You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/develop/howto-modify-supported-accounts.md
+13-10Lines changed: 13 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,10 +9,10 @@ ms.service: active-directory
9
9
ms.subservice: develop
10
10
ms.topic: how-to
11
11
ms.workload: identity
12
-
ms.date: 11/15/2020
12
+
ms.date: 11/02/2022
13
13
ms.author: ryanwi
14
14
ms.custom: aaddev
15
-
ms.reviewer: marsma, aragra, lenalepa, sureshja
15
+
ms.reviewer: aragra, sureshja
16
16
# Customer intent: As an application developer, I need to know how to modify which account types can sign in to or access my application or API.
17
17
---
18
18
@@ -33,14 +33,17 @@ To specify a different setting for the account types supported by an existing ap
33
33
1. Sign in to the <ahref="https://portal.azure.com/"target="_blank">Azure portal</a>.
34
34
1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which the app is registered.
35
35
1. Search for and select **Azure Active Directory**.
36
-
1. Under **Manage**, select **App registrations**, then select your application.
37
-
1. Now, specify who can use the application, sometimes referred to as the *sign-in audience*.
38
-
39
-
| Supported account types | Description |
40
-
|-------------------------|-------------|
41
-
|**Accounts in this organizational directory only**| Select this option if you're building an application for use only by users (or guests) in *your* tenant.<br><br>Often called a *line-of-business* (LOB) application, this is a **single-tenant** application in the Microsoft identity platform. |
42
-
|**Accounts in any organizational directory**| Select this option if you'd like users in *any* Azure AD tenant to be able to use your application. This option is appropriate if, for example, you're building a software-as-a-service (SaaS) application that you intend to provide to multiple organizations.<br><br>This is known as a **multi-tenant** application in the Microsoft identity platform. |
43
-
1. Select **Save**.
36
+
1. Under **Manage**, select **App registrations**, select your application, and then select **Manifest** to use the manifest editor.
37
+
1. Download the manifest JSON file locally.
38
+
1. Now, specify who can use the application, sometimes referred to as the *sign-in audience*. Find the *signInAudience* property in the manifest JSON file and set it to one of the following property values:
39
+
40
+
| Property value | Supported account types | Description |
|**AzureADMyOrg**| Accounts in this organizational directory only (Microsoft only - Single tenant) |All user and guest accounts in your directory can use your application or API. Use this option if your target audience is internal to your organization. |
43
+
|**AzureADMultipleOrgs**| Accounts in any organizational directory (Any Azure AD directory - Multitenant) | All users with a work or school account from Microsoft can use your application or API. This includes schools and businesses that use Office 365. Use this option if your target audience is business or educational customers and to enable multitenancy. |
44
+
|**AzureADandPersonalMicrosoftAccount**| Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) | All users with a work or school, or personal Microsoft account can use your application or API. It includes schools and businesses that use Office 365 as well as personal accounts that are used to sign in to services like Xbox and Skype. Use this option to target the widest set of Microsoft identities and to enable multitenancy.|
45
+
|**PersonalMicrosoftAccount**| Personal Microsoft accounts only | Personal accounts that are used to sign in to services like Xbox and Skype. Use this option to target the widest set of Microsoft identities.|
46
+
1. Save your changes to the JSON file locally, then select **Upload** in the manifest editor to upload the updated manifest JSON file.
0 commit comments