Access Office 365 AAD, SharePoint, Graph from another account

Highlighted
New Contributor

OK, I have deployed PnP Partner Pack to my company's azure storage account. How does it work. The application is an MVC application. Before I deploy it I have to do the following:

  1. Create a storage account
  2. Create a web app in this storage account
  3. Register the web app in AAD
  4. Assign the following permissions to the web app: SharePOint, Graph
  5. Insert the application ID and secret key in the web config of the solution
  6. Assign URL that needs to access the sharepoint Site collection online inside web.config
  7. Deploy the solution to Azure Web Application

Once it is deployed then I can open the web application which now has access to SharePoint online.

The problem? As long as the Office 365 and Azure Tenant account are the same there is no problem. But now that I don't have anymore the same account for Azure Tenant and office 365, I cannot access sharepoint from my Azure web application. I don't know how to set up the application registration in Azure AD so that it can access sharepoint in another office 365 tenant.

Eg.: Azure Tenant name "admin@contoso.com" needs to access SharePoint, Graph and AAD in office 365 which has the following tenant account "admin@somecompany.onmicrosoft.com".

How can I set it up so from my web application in Azure Web application "adminA@contoso.com") I can access the following SharePoint, Graph and AAD in another office 365 tenant account ("admin@somecompany.onmicrosoft.com")?

Edit 3

Web app that lives in Azure "admin@contoso.com" account needs to access users (AAD), SharePoint and Graph of the other office 365 account, i.e: "admin@somecompany.onmicrosoft.com".

Hope it is clear.