You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -96,7 +96,7 @@ To restrict who can sign in to your application, use one of the options:
96
96
97
97
You can restrict sign-in access for your application to only user accounts that are in a single Azure AD tenant - including *guest accounts* of that tenant. This scenario is a common for *line-of-business applications*:
98
98
99
-
1. In the **web.config** file of your **TodoListService**, change the value for the `Tenant` parameter from `Common` to the tenant name of the organization, such as `contoso.onmicrosoft.com`.
99
+
1. In the **web.config** file of your **TodoListService**, change the value for the `Tenant` parameter from `Common` to the tenant name of the organization, such as `contoso.onmicrosoft.com` or the *Tenant Id*.
100
100
2. In your [OWIN Startup class](#configure-the-authentication-pipeline), set the `ValidateIssuer` argument to `true`.
101
101
102
102
### Option 2: Restrict access to a list of known organizations
@@ -108,15 +108,15 @@ You can restrict sign-in access to only user accounts that are in an Azure AD or
108
108
109
109
### Option 3: Restrict the categories of users that can sign-in to your application
110
110
111
-
This scenario is a common for *SaaS* applications that are focused only on either consumers or organizations, therefore want to block accepting either personal accounts or work or school accounts.
111
+
This scenario is a common for *SaaS* applications that are focused on either consumers or organizations, therefore want to block accepting either personal accounts or work or school accounts.
112
112
113
113
1. In the **web.config** file of your **TodoListService**, use on of the values below for `Tenant` parameter:
114
114
115
115
Value | Description
116
116
----- | --------
117
-
`common` | users can sign in with any Work and School account, or Microsoft Personal account
118
-
`organizations` | users can sign in with any Work and School account
119
-
`consumers` | users can sign in with a Microsoft Personal account
117
+
`common` | Users can sign in with any Work and School account, or Microsoft Personal account
118
+
`organizations` | Users can sign in with any Work and School account
119
+
`consumers` | Users can sign in with a Microsoft Personal account
120
120
121
121
> Note: the values above are not considered a *tenant*, but a *convention* to restrict certain categories of users
0 commit comments