Domain Authentication ensures that emails sent to your customers, such as appointment confirmations, reminders, and notifications, originate from your verified domain instead of a generic Zoho domain. This is a process where the recipient's email provider verifies that an email is sent from a trusted source. An authenticated domain ensures that the email is safe and not a spam.
2. Feature availability
Super admin can add and validate the custom domains.
Admins can add the custom domain but cannot validate it.
Staff will not have access to view or manage the custom domains.
3. Overview
Domain authentication is a sender verification process that verifies your email domain to improve delivery of emails and protect against spam, forgery, and phishing. It provides a trackable identifier, showing the recipient’s email provider that you are a trusted sender, thereby ensuring your emails reach their inbox. In Zoho Bookings, domain authentication allows you to send notifications from your own verified domain (e.g., @zylker.com) instead of Zoho’s default address. This helps reinforce your brand identity while improving trust and open rates.
4. Usecase
For example, a custom domain like zylker.com is an email domain that you own and manage, whereas public domains such as gmail.com or yahoo.com are free and commonly used, but not owned by individual businesses. In Zoho Bookings, when you use a custom domain, it's important to validate it as soon as it's added by updating the DKIM records in your DNS settings. This authentication ensures better email delivery and prevents your messages from landing in spam folders. Although you can add sender email addresses before validating the domain, emails will not be sent from these addresses until the domain is successfully authenticated. If the domain remains unverified or if you’re using a public domain emails will default to being sent from notification@zohobookings.com.
5. Understanding the domain authentication process
Every time you add a new sender email address to your Zoho Bookings account, its domain is automatically listed in the Domain Authentication section with a 'Not Validated' status by default. This newly added domain needs to be authenticated using SPF and DKIM records so that emails can be sent from it and delivered successfully to recipients’ inboxes.
SPF record: Validating a domain using the SPF record enables the receiver's email server to verify whether the email has come from a trusted email server and that the email sender's details have not been modified.
DKIM record: Validating a domain using the DKIM record enables the receiver's email server to validate whether the emails are generated from authorised servers that are configured by the administrators of the sender's domain.
The SPF and DKIM records must be added to the DNS settings of the domain for authentication. Once the process is complete, the domain authentication status will automatically update to 'Validated'.

6. Steps to validate a domain
Note: Public domains will not be listed, as they cannot be validated.
Click the Admin Center
icon in the top-right corner of the Bookings menu bar.

Click Domain Authentication under the Data Administration section. This lists the custom domains added.

Click the Validate button next to the domain you want to authenticate. A Domain Authentication slider will open.

and click Copy for each of them. Paste these records into your domain provider's DNS settings to verify domain ownership and authorize Zoho Bookings to send emails.
Once the records are added, return to Bookings and click Validate Now at the bottom. The DNS changes will be applied immediately, and the domain's authentication status will update to 'Validated'.

The authentication process is now complete.