skip to Main Content

Restrict access to Azure AD administration portal

Why do users have access to Azure AD administration portal? You only want administrators to have access and restrict users to access Azure portal. It’s not relevant for standard users to have access. Is there a way to disable user access to the Azure AD portal? Yes, there is. In this article, we will look at how to restrict access to Azure AD administration portal.

User access to Azure AD administration portal

Sign in to Azure portal as a user. In our example, we will sign in as the user Alison Bell. Click on Menu > Azure Active Directory.

Azure Active Directory

In the Overview screen, the user can see the Azure Active Directory information.

Restrict access to Azure AD administration portal Overview

Click in the menu on Users and Groups.

Restrict access to Azure AD administration portal Users and Groups

In the All users section, all the users are visible to the user.

Restrict access to Azure AD administration portal All users

Also, all the groups are visible to the user.

Restrict access to Azure AD administration portal All groups

Click in the menu on Roles and administrators. Verify the role of the user. In our case, it’s the role User. Click on Your Role.

Restrict access to Azure AD administration portal Roles and administrators

The user does not have directory roles assigned.

Restrict access to Azure AD administration portal Assigned Roles

In the next step, we will look at restricting users from accessing the Azure AD administration portal.

Restrict access to Azure AD administration portal

Sign in to Azure portal as a Global Administrator. Click on the Menu and select Azure Active Directory.

Azure Active Directory

Click in the menu on User settings. Click under Administration portal > Restrict access to Azure AD administration portal on Yes. Click Save.

Setting the option Restrict access to Azure AD administration portal to Yes restricts all non-administrators from accessing any Azure AD data in the administration portal.

Restrict access to Azure AD administration portal enable

You may need to give the setting a couple of minutes to apply the changes.

Verify no access to Azure AD administration portal

Go back to the user account, refresh the page, or sign in again to the Azure portal. Navigate to Azure Active Directory. You will see a No access message.

Restrict access to Azure AD administration portal no access

That’s it!

Read more: Install and configure Azure AD Connect »

Conclusion

In this article, we showed how to restrict access to Azure AD administration portal. By default, the option to restrict access to Azure AD portal is set to No. But, we do recommend setting it to Yes and restrict user access to Azure AD for non-administrator accounts.

The next time you manage an Azure tenant or create a new Azure tenant, check the restrict access to Azure AD administration portal setting in the Azure AD portal and make sure to turn it on.

Did you enjoy this article? You may also like Office 365 disable stay signed in prompt. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *