needs to serve.
This is expected behavior, not a misconfiguration:
- Keep the
_acme-challengerecord in place. Do not delete it after the initial validation. - Whenever the dashboard shows a new value for
_acme-challenge, update theTXTrecord at your DNS provider to match. The domain continues to work on the existing certificate until it expires, so you have time to update the record. - If the value drifts and you do not update DNS, the next renewal fails and HTTPS eventually breaks. Retry validation from the dashboard after you save the new value.
_cf-custom-hostname value, in contrast, is stable for the lifetime of the custom hostname.
The default <subdomain>.mintlify.app URL
Every deployment keeps a default URL at <subdomain>.mintlify.app even after you add a custom domain. This URL is used internally for previews, dashboard links, integrations that reference the deployment by its subdomain, and as a fallback during custom-domain provisioning. It cannot be disabled.
If you want end users to always land on your custom domain:
- Set a canonical URL so search engines index the custom domain instead of
<subdomain>.mintlify.app. - Redirect the
<subdomain>.mintlify.appURL to your custom domain from your own layer if needed. Mintlify does not add this redirect automatically.
Rename a deployment subdomain
Renaming the deployment subdomain in the dashboard changes the<subdomain>.mintlify.app URL and the internal origin that your custom domain rewrites to. After a rename:
- Existing custom domains stay attached, but their KV configuration needs to be refreshed so the proxy points at the new origin. Save the custom domain again from the Custom domain setup page to trigger the refresh.
- Any external service that references the old
<old-subdomain>.mintlify.appURL (webhooks, OAuth redirect URIs, analytics allowlists, CSP rules, reverse-proxy rewrites) must be updated to the new subdomain. - Update any hardcoded links or canonical URLs in
docs.jsonthat referenced the old subdomain.
502 with Disallowed origin host after a rename, see Troubleshooting.
Release a custom domain held by another organization
A custom domain can only be attached to one Mintlify deployment at a time. If you try to add a domain that is already claimed by another organization or a previous project, the dashboard blocks the add and reports that the domain is in use. To move the domain to a new organization or deployment:- From the organization that currently owns the domain, navigate to the Custom domain setup page and remove the custom domain from the existing deployment.
- In the new organization, add the domain on the Custom domain setup page and complete the DNS verification steps again.
Remove a custom domain
To detach a custom domain from a deployment:- Navigate to the Custom domain setup page in your dashboard.
- Remove the domain.
- Delete the
CNAMEand verificationTXTrecords at your DNS provider once the domain is no longer needed. Leaving stale records in place is safe but can be confusing later.
Advanced routing scenarios
Multiple projects under one custom domain
To serve multiple Mintlify deployments from a single custom domain, use subpaths and a reverse proxy or edge worker. Each deployment keeps its owndocs.json, subdomain, and dashboard, and your proxy decides which deployment serves each path.
Example layout on example.com:
example.com/product-a→ deploymentproduct-aexample.com/product-b→ deploymentproduct-bexample.com/api→ deploymentapi-docs
- For each deployment, configure a
/docssubpath using Cloudflare, Route 53 and CloudFront, Vercel, or a custom reverse proxy. Set a different base path for each deployment. - In each deployment’s
docs.json, set thecanonicalURL to the fully-qualified subpath (for example,https://example.com/product-a) so search engines index the correct URL. - Point a single
CNAMEfor the shared domain at your proxy or edge worker, not directly atcname.mintlify.builders. The proxy is responsible for forwarding each subpath to the correct Mintlify origin.
Redirecting multiple domains to one deployment
Attaching more than one custom domain to a single deployment as an automatic redirect is not currently supported. Each deployment has one primary custom domain. If you needdocs.old-brand.com and docs.new-brand.com to both resolve to the same content, choose one of these workarounds:
- Set the domain you want as the canonical destination as the deployment’s custom domain, then configure a redirect from the other domain to it at your DNS provider or CDN (for example, a Cloudflare page rule, a Vercel redirect, or an AWS CloudFront function).
- Redirect at the registrar level if your registrar offers domain forwarding.
Troubleshooting
502 Disallowed origin host
This error is returned by the Mintlify edge proxy when a custom domain’s stored origin no longer matches an allowed Mintlify hostname. It most often appears after:
- The deployment’s subdomain was renamed and the custom domain’s cached rewrite still points at the old
<subdomain>.mintlify.apporigin. - A custom domain was moved between deployments or organizations without refreshing the configuration.
- Navigate to the Custom domain setup page in your dashboard.
- Remove and re-add the custom domain, or click Retry validation to force the origin to be re-written.
- If the error persists after a few minutes, contact Mintlify support with the affected custom domain and current deployment subdomain so we can refresh the edge configuration.
Validation stays pending after DNS is correct
- Confirm both
_acme-challengeand_cf-custom-hostnameTXTrecords resolve with the expected values using DNSChecker ordig. - If the
_acme-challengevalue in your dashboard changed since you first saved the record, update DNS with the new value (see_acme-challengeTXT values change over time). - For Cloudflare-proxied domains, see Cloudflare-proxied domains. The verification cannot complete until traffic routes through Mintlify.
- Only click Retry validation after DNS is confirmed correct.
Set a canonical URL
After configuring your DNS, set a canonical URL to ensure search engines index your preferred domain. A canonical URL tells search engines which version of your documentation is the primary one. This improves SEO when your documentation is accessible from multiple URLs and prevents issues with duplicate content. Add thecanonical meta tag to your docs.json:
https://www.your-custom-domain-here.com with your actual custom domain. For example, if your custom domain is docs.mintlify.com, you would use:
