question

nadicad avatar image
0 Votes"
nadicad asked ·

Azure AD single sign on

Hey Guys,

We have been trying to set up a SSO for the Aha! app on Azure.

We have created a security group that has a specific role "Viewer"that all members of our organization are members of. This role has been added manually by editing the app roles.

"appRoles": [
{
"allowedMemberTypes": [
"User"
],
"description": "msiam_access",
"displayName": "msiam_access",
"id": "xxx",
"isEnabled": true,
"origin": "Application",
"value": null
},
{
"allowedMemberTypes": [
"User"
],
"description": "ProductRole",
"displayName": "ProductRole",
"id": "xxx",
"isEnabled": true,
"origin": "ServicePrincipal",
"value": "viewer"
}
The role has been added to the group but the "Viewer" role doesn't apply when a user signs in. They have the "None" role.

Can you please help out?

Best regards

azure-ad-single-sign-on
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

soumi-MSFT avatar image
0 Votes"
soumi-MSFT answered ·

@nadicad, Is the appRole "Viewer" been assigned to the user?

Ideally when you add an appRole using the App Manifest, that role also has to be assigned to the users who would be accessing that app.
Make sure you the users have that role assigned to them.
You can refer to the following article for reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.