For Microsoft you can verify using TXT records on your domain instead of the /.well-known/microsoft-identity-association.json file.
The confusing thing that at the point when you choose to do it you are told to do it using .well-known but when you go to the associated link (below) you can add using TXT record.
Very confusing Microsoft …
https://portal.azure.com/#view/Microsoft_AAD_IAM/DomainsList.ReactView