Hi Mark,
Authentication is always performed against the customer's Entra ID organization. Each tenant uses the pre-approved application (and its permissions) stored in the Service Provider tenant.
Once authentication is successful, the restore portal grants users access to their own backups, or, in the case of a Restore Operator, to other backups they have been granted access to.
The Entra ID application itself requires only two permissions, which do not allow the customer to access any production data in the Service Provider tenant, nor the Service Provider to access any production data in the customer tenant.
Best,
Fabian
Authentication is always performed against the customer's Entra ID organization. Each tenant uses the pre-approved application (and its permissions) stored in the Service Provider tenant.
Once authentication is successful, the restore portal grants users access to their own backups, or, in the case of a Restore Operator, to other backups they have been granted access to.
The Entra ID application itself requires only two permissions, which do not allow the customer to access any production data in the Service Provider tenant, nor the Service Provider to access any production data in the customer tenant.
Best,
Fabian
Statistics: Posted by Mildur — Sep 09, 2025 9:40 am
