Identity and Access Control

Partners with Staff - With Existing Identity Provider

Leveraging Azure Active Directory B2B Direct Federation allowing the partner to leverage their existing IDP to manage employee's access to and roles granted within the application.

Administrators of Partners will log in using the MSAL configuration "admin consent" - Direct Administrators to this document to understand how to configure an application to require user assignment otherwise the app will be available to all staff in the organization.

SCIM

SCIM Decision Tree

Resources:

Microsoft's Multi-tenant SAAS Sample
Handling multiple issuers
Tenant Signup Documentation - Admin Consent
MultiTentant Highlevel docs
Requesting Admin Consent with React
OIDC / SCIM projects
- Janssen Project (by Glluu)

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant

PreviousTechnical Architecture NextGoogle Analytics

Last updated 3 years ago