App is allowing access even if user is not assigned

Question

App is allowing access even if user is not assigned

Closed this issue 10 years ago · 3 comments

I configured the application following the tutorial and added a new user to the directory. If I go to the Application in the Azure portal and go to the Users section, I see the user I added to the directory and the Assigned status is set to No, but I am still able to sign in with this user and access the application. What is the purpose of the Assigned flag if it does not prevent them from accessing the app?

Answer 1 · 2015-01-22T18:47:20.000Z

Currently, the assigned flag will put the app onto the user's access panel. It does not block who can access the application - this is functionality we are working on.

Answer 2 · 2015-01-22T18:49:57.000Z

Hi Stuart. Thanks for responding.
So if I am understanding correctly, right now any authorization rules need to be handled on a per application basis? It cannot be controlled via the directory?

Answer 3 · 2015-01-22T19:32:53.000Z

That's correct - you must handle authorization in your application right now.