question

AgatSaaS-6528 avatar image
0 Votes"
AgatSaaS-6528 asked MarileeTurscak-MSFT answered

How can I make the multi tenant app secured

Hello Everyone,

We want to use the multitenant app so our customers wouldn't have to configure them on their own, thus saving us time.

Each customer will have its own administration site (each URI is listed in the Redirect URI section) and secret.
I have noticed that the secrets and the URIs and not linked to each other meaning one customer can gain access to other customer resources.

How can we make secure?

Thank you,

azure-active-directoryazure-webapps
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @AgatSaaS-6258, I'm not exactly sure how your application is architected. Have you ever considered certificate based authentication? This blog post goes over some the brief details of it.


0 Votes 0 ·

I am only the one deploying the app. As far as I understand we use the secret in order to authenticate into the app
I am assuming we'll need to change the code to support this type of configuration.
I am trying to avoid this at the moment.

0 Votes 0 ·

Are you referring to using Azure AD EasyAuth @AgatSaaS-6258? If so, then utilize claims principals to restrict access to certain areas and data. But without further elaboration on how your application is setup, we can't be much help.

0 Votes 0 ·

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Hi Agat,

Check out this document:

https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/

It goes over some of the security considerations you will need to consider.

You can store secrets in Key Vault for better security, enabling you to safeguard cryptographic keys and other secrets used by cloud apps and services

https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/web-api
https://github.com/uglide/azure-content/blob/master/articles/guidance/guidance-multitenant-identity-keyvault.md

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.