Allow AAD multi-tenant Apps using App Service Authentication and Authorization
Allow Azure Active Directory (AAD) multi-tenant Apps using App Service Authentication and Authorization.
After on-boarding a tenant with a multi tenant AAD App (Client), the tenant is not able to login to protected Web/Api Apps on App Services.
The ClientId used is the same in AAD Multitenant App.
The STS url is/can only be configured for the App/Client primary tenant GUID.
There are no options to enable-multi tenant STS on App Service Authentication and authorization interface.
Leaving this under review for now to see if there is more user support for development.
G. van den Heuvel commented
Agree. It should be possible to create an ApiApp and allow it to be called by multiple customers that each will have their own AD.
Omid Tansaz commented
Using OWIN middleware we already have similar Apps working on Azure WebApps. It would me more convenient to have App Services handle all this.