How to set up DKIM on SendGrid

Step by step DKIM setup for SendGrid: complete instructions, examples, verification commands, and common pitfalls.

Want to check your domain while following this guide?

Run a free SPF, DKIM and DMARC check on your domain to see exactly what is passing and what needs fixing.

No signup required. Works on any domain.

search Run a Free Domain Check notifications_active Monitor my domain

This is a reference guide for configuring DKIM on SendGrid. Use it while editing DNS or when troubleshooting deliverability.

Tip: Configure DKIM for SendGrid in minutes. This guide keeps it practical and safe. Then verify everything with the InboxGreen Free Checker.

Provider-specific notes for SendGrid

  • SendGrid domain authentication uses CNAME records for DKIM and a branded mail-from subdomain - not a plain TXT SPF record. Follow the exact records from SendGrid's UI.
  • If you send from SendGrid alongside another provider, you still need both providers in a single SPF record. Merge the includes, do not create two SPF TXT records.
  • SendGrid → Settings → Sender Authentication → Domain Authentication.

What you’ll need

  • Access to SendGrid to generate a DKIM key and selector.
  • DNS provider access to publish a TXT record at selector._domainkey.

Generate your DKIM key

In SendGrid, generate a DKIM key and note the selector. Providers often suggest something like s1 and s2 (or custom branded selector).

SendGrid → Settings → Sender Authentication → Domain Authentication.

Publish the record

  1. Create a TXT record at host selector._domainkey (replace selector with your actual selector name).
  2. Paste the full value starting with v=DKIM1; k=rsa; p= and save.
  3. Wait for DNS propagation.

Verify DKIM

  • Send a test email to a Gmail address and use “Show original” to confirm “DKIM: PASS”.
  • Or run: 
    dig TXT selector._domainkey.yourdomain.com +short

Common mistakes

  • Using the wrong host so the record becomes selector._domainkey.yourdomain.com.yourdomain.com.
  • Breaking the value by wrapping or truncating the TXT string.
  • Publishing a record for the wrong selector and then validating on another.

Related for SendGrid

quick_reference_all Set up SPF on SendGrid quick_reference_all Set up DMARC on SendGrid quick_reference_all Set up List-Unsubscribe on SendGrid
Pro tip: Turn on InboxGreen Monitoring to check these records daily and get alerts if something breaks.

Free Deliverability Scan

Check SPF, DKIM, DMARC and List-Unsubscribe for your domain in seconds.

Useful tools

tune SPF Generator tune DMARC Generator verified Badges