Currently all trusted app domains must be listed fully qualified in the manifest, e.g.
<AppDomain>https://customer1.acme-eu.com</AppDomain>
<AppDomain>https://customer2.acme-eu.com</AppDomain>
<AppDomain>https://customer3.acme-us.com</AppDomain>
<AppDomain>https://customer4.acme-us.com</AppDomain>
Our company has several root domains for their customer tenants. In the example above acme-eu.com and acme-us.com.
But as these customer tenant URLs (e.g. https://customer2.acme-eu.com) are sensitive data we can not put them in our delivered add-in manifest because all other customers would have the chance to see them.
Currently our customers need to use the O365CentralizedAddInDeployment PowerShell command to configure additional domains before using our add-in which is extremely error prone and sometimes just not working. Many hours of support needs to be invested to get the configuration fixed. For example after every change in the configuration all users needs to manually clear their add-in cache in Excel.
Having wildcards in the manifest would enormously help us and our customers:
<AppDomain>https://*.acme-eu.com</AppDomain>
<AppDomain>https://*.acme-us.com</AppDomain>
During add-in submission Microsoft can validate that the used domains are trustful.