Create domain

Namespace: microsoft.graph

Adds a domain to the tenant.

Important: You cannot use an associated domain with your Azure AD tenant until ownership is verified. See List verificationDnsRecords for details. Root domains require verification. For example, requires verification. If a root domain is verified, subdomains of the root domain are automatically verified. For example, is automatically be verified if has been verified.


One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type Permissions (from least to most privileged)
Delegated (work or school account) Domain.ReadWrite.All
Delegated (personal Microsoft account) Not supported.
Application Domain.ReadWrite.All

The work or school account needs to belong to one of the following roles:

  • Global Administrator
  • Domain Name Administrator
  • Partner Tier2 Support

HTTP request

POST /domains

Request headers

Name Description
Authorization Bearer {token}. Required.
Content-Type application/json

Request body

In the request body, supply a JSON representation of domain object.

The request body contains the id property for the new domain. Id is the only property that can be specified and it is required. The id property value is the fully qualified domain name to create.


If successful, this method returns 201 Created response code and domain object in the response body.



In the request body, supply a JSON representation of domain object.

Content-type: application/json

  "id": ""

Note: The response object shown here might be shortened for readability.

HTTP/1.1 201 Created
Content-type: application/json

  "authenticationType": "authenticationType-value",
  "availabilityStatus": "availabilityStatus-value",
  "id": "",
  "isAdminManaged": true,
  "isDefault": true,
  "isInitial": true,
  "isRoot": true