![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 35%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
To restrict a Microsoft Entra application to specific users or services, you can configure the application to require user assignment. This means that only users or services assigned to the application will be able to sign in or obtain an access token. Here are the steps to do this:
- Sign in to the Microsoft Entra admin center.
- Navigate to Enterprise apps > All applications.
- Select the application you want to configure.
- On the application's Overview page, under Manage, select Properties.
- Locate the setting Assignment required? and set it to Yes.
- Save your changes.
When you set the application to require assignment, user consent for that application is not allowed, ensuring that only assigned users can access it. Additionally, you may also consider using Azure role-based access control (Azure RBAC) for more granular access control.
References: