In my React site, using Microsoft SSO, how do I protect log-ins to only our company?

mdodge 21 Reputation points
2023-11-08T15:50:40.8933333+00:00

I am building a React web app that allows our users to log in with their Microsoft work accounts. As it stands now, anyone with a Microsoft account would be able to log into our test site I have out there. What is the best practice for protecting logins to only your company? My first guess is to check the email domain. If it is not '@company.org', do not allow them in. I'm wondering if there is a better way. I'm also wondering if there is a way to prevent log in right at the top where they actually click their Microsoft account and type in their password? I'm sure I could figure out how to manually check their email domain and then load up my app if it is valid otherwise display an unauthorized message.

Also, I could not find any tags that matched closely to my question.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,174 questions
0 comments No comments
{count} votes