App Registration in Azure AD for different enviroments---Best practices
I am looking for best practices for registering App in Azure AD for different environments like DEV, TEST, UAT and PROD
I have an PROD subscription and non PROD subscription both of which are tied to our Corporate Azure AD Now to have an application in different environments and have Corporate users have access to it during Development as well has end users, what are the best practices?
I am thinking of creating of Directories for different envs and then have the app registration in each of these directory and add corporate users as guest users to this. So app registration is in this Directory while the workloads are in the Corporate Directory
Is it a good practice?
I have confirmed with Azure support engineer that we can not restrict users to access the apps, the apps will be visible to all users. But only the owners and admin can edit the apps.
If the user is not the owner of the app(also not the admin), he/she will be unable to edit the app.
