Share via

How to Set Azure AD Apps Access Policy to Access only Room Data and Restrict User Data (Dynamically)

Rajeev Ammu 1 Reputation point
2022-12-16T07:21:26.06+00:00
  • For example In my Azure AD I have a 20 users in which 5 of them are Rooms
  • I am using the application Client credential (Client ID, Client Secret and Tenant ID) to authenticate and generate token and using token to make the next actions like create, or update or delete events.
  • As of now Using this token I am able to access all the events of all the users in my Azure AD
  • But I want this access to be restricted to only the Users which are Rooms and should not be able to get the data of Users which are not Rooms
  • And also In future if we add any User or any Room this should apply to those as well
Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 124.7K Reputation points MVP Volunteer Moderator
    2022-12-16T08:30:39.153+00:00

    Have you gone over the official documentation on setting up an application access policy? https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access
    The process is fairly straightforward, and you can also use the Test-ApplicationAccessPolicy to verify the expected results. Let us know if you run into any specific issue.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.