EntraAnalyzer
Low

Multi-tenant applications

Flags apps configured to accept sign-ins from other tenants

Category
Application Security
Default severity
Low
Rule key
CHECK_MULTI_TENANT_APPS
Last updated

How to fix it

Verify multi-tenant configuration is intentional.

Required Microsoft Graph permissions

EntraAnalyzer needs the following read-only Graph permissions to evaluate this rule:

  • Directory.Read.All

Further reading

Search Microsoft Learn for related guidance →

Run this check on your tenant

EntraAnalyzer evaluates this rule automatically on every scan and emails you the results.

Get started — free first scan →