Azure AD add App Role in App Registration using REST API

Question

is there a way to add Add role to existing App registration in Azure Active Directory using REST API/CLI/Powershell?

https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps

Answer 1

Yes, using the Azure CLI you can specify application roles within the manifest.json. Here an example:

[
  {
    "allowedMemberTypes": ["User"],
    "description": "Approvers can mark documents as approved",
    "displayName": "Approver",
    "isEnabled": "true",
    "value": "approver"
  }
]

The corresponding CLI command:

az ad app create --display-name mytestapp --identifier-uris https://mytestapp.websites.net --app-roles @manifest.json

Source.