I build an application with Azure directory.
I created an apps here:
https://apps.dev.microsoft.com
The problem is: all people can connect to my application with a microsoft account.
it is possible, because the application is in Active Directory, to prevent anyone to connect on my application except people in my active directory?
I tried many apps like active-directory from magium and other that use active directory with Azure graph API.
should I put a validation after
$entity = $ad->authenticate();
I work with PHP.
Anyone Know I can fixed it ?
Update
Authorization url:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?state=..&scope=..&response_type=code&approval_prompt=auto&client_id=&redirect_uri=...
Please replace common in your sign-in URI with the name of your Azure AD (e.g company.onmicrosoft.com). So part of your sign-in URI would be:
https://login.microsoftonline.com/{company.onmicrosoft.com}/oauth2/v2.0/authorize?...rest...
This would ensure that only users from your Azure AD will be able to sign in. You can read more about the endpoints in Azure AD v2 here: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols#endpoints.