Setup App role in Enterprise App in Azure AD

I actually tried to figure out the how-to from this article Application roles.

1. Go to Azure Active Directory > App Registrations


For step 5, some tips/rules to follow.

  • The displayName and value must be in one word, no space is allowed. I learn in hard way.
  • The id can be generated using this Online GUID generator
  • Also, in order to support multiple group assignment, the groupMembershipClaim in the manifest must be set to "All", the default value is null. See below:
"groupMembershipClaims": "All",


Once this is updated, the new Role will be visible in the user/group assignment.

7. Go to Azure Directory > Enterprise App > Your App > Users and Groups > Add User



The user/group list will be displayed accordingly.


Ta-da, done~

The roles setup in this way is meant for this special application only. To use the roles from Azure AD security group. I haven't check that out.


Comments

Popular posts from this blog

Network Manager

CCSP Domain 2 : Cloud Data Security - Part 2

How to enable LAN network to access to web server hosted in Oracle VirtualBox