Connect App in Azure with Azure AD in a different tenant

0
votes

We have a static website in Storage account with BE in Function App.

We would like to use Azure AD for authentication.

When I register app, I can see 2 options:

Who can use this application or access this API?

  • Accounts in this organizational directory only (Single tenant)
  • Accounts in any organizational directory (Any Azure AD directory - Multitenant)

Issue is that Azure AD we would like to authenticate against is in different tenant. So we want something in between Any Azure AD and THIS Azure AD.

Is there a way to achieve that?

1
azureazure-active-directory

1 Answers

1
votes

Register the app in the different tenant directly with the Single tenant option. The fact that the app is hosted in a subscription linked to another tenant does not matter.

You'll need someone who has a user account in the other tenant to register the app in that tenant or they need to give your user access there.

You can switch the tenant that you are looking at in Azure portal from the top-right. Click your username -> Switch directory -> Select the tenant from the list.