Partilhar via

Assign user access to Azure AI Health Bot management portal

  • Artigo

The Azure AI Health Bot supports Microsoft Entra Access Management. Users can utilize the well known identity-access-management (IAM) pane in Azure to assign users and roles to their Azure AI Health Bot instance.

Important

We advice existing customer to opt-in this feature by navigating to the User Management page and enabling the Microsoft Entra Access Management feature. This feature can only be enabled for users who have the Health Bot Admin role in the Azure Access Control (IAM) pane. In the future we will deprecrate the legacy user access control mechanism functionality in the Management Portal and only use the Microsoft Entra Access Management.

Opt-in on the Microsoft Entra Access Management feature

To opt in on this feature, a Health Bot Admin should Navigate to the Azure AI Health Bot User Management page and enable the Microsoft Entra Access Management feature. Any user with the Health Bot Admin role can enable or disable the Microsoft Entra Access Management Toggle

Important

This feature can only be enabled for users who have the Health Bot Admin role in the Azure Access Control (IAM) pane.

If the logged-in user has no Health Bot Admin Role, the Microsoft Entra Access Management toggle will be greyed out

A screenshot of the healthbot user management page with greyed out RBAC toggle

If the logged-in user has the Health Bot Admin Role, the Microsoft Entra Access Management toggle will be available.

A screenshot of the healthbot user management page with RBAC toggle disabled

When enabling the Microsoft Entra Access Management toggle, all user management will be done through the Azure Portal. You will need to assign users and dedicated Azure AI Health Bot roles through the identity-access-management pane in the Azure Portal.

A screenshot of the healthbot user management page with RBAC toggle enabled

Assigning users and roles via the Microsoft Entra Access Management feature

When Microsoft Entra Access Management is enabled, all users and roles should be managed through the Azure Access Control (IAM) pane.

A screenshot of azure iam management

You can assign users with one of the following levels of permissions:

  • Health Bot Admin: Users with admin access can sign in, view, and edit all of the bot resources, scenarios, and configuration setting including the bot instance keys & secrets and can managed user access in case permission management is controlled via the portal.
  • Health Bot Editor: Users with editor access can sign in, view, and edit all the bot resources, scenarios, and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills, channels, and user management.
  • Health Bot Reader: Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys), the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs) and portal user management.

A screenshot of azure iam roles

You can learn more on Identity and access management (IAM) here

Next steps

Audit Trails