I was looking into integrating LastPass and Azure AD with federation login (documentation here) except that I ran into a problem with the fact that the current users on my LastPass Enterprise have a different TLD than my users on Azure, which cause an endless loop when trying to authenticate.
For example, on LastPass I have "firstname.lastname@example.org", but on Azure it's "email@example.com".
I changed some emails on LastPass to match the domain my users use to login on Azure and it works just fine, but this would bring a plethora of other problems that I can't afford to deal with.
The question is, any way I can make Azure accept a domain different than the one used to login? I know some platforms can do this transformation on their side (I believe ServiceNow does this), but LastPass support wasn't very helpful.