Restrict Apps on a particular tenant

Highlighted
New Contributor

If i have a user who accesses applications over multiple tenants,

how can i restrict the user to access an Office365 app only on a particular tenant.?

 

Example, 

User accesses the Office365(OneDrive, Mail, etc.) apps using a tenant(X)- Allow

User to accesses only the Application(A) on tenant(Y) -Allow

If user tries to access Office365(OneDrive, Mail, etc.) apps using the tenant(Y), user must be blocked

2 Replies
Highlighted

@Syed46 

 

If I have understood you correctly, in order to do this you would need to create and apply Cloud App Security policies within each specific tenant, and apply to the relevant tenant user object.  Tenant A cannot control user activity in Tenant B and vice versa.

Highlighted

@PeterRising Thanks Peter.

Yes, can it be done?

to be more specific:

User(Syed) accesses all Office365 applications using tenant(microsoft.com).

User(Syed) wants to access a particular application(registered on Azure, say App P) using tenant(google.com)

and if User(Syed) wants to access any other application other than App P using tenant(google.com), user must be blocked.

 

how can i achieve this?

the  application(App P) is registered on Azure with tenant(google.com) as Azure AD is the IdP for the application sign-on.