If you utilize the UserPrincipalName parameter, you don't need to use the AzureADAuthorizationEndpointUri parameter for MFA or federated customers in environments that Usually have to have it (UserPrincipalName or AzureADAuthorizationEndpointUri is needed; Alright to work with the two). If no proprietor exists, warning messages are sent to users with Proprietor https://deanhosci.blogthisbiz.com/42818178/sudoku-blocks-no-ads-secrets
