How can you limit which tenant authentication is allowed for with an Azure Static Web App?

Josh Donner 41 Reputation points

We have an Azure static web application that we want to limit access to based on the Azure tenant. Anyone not in the tenant shouldn't be able to access the site. I have followed this guide:

No matter what I try, any valid Microsoft Entra ID login allows access, even if they are not associated with the tenant configured.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
17,473 questions
0 comments No comments
{count} votes

Accepted answer
  1. Konstantinos Passadis 13,446 Reputation points

    Hello @Josh Donner !

    I suppose you have selected Standard Plan for your Static Apps right ?

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!


    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. James Hamil 18,866 Reputation points Microsoft Employee

    Hi @Josh Donner , you can configure a custom Azure Active Directory (Azure AD) provider. The pre-configured Azure AD provider allows any Microsoft account to sign in, but by configuring a custom Azure AD provider, you can restrict sign-in to a specific Azure AD tenant.

    Here's an example of how to configure a custom Azure AD provider in the staticwebapp.config.json file:

      "auth": {
        "identityProviders": {
          "azureActiveDirectory": {
            "registration": {
              "openIdIssuer": "<TENANT_ID>/v2.0",
              "clientIdSettingName": "AZURE_CLIENT_ID",
              "clientSecretSettingName": "AZURE_CLIENT_SECRET"

    Make sure to replace <TENANT_ID> with your Azure Active Directory tenant ID.

    Additionally, ensure that you have created the appropriate application settings for AZURE_CLIENT_ID and AZURE_CLIENT_SECRET.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,