Hi @Agung ,
Thanks for reaching out.
To restrict users/groups to access your application, then you can use "Assignment required" setting which allow you to further lock down access to the application and let only specified users and applications obtain access tokens.
If this option is set to Yes, then users and other applications or services must first be assigned this application before being able to access it.
Any un-assigned users try to access the application will get below error:
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.