We setup customers to register our application in their azureAD for SSO. Since we use . CNAME to point their application URL to our AWS load balancers we cannot verify the subdomain using a TXT record.
So instead we had to have them verify the root. They were then able to set the application URI and on we go.
Can anyone think of any security implications for this?
