Subdomain/domain takeover is a thing nowadays. With bounty programs you can see a lot of companies getting some subdomain takeover ( https://www.google.pt/search?q=nowadays&oq=nowa&aqs=chrome.1.69i57j0l5.2519j0j7&sourceid=chrome&ie=UTF-8#q=subdomain+takeover+hackerone ).
While I was researching for a bounty program (btw you should be on one!) I was able to takeover a subdomain using your platform. I can provide in some private way this POC.
I’m not saying that this is all your fault! But you should use a more secure way to authorise a new custom domain on your platform to prevent a takeover just because someone forgot to remove a line from the DNS record!
Q: What feature / functionality are you looking for?
A: A more secure way to a domain owner authorise the use of his domain on your platform. My suggestion is to ask the owner to add TXT record that you will verify to assure that the domain owner agrees the use their domain when someone add it to your platform.
Q: What problem are you trying to solve?
A: Subdomain/domain takeover and a more secure way to a domain owner authorise the use of his domain on your platform
Q: If solved, what value would this provide (ex. increased efficiency, cost savings, etc.)?
A: Credibility, security, human error prevention!
Q: Use Case example? (ex. As a ____ I want to be able to _____ so I can _____.)
A: I can provide an example of a subdomain takeover that i was able to do while researching for a bug bounty.
Q: Is this being solved by another workaround or any other tool today?
A: Some other companies use this kind of authorization for the use of sub domains on theirs platforms.