$ dig _agentroot TXT
The DNS TXT record is the root of trust for AgentRoot. It proves domain ownership and points to your capabilities.
The _agentroot TXT record
Add a TXT record at _agentroot.<your-domain>. The record value always starts with v=ar1 (protocol version 1) followed by either a manifest URL or inline record fields.
| Field | Required | Description |
|---|---|---|
| v=ar1 | Yes | Protocol version. Always ar1. |
| manifest=<url> | Manifest mode | URL to your manifest JSON. |
| type=<type> | Inline mode | Record type for inline records. |
Manifest URL mode
Point to a JSON manifest that lists all your records. Best for domains with multiple records or rich metadata.
The recommended manifest location is /.well-known/agentroot.json, but you can host it anywhere accessible via HTTPS.
Inline mode
For domains with a single record, put the record directly in DNS. No manifest needed.
Agent
| Field | Description |
|---|---|
| type=agent | Record type |
| name=<name> | Display name (no spaces, or use + for spaces) |
| endpoint=<url> | Agent endpoint URL |
| protocol=<proto> | Optional: a2a, rest, graphql, websocket |
MCP Server
| Field | Description |
|---|---|
| type=mcp | Record type |
| name=<name> | Display name |
| transport=<type> | sse, streamable-http, or stdio |
| endpoint=<url> | Server endpoint URL |
Skill
| Field | Description |
|---|---|
| type=skill | Record type |
| index=<url> | URL to index.json (for collections) |
| skill_md=<url> | URL to a single SKILL.md file |
A2A Endpoint
| Field | Description |
|---|---|
| type=a2a | Record type |
| name=<name> | Display name |
| endpoint=<url> | A2A agent card or endpoint URL |
Subdomain records
Subdomains get their own _agentroot TXT records:
Each subdomain is independently verified. The parent manifest can include a subdomains array as a discovery hint, but the subdomain's own DNS record is the source of truth.
Adding the record on your DNS provider
Every DNS provider exposes the same five fields. Wording and menu paths differ; the values do not.
- Open your provider's DNS management panel for the domain
- Add a new record (or "Create record" / "Add record" / "Add new record")
- Type:
TXT - Name / Host:
_agentroot(some panels want the full_agentroot.yourdomain.com) - Value / Content / Answer:
v=ar1 manifest=https://yourdomain.com/.well-known/agentroot.json - TTL:
300while iterating,3600for stable production (Cloudflare's "Auto" resolves to 300) - Save
Tested with: Cloudflare, AWS Route 53, Namecheap, GoDaddy, Porkbun, Google Domains / Squarespace Domains, Hover, Gandi. If your provider isn't listed, the same five fields still apply — the only thing that changes is the menu label.
dig _agentroot.yourdomain.com TXT or submit your domain on AgentRoot to trigger verification.Verify your record
Check that your TXT record is live:
Recommended TTL values
Set your _agentroot.<domain> TXT record's TTL based on how often you expect to update your manifest:
| Use case | TTL (seconds) | Notes |
|---|---|---|
| Actively iterating on records | 300 (5 min) | Cloudflare "Auto" resolves to 300s |
| Stable production | 3600 (1 hour) | Recommended default for most domains |
| Long-term stable, rarely changes | 86400 (24 hours) | Good for established public APIs |
AgentRoot's resolver re-queries DNS on every search request, so a low TTL costs you nothing in performance — it just means downstream caches (other AI agents, DNS resolvers) will see your changes faster. If you want to publish changes quickly, drop TTL to 300 a day before, make the change, then raise it back.
Do I need both the DNS record AND a .well-known file?
Short answer: the DNS TXT record is always required. The .well-known/agentroot.json file is only required for manifest=<url> mode.
Two valid modes for _agentroot.<domain> TXT records:
Manifest mode
The TXT record points to an external JSON manifest:
Here you MUST host agentroot.json at the path referenced (typically .well-known/agentroot.json).
Inline mode
The TXT record contains the record fields directly:
Here NO .well-known/ file is needed. The TXT record is the entire record.