web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages / Limit Portal Azure Act...
Power Pages
Unanswered

Limit Portal Azure Active Directory authentication to our own tenant

(0) ShareShare
ReportReport
Posted on by Jinseng 11

I've inherited a Power Apps Portal with the Azure Active Directory Identity provider enabled.  We want users from our own AAD tenant to be able to authenticate, but not users from any other AAD tenant.  Right now, anyone can enter in credentials from any AAD tenant and get into the portal to register their user.

 

For more context here's the current login flow: User goes to site.powerappsportals.com, clicks on Sign In, Clicks on the "Azure AD" sign in button.  They're brought to our Tenant's AAD sign in screen (it has our background image), and they can enter in any AAD tenant account and authenticate.

 

Thanks for any thoughts on how to limit this to our own tenant.

Categories:
Power Apps portals
I have the same question (0)
  • ManirajKV Profile Picture
    ManirajKV 43 on at

    @Jinseng how do you like to restrict with examples? it will help us to understand your requirement.  @ragavanrajan 

     

    Hope this post helps! 

     

     If you like this post, give a "Thumbs up". Where it solved your request, Mark it as a "Solution" to help other users to find it. 

     

    Many Thanks! 

     

    Maniraj.

     

    Connect Me: LinkedIn

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    You should actually get the below message when trying to sign-in via a different Azure domain.

    OliverRodrigues_0-1611310050334.png

    by any chance did you setup any trust (B2B) between these Azure Tenants?

  • Jinseng Profile Picture
    Jinseng 11 on at

    All,

     

    I'll call our AAD Tenant MyCompany.com.  The portal is being used as an internal HelpDesk ticket creation and tracking tool.  Employees of MyCompany.com sign in with their AAD credentials, add some information to their profile, and then create and track Internal IT helpdesk tickets.  Filling out a profile creates a Contact in CE that all their cases are connected to.

     

    We thought that login was restricted to just MyCompany.com since we never set up any B2B authentication.  But we tested again recently with OtherCompany.com, ThirdCompany.com, BobsCompany.com and all are able to authenticate and create a profile.

     

    The only identity provider enabled is Azure Active Directory.  I feel like there must be a simple setting somewhere and it was missed or misconfigured, but I haven't worked with this before so I'm not sure where to look.

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    Silly question but are you sure they are signing in using the Azure AD option? or are they clicking on the Register tab/button and writing a username/pwd?

  • Jinseng Profile Picture
    Jinseng 11 on at

    I wish it were that simple.  I'm trying it myself and seeing the behavior (I have access to multiple AAD logins in different tenants).

     

    2021-01-22 12_26_55-Document1 - Word.png

  • Verified answer
    ragavanrajan Profile Picture
    ragavanrajan 7,044 Most Valuable Professional on at

    Hi @Jinseng , 

     

          When you create a power apps portal it register the application in "Azure App Registrations"  as a "CRM Portals" 

     

    1. Login to https://portal.azure.com/ 

    2. Choose App Registrations > Owned Applications > You can see the CRM portals if you have created it. 

    ragavanrajan_0-1611364769786.png

    3.  Click on the relevant portal registration 

    4. Under Authentication > Supported Account types> Make sure the first option is selected ( Single tenant only) 

     

    ragavanrajan_1-1611364904734.png

     

    5.  Once this option is enabled > You need to clear the cache by going in to the following URL: 

     

    https://Yourportal.powerappsportals.com/_services/about  ( as a Admin ) 

     

    6. In portal studio > Do the sync configuration. 

     

    and finally make sure you have not added any of the domain you mentioned as guest users in Azure AD. May be please have a look at my below post. 

     

    https://powerusers.microsoft.com/t5/Power-Apps-Portals/External-Azure-Active-Directory-Enabled-but-not-Working-Portal/m-p/760919#M4981 

     

    PS: If so remove all the external domain users from Guest and re do the steps from 1 to 5. 

     

    Hope it helps. 

    ------------

    If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

  • Jinseng Profile Picture
    Jinseng 11 on at

    I'm going to test with a coworker, but I think we're on to something.  I'll report back.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
Jerry-IN Profile Picture

Jerry-IN 71

#2
Fubar Profile Picture

Fubar 62 Super User 2025 Season 2

#3
sannavajjala87 Profile Picture

sannavajjala87 31

Last 30 days Overall leaderboard

Featured topics

Solution to LinkedIn Authentication in Power Apps Portals
Welcome to the Power Pages forum!

Product updates

Microsoft Power Platform Community release plans