Forum Discussion

Unnie's avatar
Unnie
Iron Contributor
Jan 18, 2018

Azure AD - Prevent guest access on an Azure website

I have an Azure Website built on Angular5 protected by Azure AD for authentication. The API layer is developed as Azure function app, also authenticated by Azure AD. Now , I want this website to be available to all users in my organisation and not allow any guest users registered in the tenant to access the web site & API. What are my options here?

Currently the app & API can be accessed by even the guest accounts.

  • Patrik Lilja's avatar
    Patrik Lilja
    Copper Contributor
    An unwanted feature might help you with this..
    We put all user in a group for to be able to use our app and do check if the user is in that group in our Tennant and uses Graph for checking group membership. Graph, as it seams, do not check the group membership for a guest in our Tennant, as all guests group membership queries tend to go to the guest own home Tennant for this info. We would like to get the group membership in our Tennant for the guest but this is not working, even if we tell the app to only query our Tennant with our specific Tennant ID. ie our app only lets our own users use the app..