The oauth flow you just mentioned exists, I just did it to confirm my domain in cloudflare with google workspace: google did an oauth flow and I got a cloudflare popup asking me to add a dns record for an hour. It was very cool.
My friend, it took me a few hours to find it -- there's zero documentation on Cloudflare about cloudflare supporting it, but it's supported [1], but godaddy luckily is a lot more vocal about it [2], here's the spec:
Wow, I'm still reading the spec but on the surface this appears to be almost exactly what I've been looking for for over a year[0] and somehow unable to find. I really appreciate you taking the time.
And yeah I hear what you're saying about ideas haha.
My problem with this spec is it requires Service Providers and DNS Providers to know about each other. It's essentially formalising the status quo of cookie cutter setups for big name providers.
Yeah, I read the website and the entire spec. I think it's pretty good, but it's built by big names for big names. There's nothing wrong with that, but I'm concerned it might not be appropriate for things like quickly pointing a simple A Record at a self-hosted open source service. Maybe I'm wrong. I'm having a good discussion with the spec developers here: https://github.com/Domain-Connect/spec/issues/64
