Restricting your Azure AD app to a set of users
When you register an application inside the Azure AD tenant, it is available to all users that authenticate successfully to the tenant. In addition, in the case of registering a multi-tenant app, all users in all the Azure AD tenants where the app is provisioned will have access to the apps by default.
In a lot of scenarios, apps must be restricted to a certain set of users. This can be done easily by adding groups or users to the Enterprise app service principal in Azure AD.
In the next demonstration, we are going to add a user that is already added to Azure AD to the app; therefore, we first need to update the Enterprise app to require user assignment.
Updating the app to require user assignment
First, we need to make some changes to the Enterprise app to require user assignment for it; therefore, we need to take the following steps:
- In the overview page of Azure, select Azure Active Directory.
- Under Manage...
