In the world of Azure, adding Users to an Application is a bit different – You don’t need to create User Creation & User Roles management creation screens. Yes! everything can be managed through Azure Portal.
Enterprise Applications
Enterprise Applications are those Applications deployed to your Organization, each one would have an App Registration.
Go to Azure > Active Directory > Enterprise Applications blade to view them.
Create User
Now we can add a new user to the Enterprise Application selected.
Go to Azure > Active Directory > Users
Click the New User button on the right. Add the new user
Save changes.
Select User
Now you can select the newly created User from the Enterprise Applications > Users blade.
Leave the Role as blank. Click Add to continue.
Now you can see the New User got added.
Create Role
For assigning a Role to the user – you need to create the Role first.
Go to Azure > Active Directory > App Services > Your App > Manifest blade
Modify the roles property as shown below.
“appRoles”: [
{
“allowedMemberTypes”: [
“User”
],
“displayName”: “Author”,
“id”: “abc2ade8-98f8-45fd-aa4a-6d06b947c66f”,
“isEnabled”: true,
“description”: “Authors can write blogs.”,
“value”: “Author”
}
],
Save Changes & Go back to the User adding screen in Enterprise Applications.
You will be now able to select the New Role from the screen.
Note
Whenever user is authenticated, you will get the Role too in the authentication token. (Enable ID Token in App Registration for same)
Summary
In this article you found how to Add User & Role for an Enterprise Application. This is really advantageous & can save hundreds of productivity hours where the Application Administrator can manage the Azure Portal for adding/editing users. (Relying on Company Support Ticket Team may delay the whole things)
Microsoft Azure Articles.. 