Forum Discussion
Authentication from multiple, but certain, tenants to OAuth apps
Got an SPA App and Api I'm using MSAL for authentication. The endusers come from a limited set, but not a singular, tenant. Since for the application authentication I can only select a single tenant...
Either create separate apps/service principals for each tenant as needed, or use a multi-tenant app. While there is no way to restrict the latter to specific tenants, each tenant will have to consent to the app before they can use it, which in turn allows you to have a say in the provisioning process. Or you can simply hardcode the list of "allowed" tenant IDs within your app.
