FAQ Ally is an AI-powered knowledge management system and knowledge base management system that helps small businesses train AI agents with their company documents. Our AI for small business provides AI business assistants and AI virtual assistants using conversational AI for business to deliver 24/7 automated customer service and intelligent knowledge management.

How does FAQ Ally work?

FAQ Ally allows you to upload your business documents, which are then processed using AI to create intelligent chatbots, AI business assistants, and AI virtual assistants. Our knowledge management system uses conversational AI for business, enabling these intelligent assistants to answer questions from customers, employees, and teams using natural language processing.

What file types does FAQ Ally support?

FAQ Ally supports multiple file types including PDF, DOCX, TXT, CSV, JSON, XML, HTML and MD for AI agent training.

How much does FAQ Ally cost?

FAQ Ally offers plans starting at $39/month with a free trial available. Pricing varies based on the number of queries, storage, users, and AI agents needed.

Is FAQ Ally suitable for small businesses?

Yes, FAQ Ally is specifically designed as AI for small business. We provide affordable AI-powered knowledge management system solutions including AI business assistants and AI virtual assistants using conversational AI for business, all without requiring technical expertise.

Domain Verification: Secure Widget & API

Why Domain Verification Matters

Domain verification is a critical security feature that ensures only authorized domains can use your FAQ Ally widgets and Chat API. By verifying domain ownership through DNS TXT records, you prevent unauthorized access and protect your AI agents from being used on unapproved websites.

FAQ Ally uses agent-level domain verification, which means domain settings are configured once per AI agent and apply to both widgets and API keys. This provides a unified security model where a single DNS record secures all access methods for an agent.

How Domain Verification Works

Domain verification in FAQ Ally uses DNS TXT records to prove domain ownership. When you configure a domain for an agent, FAQ Ally generates a unique verification token. You add this token as a TXT record in your DNS settings, and FAQ Ally verifies that you control the domain by querying DNS.

🔒 Agent-Level Verification

Domain verification is configured at the agent level, not separately for widgets and API keys. This means:

One domain configuration applies to both widgets and API keys
One DNS TXT record secures all access methods
Simplified management - configure once, secure everything
Consistent security across all integration methods

🌐 Shared DNS Authorization

Once a domain is verified for an agent, both the widget and Chat API will only accept requests from that verified domain. This shared authorization ensures consistent security regardless of how users access your AI agent.

Setting Up Domain Verification

1 Configure Domain in Widget or API Settings

When creating or updating a widget, you'll be prompted to enter a domain. This domain configuration is automatically synced to the agent level, where it applies to both widgets and API keys.

Example domains:

example.com - Root domain
www.example.com - WWW subdomain
app.example.com - Application subdomain

2 Get Your DNS Verification Token

After configuring the domain, FAQ Ally generates a unique verification token. This token is displayed in the widget or API management modal along with the exact DNS record you need to create.

DNS Record Format:

Type: TXT
Name: _faqally
Value: faqally-verification={agentId}-{companyId}-{randomToken}

3 Add the DNS TXT Record

Record Type: TXT
Name/Host:_faqally (or as specified)
Value: The full verification token from FAQ Ally
TTL: 3600 (or your provider's default)

Common DNS Providers:

Cloudflare: DNS → Add record → Type: TXT → Name: _faqally → Content: faqally-verification=...
Route53: Hosted Zones → Create Record → Type: TXT → Name: _faqally → Value: faqally-verification=...
GoDaddy: DNS Management → Add Record → Type: TXT → Host: _faqally → Value: faqally-verification=...

4 Verify Domain Ownership

After adding the DNS record, return to FAQ Ally and click "Verify Domain". FAQ Ally will query DNS to confirm the TXT record exists and matches the expected token.

Note: DNS propagation can take a few minutes to 48 hours. If verification fails initially, wait a few minutes and try again. You can also use the "Wait for Propagation" option which automatically retries.

Subdomain Support

FAQ Ally supports flexible subdomain configurations to match your domain structure:

🎯 Specific Subdomain Whitelist

You can whitelist specific subdomains that are allowed to access your widgets and API:

www.example.com - Main website
app.example.com - Application subdomain
blog.example.com - Blog subdomain

Only the subdomains you explicitly whitelist will be able to access your AI agent.

Domain Verification and Access Control

🛡️ Widget Access Control

Once domain verification is configured and verified, widgets will only load and function on authorized domains. Requests from unauthorized domains are automatically rejected with clear error messages.

🔐 API Key Access Control

Chat API requests are also validated against the agent's domain verification settings. API keys can only be used from verified domains, preventing unauthorized usage even if an API key is compromised.

📊 Shared Security Model

Because domain verification is shared at the agent level, both widgets and API keys benefit from the same security settings. This unified approach simplifies management and ensures consistent security across all access methods.

Verification Status and Management

Domain verification status is clearly displayed in the widget and API management interfaces:

✅ Verified: Domain is verified and widgets/API are active
⏳ Pending: DNS record not yet detected (may need to wait for propagation)
❌ Failed: DNS record not found or token mismatch

You can re-verify domains at any time to update the verification status. Verification failures are logged with specific error messages to help troubleshoot DNS configuration issues.

Security Best Practices

🔒 Keep DNS Records Secure

Only add DNS records through your DNS provider's official interface
Use strong verification tokens (automatically generated by FAQ Ally)
Review DNS records regularly to ensure they haven't been tampered with
Limit DNS management access to trusted administrators

🌐 Domain Configuration Best Practices

Use specific subdomain whitelists when possible (more secure than wildcards)
Verify domains in both production and staging environments separately
Test domain verification after DNS changes
Monitor unauthorized access attempts in audit logs

🔄 Regular Verification Checks

Re-verify domains periodically to ensure DNS records remain valid
Update domain configurations when your domain structure changes
Review verification status before deploying widgets or enabling API access

Troubleshooting Domain Verification

❓ Common Issues and Solutions

Verification fails immediately: Wait a few minutes for DNS propagation, then try again
DNS record not found: Double-check the record name (_faqally) and value match exactly
Token mismatch: Ensure the full token value is copied without any modifications
Subdomain not working: Verify subdomain is whitelisted
Widget/API blocked: Check domain verification status and ensure domain is verified

🔍 Verification Checklist

✓ DNS TXT record added with correct name (_faqally)
✓ Record value matches the exact token from FAQ Ally
✓ Waited for DNS propagation (5-60 minutes typical)
✓ Clicked "Verify Domain" in FAQ Ally dashboard
✓ Verification status shows "Verified" ✅

Next Steps

Now that you understand domain verification, you're ready to secure your widgets and API access:

Learn how to deploy widgets securely with domain verification
Explore how to integrate the Chat API with domain authorization
Set up domain verification for your AI agents in the dashboard

Domain Verification: Secure Your Widget and API with DNS Authorization