Jun 22 2020 11:01 AM
If i have a user who accesses applications over multiple tenants,
how can i restrict the user to access an Office365 app only on a particular tenant.?
Example,
User accesses the Office365(OneDrive, Mail, etc.) apps using a tenant(X)- Allow
User to accesses only the Application(A) on tenant(Y) -Allow
If user tries to access Office365(OneDrive, Mail, etc.) apps using the tenant(Y), user must be blocked
Jun 22 2020 11:27 AM
If I have understood you correctly, in order to do this you would need to create and apply Cloud App Security policies within each specific tenant, and apply to the relevant tenant user object. Tenant A cannot control user activity in Tenant B and vice versa.
Jun 22 2020 11:44 AM
@PeterRising Thanks Peter.
Yes, can it be done?
to be more specific:
User(Syed) accesses all Office365 applications using tenant(microsoft.com).
User(Syed) wants to access a particular application(registered on Azure, say App P) using tenant(google.com)
and if User(Syed) wants to access any other application other than App P using tenant(google.com), user must be blocked.
how can i achieve this?
the application(App P) is registered on Azure with tenant(google.com) as Azure AD is the IdP for the application sign-on.