Every user has access to all applications in an organisation

By default, it seems that with every registration, the registering user gets access to every application in the organisation because of the group “Everyone”. Is there a method of scoping each registration to the specific app?

Are you talking about Self Service Registration or your own custom registration flow? For Self Service Registration there is an Assign to group setting where you can specify the group of your choice and then you can just assign that group to the app of your choice.

I’m using the dotnet core api to register.

When registering, a client id is given. I would presume that this would create a user that is scoped to that application? That doesn’t seem to be the case?

Are using this API endpoint to create the user and assign them to a specific group.

Users are automatically added to the Everyone group when created so you might also want to make sure that the Everyone group is not assigned to your app.

Ahh so it’s because of the everyone group? I didn’t realise that was attached to the app itself. That makes sense.