Authorize App Service With Two Separate Azure Accounts

Ben Meyers 1 Reputation point
2020-11-18T14:45:58.707+00:00

I currently have a .Net app service hosted in Azure. I've set this up as a registered app and used openid to authorize users. This works great. I've been tasked with allowing another company to authorize and use the app. This is a subsidiary which has a separate Azure account and separate Azure AD. Is this possible by using OpenId? Is there any documentation?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,664 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 36,611 Reputation points Microsoft Employee
    2020-11-18T23:56:08.133+00:00

    @Ben Meyers
    Thank you for your post! From my understanding, if you're making your application available to users in multiple directories, you need to provide a common authentication endpoint where any multitenant application can direct sign-in requests, instead of a tenant-specific endpoint. This endpoint is https://login.microsoftonline.com/common for all directories in Azure AD. A tenant-specific endpoint might be https://login.microsoftonline.com/contoso.onmicrosoft.com.

    Authenticate using Azure AD and OpenID Connect
    Multitenant application

    I hope this helps! If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.