We are in the middle of a divestiture and have been faced with a hurdle.
Currently, all our organizations users access various applications and portals making use of SSO with their email@example.com UPN. However, as a part of the divestiture project - a sect of our have been asked to change their UPN to geo-specific locations (for e.g. firstname.lastname@example.org). The central support team of the organization would continue to use email@example.com.
Will the users be able to access the current SaaS apps (such as salesforce) if we make the required UPN changes in Azure AD/local AD or would it require additional configuration steps?