Search code examples
azurevisual-studio-2017azure-active-directoryuser-roles

Azure AD authentication and assigning roles to application users

I am working on a .net core MVC Web application that is making use of Azure AD authentication with multi tenants enabled.Now I want to add custom application roles to my users. For that I added some "appRoles": to my azure WebApp's manifest file. But now how do I assign these application roles to my users ? I am using portal.azure.com, and I could not find any screens where I can actually assign these roles to my application users. Could you please let me know me where I can do this from the azure portal?or do I need any additional permissions from my AD team?if so what specific permissions ?

Solution

  • You could assign users with roles to application in Enterprise applications blade:

    1. Click Enterprise applications blade , click All applications to find your application with app id or display name : enter image description here

    2. Click that application , click Users and groups , you will get current assigned users and which role has been assigned :enter image description here

    3. You could click add user and Select Role , you could select the roles you set in manifest file and assign to specific user :enter image description here