admin管理员组文章数量:1419222
What I want to achieve
I'm building a web app with an SPA front end that will be hosted in Azure and which will use Azure AD authentication.
I want all users from my main tenant to be able to access the app without having to be invited.
I want to be able to invite external users to access the app.
My plan
Create a B2C tenant in single tenant mode. External users will be invited to this.
In the B2C tenant create a custom sign up policy that permits only users in the main tenant to sign themselves up to the B2C tenant.
Questions
Will this work?
Is this the best approach?
What I want to achieve
I'm building a web app with an SPA front end that will be hosted in Azure and which will use Azure AD authentication.
I want all users from my main tenant to be able to access the app without having to be invited.
I want to be able to invite external users to access the app.
My plan
Create a B2C tenant in single tenant mode. External users will be invited to this.
In the B2C tenant create a custom sign up policy that permits only users in the main tenant to sign themselves up to the B2C tenant.
Questions
Will this work?
Is this the best approach?
Share Improve this question edited Jan 29 at 13:38 Neutrino asked Jan 29 at 11:46 NeutrinoNeutrino 9,74510 gold badges66 silver badges99 bronze badges 4- 1 Refer this SO thread and let me know it is useful or not – Pratik Jadhav Commented Jan 29 at 12:28
- I didn't provide enough info. My web app is an SPA. That example is just enforcing the tenant whitelist in the web app. That's fine if it's a server side web app, but you can't do that in an SPA. – Neutrino Commented Jan 29 at 13:37
- you could just use external ID in your main tenant: learn.microsoft/en-us/entra/external-id/… – Thomas Commented Feb 2 at 3:50
- True, but I don't want external users in my main tenant. These external users aren't collaberating with us directly, we are just giving them access to some specific applications. – Neutrino Commented Feb 2 at 17:06
1 Answer
Reset to default 0If by invite you mean send an email, B2C out of the box does not have an invite feature.
You'd have to write this yourself and use your own email provider.
In terms of whitelisting, refer to the B2C samples here, here and here.
本文标签: Azure AD multi tenant authenticationhow to whitelist specific tenantsStack Overflow
版权声明:本文标题:Azure AD multi tenant authentication - how to whitelist specific tenants? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745300655a2652351.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论