Share via

Questions about tenants and SSO

Kejji, Adam 41 Reputation points
2022-08-22T12:16:09.857+00:00

Hello everyone,

I have some questions regarding architecture with multiple tenants.
When we use a trust relation to an Active Directory that is synchronized with Azure AD. Are the users in the trusted domain going to be considered as guests for the apps of the tenant or they are going to be considered as normal users ?
i saw in some articles that using different tenants with the same domain is not supported. Is it the case ? Is it possible to have an alias with the domain name ?
I saw that seamless SSO is not supported in the case of different tenants linked to one AD but is SSO in the cloud supported for different tenants ?
If a custom application got registered in a tenant can users from a different tenant authenticate to the app ? Can another member of a tenant considered as a guest for some application in another tenant ?
Is there any limitation on using SSO with apps in the cloud with mutli-tenant ?

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Microsoft Security | Microsoft Entra | Microsoft Entra ID

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,496 Reputation points
    2022-08-22T14:18:15.453+00:00

    Hi,

    Thank you for asking this question on the Microsoft Q&A Platform.

    There are multiple ways to approach this but it depends upon your flexibility in using the apps and where they are hosted, can I suggest that you review this article and it provides detailed architectural of the multi-tenant solution.

    multi-tenant-common-solutions

    And for the multi tenant user management please review this:
    multi-tenant-user-management-introduction

    ===
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments
  2. Limitless Technology 39,926 Reputation points
    2022-08-23T07:34:50.047+00:00

    Hello there,

    -Single-tenant apps are only available in the tenant they were registered in, also known as their home tenant.
    -Multi-tenant apps are available to users in both their home tenant and other tenants.

    In the Azure portal, you can configure your app to be single-tenant or multi-tenant by setting the audience

    Tenancy in Azure Active Directory https://learn.microsoft.com/en-us/azure/active-directory/develop/single-and-multi-tenant-apps

    -----------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.