I have an Azure Website built on Angular5 protected by Azure AD for authentication. The API layer is developed as Azure function app, also authenticated by Azure AD. Now , I want this website to be available to all users in my organisation and not allow any guest users registered in the tenant to access the web site & API. What are my options here?
Currently the app & API can be accessed by even the guest accounts.