WebRiskOps

Ownership proof

Confirm the account can prove domain ownership before private scan delivery starts.

Customers setting scope and technical reviewers

Feature availability

Product, package, provider and deployment boundaries for this page.

Available from
Current documentation
Deployment modes
cloud

Product screenshots

Current customer-safe screenshots are generated from the application so examples do not drift from the product.

Generated customer-safe screenshot of the WebRiskOps domain ownership verification panel for ownership proof.
Generated customer-safe screenshot of the WebRiskOps domain ownership verification panel for ownership proof.

Before proving authorization

Ownership proof is the customer-controlled domain verification step that confirms the account can request automated scanning for the project domain. It is not a manual review step. It is the product state that keeps billing, accepted scope, live audits and reports attached to the right customer-owned or customer-authorized target. Use this page after the project exists and before private scan delivery starts. If the customer is an agency, the project should belong to the correct client workspace before anyone creates or checks a domain verification challenge.

  • Use the account email, domain context or project evidence requested by the product.
  • Keep one project tied to one public site or approved client property.
  • Stop when the account, agency client or domain does not match the target.
  • Continue only when the project page shows the ownership challenge is verified or the scan path clearly says the challenge is not needed yet.

Confirm the authorized domain and account

Follow the path `Projects → Project detail → Shortest path to first useful report → Domain authorization → Prove this is your domain`.

  1. Open `/projects` and choose the project for the site you want scanned. Result: the project detail page shows the account workspace, project name, domain and Shortest path to first useful report.
  2. Confirm the current account or client workspace is the business that owns the site or has written permission from the owner. Result: authorization is tied to the right billing, report and scan workspace.
  3. Compare the project Domain with the public site that will be scanned. Result: you know the exact host covered by the ownership challenge before adding URLs, accepting scope or paying.
  4. Read Domain authorization in Shortest path to first useful report. Result: the path shows whether ownership is Done, Now, Waiting or Blocked and which previous step must finish first.
  5. In Prove this is your domain, choose DNS TXT, meta tag or file upload and click Create challenge. Result: WebRiskOps gives a customer-owned proof value without asking for provider passwords.
  6. Publish the challenge, then click Check verification. Result: ownership proof becomes Domain ownership confirmed or the panel shows the exact error to fix.
  7. If an agency manages the project, confirm the client relationship and project evidence before checking verification. Result: the scan is attached to the client workspace rather than another customer account.
  8. When the account, domain and authority are clear, continue to Accepted scan scope or the next action shown in Shortest path to first useful report. Result: the approval step and scan gates can use a verified ownership boundary.

What proof must show

The product should make the authorization decision understandable before a scan starts.

  • The project domain is the public host the customer intends to scan.
  • The current account or agency client workspace is allowed to request scanning for that host.
  • Manual URLs and selected URL groups stay on the same authorized host.
  • Unsupported targets, private areas, admin paths and unrelated domains are removed before acceptance.
  • The customer understands that later live audits, reports and monitoring use only the verified and accepted boundary.

Blocked states

Do not use scope acceptance to bypass unclear ownership or permission.

  • Ownership proof required means the scanner must wait until the customer can confirm domain authority.
  • Domain authorization required means return to [Authorize your domain](/docs/getting-started/authorize-domain), publish the active challenge and click Check verification.
  • Accept scope first means the ownership check is still waiting for the selected public scan boundary.
  • Wrong account means switch to the owning account or agency client workspace before continuing.
  • Wrong domain means create or choose the project for the correct public host.
  • Unsupported target means remove the URL or use [Unsupported targets](/docs/projects/unsupported-targets) before accepting scope.

Continue to accepted scan scope

When the account, project domain and authorization statement all match the target, continue to [Accepted scan scope](/docs/projects/accepted-scan-scope). That page records selected groups, manual URLs, assumptions, exclusions and the accepting user/time before any live audit starts.

Related documentation

Accepted scan scopeAuthorize your domainUnsupported targetsManual URLs and path rules

Was this page helpful?

Feedback goes into the product documentation review queue.