Limit people-picker results in Wizdom on Office 365
To meet a business requirement where it is necessary to limit the results returned to the user via features based on the people-picker control in Wizdom, a change to the product was introduced in Spring 2018, that makes it possible to limit the scope of people to select/show specific Office 365 groups.
This is applied to a solution by adding a new app setting on the web app in Azure. By adding the value ADGroupPrefix in the App Settings, the people-picker will be able to select identities from only the selected Azure AD Organizational Units. This will limit Wizdom to only retrieve results from these specific pre-configured groups. Read more about adding a new app setting on the web app in Azure here.
Wizdom uses its internal database to store a subset of the user details (displayname, loginname and email). Wizdom uses this for audience targeting and permissions when using Wizdom modules like Noticeboard, Mega Menu etc. To find the groups available Wizdom uses the graph API, where permissions to the Azure AD have been granted by installing the Wizdom AD App in Azure AD. The change applied to the product is allowing a prefix filter on the query against Azure AD, to limit the results returned to the users, and therefore limiting the possibility for the user to select people/groups that are not supposed to be selected and stored in the Wizdom database.
Please see the graph below.
Brief procedure description:
- Add applications settings to your Azure website.
- AppSettings key names should be “ADGroupPrefix” and/or “ADUserDomainSuffix”.
- Both supports multiple values separated by semi-colon or comma or pipe.
Description and example on how to apply this is available in Appendix to the Wizdom Installation Guide.