Migrate an active DNS name to Azure App Service

This article shows you how to migrate an active DNS name to Azure App Service without any downtime.

When you migrate a live site and its DNS domain name to App Service, that DNS name is already serving live traffic. You can avoid downtime in DNS resolution during the migration by binding the active DNS name to your App Service app preemptively.

If you're not worried about downtime in DNS resolution, see Map an existing custom DNS name to Azure App Service.


To complete this how-to, make sure that your App Service app is not in FREE tier.

Bind the domain name preemptively

When you bind a custom domain preemptively, you accomplish both of the following before making any changes to your existing DNS records:

  • Verify domain ownership
  • Enable the domain name for your app

When you finally migrate your custom DNS name from the old site to the App Service app, there will be no downtime in DNS resolution.

Access DNS records with domain provider


You can use Azure DNS to configure a custom DNS name for Azure App Service. For more information, see Use Azure DNS to provide custom domain settings for an Azure service.

  1. Sign in to the website of your domain provider.

  2. Find the page for managing DNS records. Every domain provider has its own DNS records interface, so consult the provider's documentation. Look for areas of the site labeled Domain Name, DNS, or Name Server Management.

    Often, you can find the DNS records page by viewing your account information and then looking for a link such as My domains. Go to that page, and then look for a link that's named something like Zone file, DNS Records, or Advanced configuration.

    The following screenshot is an example of a DNS records page:

    Screenshot that shows an example DNS records page.

  3. In the example screenshot, select Add to create a record. Some providers have different links to add different record types. Again, consult the provider's documentation.


For certain providers, such as GoDaddy, changes to DNS records don't become effective until you select a separate Save Changes link.

Get domain verification ID

Get the domain verification ID for you app by following the steps at Get domain verification ID.

Create domain verification record

To verify domain ownership, add a TXT record for domain verification. The hostname for the TXT record depends on the type of DNS record type you want to map. See the following table (@ typically represents the root domain):

DNS record example TXT Host TXT Value
@ (root) asuid Domain verification ID for your app
www (sub) asuid.www Domain verification ID for your app
* (wildcard) asuid Domain verification ID for your app

In your DNS records page, note the record type of the DNS name you want to migrate. App Service supports mappings from CNAME and A records.


Wildcard * records won't validate subdomains with an existing CNAME's record. You may need to explicitly create a TXT record for each subdomain.

Enable the domain for your app

  1. In the Azure portal, in the left navigation of the app page, select Custom domains.

    Custom domain menu

  2. In the Custom domains page, select Add custom domain.

    Add host name

  3. Type the fully qualified domain name you want to migrate, that corresponds to the TXT record you create, such as contoso.com, www.contoso.com, or *.contoso.com. Select Validate.

    The Add custom domain button is activated.

  4. Make sure that Hostname record type is set to the DNS record type you want to migrate. Select Add hostname.

    Add DNS name to the app

    It might take some time for the new hostname to be reflected in the app's Custom domains page. Try refreshing the browser to update the data.

    CNAME record added

    Your custom DNS name is now enabled in your Azure app.

Remap the active DNS name

The only thing left to do is remapping your active DNS record to point to App Service. Right now, it still points to your old site.

Copy the app's IP address (A record only)

If you are remapping a CNAME record, skip this section.

To remap an A record, you need the App Service app's external IP address, which is shown in the Custom domains page.

In the Custom domains page, copy the app's IP address.

Portal navigation to Azure app

Update the DNS record

Back in the DNS records page of your domain provider, select the DNS record to remap.

For the contoso.com root domain example, remap the A or CNAME record like the examples in the following table:

FQDN example Record type Host Value
contoso.com (root) A @ IP address from Copy the app's IP address
www.contoso.com (sub) CNAME www <appname>.azurewebsites.net
*.contoso.com (wildcard) CNAME * <appname>.azurewebsites.net

Save your settings.

DNS queries should start resolving to your App Service app immediately after DNS propagation happens.

Migrate domain from another app

You can migrate an active custom domain in Azure, between subscriptions or within the same subscription. However, such a migration without downtime requires the source app and the target app are assigned the same custom domain at a certain time. Therefore, you need to make sure that the two apps are not deployed to the same deployment unit (internally known as a webspace). A domain name can be assigned to only one app in each deployment unit.

You can find the deployment unit for your app by looking at the domain name of the FTP/S URL <deployment-unit>.ftp.azurewebsites.windows.net. Check and make sure the deployment unit is different between the source app and the target app. The deployment unit of an app is determined by the App Service plan it's in. It's selected randomly by Azure when you create the plan and can't be changed. Azure only makes sure two plans are in the same deployment unit when you create them in the same resource group and the same region, but it doesn't have any logic to make sure plans are in different deployment units. The only way for you to create a plan in a different deployment unit is to keep creating a plan in a new resource group or region until you get a different deployment unit.

Next steps

Learn how to bind a custom TLS/SSL certificate to App Service.