Azure Active Directory Registered Application best practices

%3CLINGO-SUB%20id%3D%22lingo-sub-2207321%22%20slang%3D%22en-US%22%3EAzure%20Active%20Directory%20Registered%20Application%20best%20practices%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2207321%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20were%20planning%20on%20adding%20an%20application%20to%20the%20azure%20marketplace%20and%20integrating%20using%20OIDC.%3C%2FP%3E%3CP%3EThere%20were%20two%20aspects%20which%20I%20wanted%20to%20validate%20with%20the%20general%20community%20on%20best%20practices..%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ea)%20Is%20it%20a%20best%20practice%20to%20honor%20users%20only%20from%20%22federated%20Domains%22%3F%3C%2FP%3E%3CP%3Eb)%20What%20is%20the%20best%20practice%20on%20allowing%20%22Guest%20Users%22%20to%20federate%20from%20a%20given%20tenant%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2207321%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Visitor

We were planning on adding an application to the azure marketplace and integrating using OIDC.

There were two aspects which I wanted to validate with the general community on best practices..

 

a) Is it a best practice to honor users only from "federated Domains"?

b) What is the best practice on allowing "Guest Users" to federate from a given tenant?

0 Replies