- authenticate users on a specific Azure AD (and only that AD - I don't want to allow everyone with a microsoft account to log in to my Moodle)
- import users from that Azure AD as an automated task
Is there any way of doing that at present?
The Office 365 plugins seem to do this but they require you to have access to an Office 365 account on that Azure AD with admin privileges. This seems like overkill and a security risk - I only want to read the directory to enable authentication and import users, I don't need/want the option to write back to the Azure AD.