Bug ID 1063353: AGC Azure AD deployment fails with error "Values of identifierUris property must use a verified domain of the organization or its subdomain"

Last Modified: Apr 22, 2022

Bug Tracker

Affected Product:  See more info
AGC APM(all modules)

Opened: Nov 22, 2021
Severity: 3-Major

Symptoms

Access Guided Configuration deployment fails with an error "Values of identifierUris property must use a verified domain of the organization or its subdomain"

Impact

Deployment of AzureAD app fails

Conditions

-- Azure AD is configured in Access Guided Configuration -- An un-verified domain is in the entityId field

Workaround

Use verified custom domains (that are added in the Azure portal) in the entity ID field. For more information, see https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-breaking-changes#appid-uri-in-single-tenant-applications-will-require-use-of-default-scheme-or-verified-domains Recommended option is to deploy application using App id URI is using the verified custom domain only so that users and other tenants who access the application can trust the application and see that the application is using the verified domain which is a good practice for application purposes only. During the first-time deployment you are prompted to deploy the application using the verified domain only and you might get the option to change it to the unverified again but this is not the recommended option from Microsoft.

Fix Information

None

Behavior Change