May 24 2024 04:19 AM
Hi,
I am just having a play with cross-tenant access as we'd like to use Shared Channels in Teams. I've setup a test connection between two tenants. Tenant A is configured for inbound access from Tenant B and then Tenant B is configured to outbound access to Tenant A. This appears be working. The part that makes me very nervous is if I sign into Azure using Tenant A's URL i.e. https://portal.azure.com/TenantA and then login with my Tenant B credentials I can see all the Azure Entra settings including user names, email, enterprise apps, devices etc. Is this by design? Can I do anything to prevent this kind of access?
Cheers
Rob
May 24 2024 09:26 AM
@Rob-CTL How are your Guest Access Permissions configured? I don't know if B2B Direct Connect also Respects these settings, but what you are describing goes against the documentation.
Did you perhaps previously create a guest account in Tenant A for the Account from Tenant B? If you are only using shared Channels you should not have a guest user object in Tenant A!
May 28 2024 09:04 AM