Allow Azure enterprise application to access information only for selected users, don’t want all other users to access the applications, usually, all the on-premise and cloud users can access the Applications registered in your Azure AD tenant, how we can prevent this?
How to restrict the users application access:
- Login to Portal.azure.com with Global Admin access
- Select Enterprise Applications
- Search the Application you want to configure
- And Select Properties, on the application page
- You can see the “User assignment required” on the right-side console
- Select “Yes”
- Select “Save”
This will enforce only assigned users can able to access the applications, access can also be configured for Groups
Also Read: How to Move or Migrate On-Premises AD Account between Domain/Forest without losing the Azure AD Data
How to assign permission to Users and Groups for Application Access:
- Login to Portal.azure.com with Global Admin access
- Select Enterprise Applications
- Search the Application you want to configure
- And Select “Users & Groups”, on the application page
- Click “Add Users” and select the Users or Groups who want to access the application which will assign the required permissions
- see the “Assign”
Note: This setting might not work for all the applications, as this setting only available on the Azure enterprise application and not for App registration
Other Azure AD Topics
Related posts:
Force Active Directory Sync through Azure AD Connect to Office 365/Azure with console and Powershell Commands
Can we deploy an On-Premises AD, and synchronize all the already created accounts from Office365/Azure AD to On-Premises AD?
Do you believe Passwordless authentication is suitable for you?
Different Types of Azure AD Device Join/Registered
How to Re-enable device accidentally disabled by the user
