Restricting Groups that are shared with apps

Hi, I am authorizing some app providers to access my school data via SDS. But I do not need to share all my groups with them, I only want to share the groups that are required to use the particu...

education

office 365

School Data Sync

Student Information System

Anonymous

Oct 26, 2017

One more point to add:

While it is "all or noting" accessing groups in Azure Active Directory & Office Graph, there are permissions you can restrict that are documented here.

https://developer.microsoft.com/en-us/graph/docs/concepts/permissions_reference

Hopefully this will add additional detail useful to you.

Thanks,

Matt

Jayadhari Riyaz

Copper Contributor

Oct 27, 2017

Thanks Matt for the reply.

Unfortunately, this is not going to help in our scenario. Yes, we have restricted what the app can access in our AAD data but we also want to limit the number of users in our side accessing the app for licensing (and other) reasons.

For example, if we have 2 groups with 5 users each and we have only 5 licenses for the app in question, we are thinking if we can allow the 5 users who have licenses be in one group and then share only that group information to be available for that particular app.

Is there a way that we can identify the groups to the app via a custom property or a tag, so that we can discuss how we can specify a way the app can identify a group that is meant for them and to ignore any groups without the said tag?

Forum Discussion

Restricting Groups that are shared with apps

Resources