Identity provider question - can I limit use of it on a per app basis?

Komoroske, Gina 371 Reputation points

This may seem like a no brainer for some, but I really am not sure because I don't create apps in Azure. But the question is in our B2C tenant, under the Identity Provider section, if I configure Google as an identity provider, can I limit the user of this Google Identity Provider to certain apps that I register in that B2C tenant? OR if I configure Google as an Identity Provider in my B2C tenant, does that leave "the door open" for all apps registered in that B2C tenant to be able to use Google as an Identity Provider? Or can I limit its use on a per app basis?

Thanks in advance for any insight!

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,759 questions
0 comments No comments
{count} votes

Accepted answer
  1. FrankHu-MSFT 976 Reputation points

    Hello Gina,

    Yes you can, you do this by utilizing the permissions and scopes blade for the AAD B2C Application Registration blade. More information on this can be found here :

    If you haven't configured any permissions or scopes in your AAD B2C Application then you won't be able to access anythign that's validating the access token for permissions. For more information on how the permissions/scopes work see here :

0 additional answers

Sort by: Most helpful