- ALM used: Azure DevOps
- CI system used: Azure DevOps
- Scanner command used when applicable: n/a
- Languages of the repository: n/a
- Steps to reproduce:
- Login to organisation as an owner
- Go to the Members tab
- Click ‘Add a member’
- Search users by login or name (we would like to limit users to the organisation’s domain name)
- Potential workaround: unknown
Hi, we are an organisation with 100s of developers. We are using Azure DevOps and Azure Cloud so developers already have an Azure DevOps login which is linked to our AAD identity server. A risk has been identified with the SonarCloud platform given that users from outside our domain can be accidently added to the organisation. For example if John Doe has a personal GitHub account and an Azure DevOps account linked to the organisation’s domain, then it is possible that the wrong account is added as an organisation member. Our security architect have asked us to restrict members of the organisation to users who have been authentcated via our AAD identity provider. However, I cannot see how this is possible.
Can you please advise if there is a solution that will satisfy our security requirements?