Looking for any insight/experience in setting up Azure/Entra for both user provisioning and single sign-on when most users have at least one subdomain proxy address and some have multiple proxy addresses.
I have been the org admin for a single department's Jira Cloud instance for ~4 years which had one email subdomain for all staff, but now I am tasked with deploying Jira Cloud to the entire division which has roughly 20 email subdomains (and possibly more I don't know about!)
Everyone at the university is provisioned with an email address on the "main" email domain, e.g. "username@acme.edu", but they have the option to add an alias of "firstname.lastname@acme.edu", and depending on what departments they work for, potentially assigned extra aliases like "username@dept.acme.edu", "firstname.lastname@dept.acme.edu", and "username@otherdept.acme.edu." And the user can set any of those aliases as their primary. All of these aliases are stored in the "proxyAddresses" attribute in Entra/Azure.
Basically, I'm looking for any pitfalls to watch out for here. I can easily claim and manage the 20-ish email subdomains that belong to my division, but it is not at all certain I will be allowed to claim the "main" email domain.
Will proxy addresses pose an issue for users logging into the customer portal or sending email requests? Should we remove the vanity subdomains and enforce a single subdomain (easy for faculty/staff, very difficult for students)?
