![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 26%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
25,081 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Swetalina Panda ,
A multi-tenant application allows different Azure AD tenant to use your application by creating passwordless trusts between the tenants. In this design, multiple tenants share the same physical instance of the app.
Whereas in a single-tenant architecture, you have to spin up new instances of the app within the tenant.
A single-tenant application can only be accessed by users with accounts in the same tenant as the application registration. As for security, anything serving more customers has a risk of being less secure, but those users will not be able to access your other data. The security is dependent on your own infrastructure and how you set up the application, which is really the case in either setup. You can use role-based access control, access policies, MFA, Conditional Access, and other protections to secure your app.
Let me know if this helps at all.
Resources:
Multi-Tenant Identity
How to convert an app to be multi-tenant
[4]: https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant [6]: https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app