For Azure DevOps and organizations, only allow members from certain tenant

Using SonarCloud, and everyone in our company using Azure Active Directory, I still have to make sure I add the correct members to the organization. And once a member is added, how can I be assured they are from our organization?
So I would like to be able to register the AAD with our organization, and then only allow me to select SonarCloud users based on this AAD. That way from a compliancy perspective our organization is a lot safer.