Dec 28 2023 04:53 AM
Got an SPA App and Api I'm using MSAL for authentication. The endusers come from a limited set, but not a singular, tenant.
Since for the application authentication I can only select a single tenant, or all the tenants I'm looking for solutions here.
One is tenant collaboration/ multitenant organization but it seems like overkill for this need.
Another is multiple authorities but isn't it then tricky to wrangle multiple client ids, selecting the right authority etc.
Is there a way of doing this I'm missing?
Dec 28 2023 07:57 AM
Dec 28 2023 08:07 AM
So the other Tenants have added the Application to their own Tenants or do you add the Users from the other Tenants to the one the App Registration Lives in as Guests?
If you have registered a Multi Tenant Application in Entra ID I don't know of any way to restrict the tenants that can use it, so you would have to check the Tenant ID in the SSO Token within your application and create your own block logic.