Office 365 provisioning error: "The domain portion of the userPrincipalName property is invalid. You must use one of the verified domain names in your organization."
Jul 8, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview
Microsoft Office 365 provisioning flow fails with the following error visible in the Okta dashboard:
The domain portion of the userPrincipalName property is invalid. You must use one of the verified domain names in your organization.
Applies To
- Microsoft Office 365
- Provisioning
- Error
- Single Sign-On (SSO)
Cause
Office 365 reports the error when the usernames sent from Okta do not match the username format from Office 365.
Solution
Please ensure that the domain used for the Application username format is the same as the one used for the Microsoft Office 365 federation.
