< Previous Challenge - Home - Next Challenge >
After enabling the external identities, you thought about controlling which users can authenticate to the Web Application.
In the previous challenge you successfully enable external identities. You are now investigating how to control which users can log into your application.
Currently, all internal or external users invited to the Tenant can sign in, but you realize that more control is needed for the users who have access to the application.
You should allow access to the application only for “HomeUserA” and “ExternalUserA”.
- Demonstrate that you can login with HomeUserA account in your web application.
- Demonstrate that you can login with ExternalUserA account in your web application.
- Demonstrate that you can NOT login with HomeUserB account in your web application.
You can limit the logins by using incognito mode and private browsing by logging in with different user accounts.
In the Enterprise Application assignments, it is recommended to add group assignments instead of direct user assignments.
Configure enterprise application properties
Quickstart: Create and assign a user account - Microsoft Entra | Microsoft Docs