Unable to Verify Custom Domain in Microsoft Entra ID Despite Correct DNS Records

Hello Azure Community,

I’m trying to verify my organization’s custom domain in Microsoft Entra ID, but the process keeps failing with the message:

“We can’t verify your domain. Make sure you’ve added the TXT or MX record correctly.”

Here’s what I’ve done so far:

Created the domain in Entra Admin Center under Custom domain names.

Added both TXT and MX records exactly as provided in the portal.

Waited over 48 hours to ensure global DNS propagation.

Confirmed the records exist publicly using nslookup and several DNS checkers.

Followed the Microsoft troubleshooting guide for “Domain verification issues.”

Verified that no other Azure tenant should be using our domain (this is our company’s only Entra instance).

Despite all of that, the verification continues to fail each time I click “Verify.” I’ve even deleted and re-added the domain, cleared browser cache, and retried from multiple devices.

Environment Details:

Portal: Entra Admin Center (Azure AD)

Action: Adding a custom domain for verification

• DNS Provider: Cloudflare

Records Type: TXT + MX

• Region: United States – East US

Tenant Type: Work / Organizational tenant

Questions for the Community:

Are there any known delays or DNS caching issues that could prevent verification even when records resolve externally?

Could another hidden or deleted tenant still be holding this domain, and how can I check that?

Is there a Microsoft escalation process if my domain appears to be “stuck” from a previous tenant?

Any specific TTL or record-type caveats I should be aware of for Entra verification?

Goal:

I just need to successfully verify the custom domain so I can assign users and set up SSO and mail integration under this domain.

Thank you in advance for any insight or guidance!
– Cole