Your company has on-premises Domain Name System (DNS) servers that are authoritative for its domain. You create a directory in Azure Active Directory (Azure AD). You want to create a custom domain for this directory that matches your company's domain.
You need to configure the environment so that you can have Azure verify the custom domain.
What should you do?
You should add a TXT record to your company's DNS servers. When you ask Azure to verify a custom domain, it issues DNS queries for TXT records. Because your company has on-premises DNS servers that are authoritative for its domain, Azure sends the DNS queries to your company's DNS servers. If the TXT entry in Azure matches the TXT entry in your company's DNS servers, verification succeeds.
You should not add a TXT record to your company's domain registrar. You should do this only if the registrar is authoritative or the domain.
You should not add CNAME records. CNAME records are alias records that allow you to forward requests from a domain name to another domain name or server.