Share via

Can't verify domain after adding TXT record on AWS Route 53

Joao Alpoim 20 Reputation points
2025-05-12T12:58:02.0966667+00:00

I'm trying to verify a custom domain in Microsoft Entra ID (Azure AD). I added the required TXT record to AWS Route 53 for the domain, using the exact values provided in the Azure portal.

Record:

  • Type: TXT
  • Name: @
  • Value: MS=ms######## (from Azure)

After creating the record, I waited more than 72 hours, and it still fails to verify in the Azure portal. I've confirmed the record is visible via external DNS tools like nslookup and dig. TTL is set to default (300 seconds).

I've verified that:

  • The domain is registered and active.
  • The name servers are pointing to Route 53.
  • The TXT record matches exactly.

Despite all that, Azure won't verify the domain.

Any help would be appreciated.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Answer accepted by question author
  1. Raja Pothuraju 43,505 Reputation points Microsoft External Staff Moderator
    2025-05-13T09:55:27.7+00:00

    Hello @Joao Alpoim,

    Thank you for sharing the details over private message.

    The issue relates to an unable to verify custom domain name as it is verified in different directory in Azure. 

    To resolve this, we have engaged our Data Protection team through a support ticket. They will reach out to you via email or phone to help restore access to the tenant and assist in resolving the issue.

    Once the issue has been resolved by our support team, please feel free to revisit and kindly click "Accept Answer," as this will be helpful to other community members facing similar issues.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.