Share via

Identity provider question - can I limit use of it on a per app basis?

Komoroske, Gina 386 Reputation points
2020-01-17T17:19:03.41+00:00

This may seem like a no brainer for some, but I really am not sure because I don't create apps in Azure. But the question is in our B2C tenant, under the Identity Provider section, if I configure Google as an identity provider, can I limit the user of this Google Identity Provider to certain apps that I register in that B2C tenant? OR if I configure Google as an Identity Provider in my B2C tenant, does that leave "the door open" for all apps registered in that B2C tenant to be able to use Google as an Identity Provider? Or can I limit its use on a per app basis?

Thanks in advance for any insight!
Gina

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments
Answer accepted by question author
  1. FrankHu-MSFT 976 Reputation points
    2020-01-18T03:46:11.503+00:00

    Hello Gina,

    Yes you can, you do this by utilizing the permissions and scopes blade for the AAD B2C Application Registration blade. More information on this can be found here :

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-apps

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-native-application?tabs=applications

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-web-application?tabs=applications

    If you haven't configured any permissions or scopes in your AAD B2C Application then you won't be able to access anythign that's validating the access token for permissions. For more information on how the permissions/scopes work see here : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.