Verify existing domains in Apple Business Manager
When you create Managed Apple IDs using a specific domain, you must first prove to Apple that your organization claims that domain. You must also prove your ownership before federating a domain. If you already have federated authentication configured, verify your domain as soon as possible.
If more than one organization is using the same domain, all organizations can independently verify the domain. However, only one organization is allowed to federate the domain. Other organizations must move and rename their Managed Apple IDs to another verified or reserved domain.
Important: You have only 14 calendar days to complete the process or you must begin the verification process again. Depending on the network configuration and number of locations, MDM servers, and devices, it may take some time for DNS changes to appear. Make sure you’ve notified the person in your organization who can write records to your DNS entries (for example, your DNS administrator) so the task can be completed before the 14-day expiration.
Start the verification process for an existing domain
For any existing domain you were using before mandatory domain verification, verify those domains as soon as possible. If you don’t want or are unable to verify the domain, move the Managed Apple IDs you don’t wish to verify to either reserved domains or to others that have already been verified.
Note: A reserved domain is the default domain. It appears under Accounts and matches the organization’s domain name of the website you used when you enrolled in Apple Business Manager, plus an incremental number. For example, if the organization’s website is www.example.com, a reserved domain name could be example1.appleid.com.
In Apple Business Manager , sign in with an account that has the role of Administrator or People Manager.
Click Settings at the bottom of the sidebar, then click Accounts below Organization Settings.
Click Edit, review the list of domains, then click Verify next to the domain you want to verify.
You will see a TXT record and receive an email saying that the domain you selected is now attempting to be verified. You have 14 calendar days to complete the verification process. The TXT record contains a string with random characters at the end, for example, apple-domain-verification=RaNdOmLeTtErSaNdNuMbErS.
If you’re using one of the following services, see their documentation for pasting a TXT record into a zone file or contact your DNS administrator:
GoDaddy: Add a TXT record
Microsoft Azure: Add a TXT record for verification
Network Solutions: How Do I Manage DNS and Advanced DNS Records?
If you have a different domain registrar, contact them for information on how to add a TXT record to your DNS zone file.
After the TXT record is added, complete the task Finalize the verification process.