![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 43%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESZ%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,128 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Siqing Zheng ,
You can apply inbound or outbound access settings to grant or block access to specific resources or users.
As mentioned in the article, the same multitenant application can be used to access keys in any number of tenants. Each tenant has its own instance of the application with a separate object ID, and each instance would be authorized independently. If the tenant is not authorized to access the resources in the other tenants, it will not be able to access them. https://learn.microsoft.com/en-us/entra/external-id/cross-tenant-access-overview
You can also apply conditional access policies to further protect the resources . https://techcommunity.microsoft.com/t5/microsoft-entra-blog/cross-tenant-access-settings-for-secure-collaboration-now/ba-p/3575844