User Guide Cancel

Add domains to directories

Applies to enterprise.

You must set up domains in your Admin Console to authenticate your users according to your organization's authentication needs. Then, link the domains to appropriate directories based on how you want to share entitlements between users in your organization.

Note:

Add domains

The domains you add to the Admin Console don't need to be registered with the same identity provider (IdP). However, when you link these domains to a directory, you need to link domains from different IdPs to different directories.

You cannot add a domain to the Admin Console if it's already added to another organization's Admin Console. You can, however, request access to that domain.

Follow the steps below to add a domain to the Admin Console:

  1. Sign in to the Admin Console and navigate to Settings > Identity > Domains > Add domains

    Alternatively, you can also add a domain from your directory by navigating to Settings > Identity > open the appropriate directory in Directories list > select Add domain.

  2. In the Domains tab, select Add Domains.

  3. On the Add Domains screen, enter one or more domains and select Next. You can only claim and validate 15 domains at a time and add the remaining domains next.

  4. On the Add Domains screen, verify the list of domains and Add Domains.

Your domains are now added to the Admin Console. Now, demonstrate ownership of these domains.

Add domains directly inside a directory

You can add domains directly to an Admin Console directory and avoid the extra steps to link domains to directories. Follow the steps below:

  1. Sign in to the Admin Console and navigate to Settings.
  2. In the Directories list, click and open the directory in which you want to add domains and Add domain.
  3. In the Add domains window, select your preferred method to add domains and follow the respective steps below:

Follow the steps Add domains from Microsoft Azure Active Directory to add domains claimed in Microsoft Azure Portal

Follow the steps Add domains from Google to add domains claimed in Google Admin console

Enter your desired domains' names, review them, and click Add. Then, use the DNS token and TXT record from the Admin Console to verify ownership of the domains with your domain host.

Note:

Users associated with the domains added via DNS proof won't be able to log in until the ownership is verified with the DNS host.

Demonstrate domain's ownership

An organization must demonstrate their ownership of a domain. An organization can add as many domains to the Admin Console as required.

The Admin Console allows one organization to use a single DNS token to demonstrate ownership of all its domains. Also, the Admin Console does not require DNS validation for subdomains. This means that when you use the DNS token and demonstrate ownership of a domain, all subdomains of that domain are validated instantly as they are added to the Admin Console.

  1. Sign in to the Admin Console, navigate to Settings > Identity, and go to the Domains tab.

  2. Click  and choose Access DNS Token from the drop-down list.

  3. Work with your DNS manager to add a special DNS record for the domains that you have added.

  4. To verify that you own the domain, you must add a TXT record with the generated DNS token. The exact instructions depend on your domain host. For generic guidelines, see verify ownership of a domain.

  5. Add information to your DNS servers to complete this step. Inform your DNS manager in advance so they can complete this step promptly.

    Adobe periodically checks the DNS records for your domain. If the DNS records are correct, the domain is validated automatically. If you want to validate the domain immediately, you can sign into the Admin Console and validate it manually. Next, you need to validate domains.

Validate domains

Note:

The Admin Console automatically validates your domains. You do not need to take any action to validate a domain once the DNS records are properly configured.

If you need to validate your domain immediately, you can do this on the Admin Console. To manually validate your domains:

  1. Sign in to the Admin Console.

  2. Navigate to Settings > Identity and go to the Domains tab.

  3. Select Validate domains from the  menu. It displays all the domains that require validation. Select Validate.

You might receive error messages when trying to validate as it can take up to 72 hours for DNS changes to go into effect. To know more, see common questions related to DNS record.

After verifying your domain's ownership, link the validated domains to the required directories in the Admin Console.

If you have set up your directories and domains separately in the Admin Console, you must link the domains to the directories.

You can link multiple domains to the same directory. However, all the domains that you link to a single directory must share identical SSO settings.

Note:

You can skip this step if you added domains directly inside your Admin Console directory.

  1. Sign in to the Admin Console and navigate to Settings > Identity.

  2. Go to the Domains tab.

  3. Select your target domain. Then, select Link directory from the  menu.

    If you want to link multiple domains to the same directory, multi-select the checkboxes for these domains.

  4. In the Link to directory screen, choose the directory from the dropdown and select Link.

Join the conversation

To collaborate, ask questions, and chat with other administrators, use our Enterprise and Teams Community.

Get help faster and easier

New user?

ICYMI Promo

Updates and Releases!

In case you missed it follow this page to stay updated!

Updates and Releases!

In case you missed it follow this page to stay updated!

ICYMI Promo

Updates and Releases!

In case you missed it follow this page to stay updated!

Updates and Releases!

In case you missed it follow this page to stay updated!