Office365 and Azure AD Access Defaults

Frequent Contributor

Hello - is it possible to achieve these defaults?


  • By default users are only allowed to authenticate within the same country as their country code/location attribute or email tld suffix, or a specific group membership?
    eg: We are a multi geo located org.  We use various domain.countrycode email domains for regions.  Can i create a default policy or rule that only allows AU ( to authenticate within Australia, and to only authenticate in UK.
  • By default deny Sharepoint access to specific domains within our org.
1 Reply
best response confirmed by AndrewX (Frequent Contributor)

No, there is no functionality in AAD that will allow this. If you have such requirements, you should consider using AD FS (or in general any other method that redirects the auth process to on-premises or third-party) and implement the country login there.