Is there a way to detect and monitor that a service principal is only being used from a specific set of IP addresses? I do not want to IP restrict my entire directory. I have premium AAD and I think it has features that I might be able to utilized but I cannot do much testing. I’m currently struggling on how to detect if a SP has been jeopardized and how to prevent it.
1 Answers
0
votes
If you want to use IP as conditions for the user to sign-in, you could use Conditional Access to make it. But the Conditional Access is used for the entire tenant.
And the features of Azure Active Directory Premium includes:
- Company branding
- Group-based application access
- Self-service password reset
- Self-service group management
- Advanced security reports and alerts
- Multi-Factor Authentication
- Forefront Identity Manager (FIM)
- Enterprise SLA of 99.9%
For the details, please read here.
