Hello @Josh Donner !
I suppose you have selected Standard Plan for your Static Apps right ?
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We have an Azure static web application that we want to limit access to based on the Azure tenant. Anyone not in the tenant shouldn't be able to access the site. I have followed this guide:
https://anthonychu.ca/post/static-web-apps-restrict-aad-users/
No matter what I try, any valid Microsoft Entra ID login allows access, even if they are not associated with the tenant configured.
Hello @Josh Donner !
I suppose you have selected Standard Plan for your Static Apps right ?
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards
Hi @Josh Donner , you can configure a custom Azure Active Directory (Azure AD) provider. The pre-configured Azure AD provider allows any Microsoft account to sign in, but by configuring a custom Azure AD provider, you can restrict sign-in to a specific Azure AD tenant.
Here's an example of how to configure a custom Azure AD provider in the staticwebapp.config.json
file:
{
"auth": {
"identityProviders": {
"azureActiveDirectory": {
"registration": {
"openIdIssuer": "https://login.microsoftonline.com/<TENANT_ID>/v2.0",
"clientIdSettingName": "AZURE_CLIENT_ID",
"clientSecretSettingName": "AZURE_CLIENT_SECRET"
}
}
}
}
}
Make sure to replace <TENANT_ID>
with your Azure Active Directory tenant ID.
Additionally, ensure that you have created the appropriate application settings for AZURE_CLIENT_ID
and AZURE_CLIENT_SECRET
.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James