You have to do this in code, the settings above do not apply to this scenario. If you are not planning to publish your app to the Marketplace, the only way other organizations will be able to add it is by knowing the clientID, but if you want to put some restrictions in place, you have to address this in your code indeed.
How can I restrict tenant access to a multi-tenant app registration?
Springnutts
0
Reputation points
Hi,
I have a multi tenant app registration which I would like to restrict access to certain tenants, what is the best way to achieve this?
I have looked at the Cross-Tenant Access Settings and changed the inbound access and tenant restrictions to be blocked by default but I am still able to authenticate using SSO?
Are these settings unrelated?
Do I have to do this in my code by inspecting the incoming tenant id (tid in Id Token?) or by managing a set of valid issuers elsewhere? I'm looking to set up this integration in php (currently using the jumbojett library).
Thanks!