Guest User Access to our own Azure Web App

John Doe 16 Reputation points


we have create an web app with Azure Active Directory as authentication provider. Members of the Tenant can loging using their work account. Now we would like to give also Guest users access. What is the best approach for this?



P.S. Currently we are facting this issue:

In our current Data Model, each Tenant has his own DB in our DB Server. When a User connects to our APIs we open a connection to the User's Tenant DB. In this particular case, the User is requesting a Resource which lies outside of his own Tenant DB, but he should have access to it since he is a Guest User there (in Azure AD).

Implementation Requirements:

  • Find a Microsoft API, with which we can query for all the Tenants where the User is registered as Guest User.
  • Change our Data Model to support Multi-Tenant Users:
  • In our TenantRegistryDB add a Table to link Users to their non-primary Tenants. (ie GuestUserTenant)
  • Populate this Table with the initial data.
  • Adapt our code in the WebApp and the Allocatus API:
  • For each request, connect with multiple Tenants (primary and guest).
  • Resources would then need to be queried across all these Tenants
  • Front-end needs to be adjusted to reflect to which Tenant different resources (such as a Project) belong to.
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,319 questions
Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
839 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,458 questions
{count} vote