I tried to implement role-based authorization in my azure application, as described in http://www.dushyantgill.com/blog/2014/12/10/roles-based-access-control-in-cloud-applications-using- azure-ad / . Unfortunately, after I downloaded the manifest with roles, I canβt assign roles to users - the assignment button at the bottom of the Azure management portal is disabled (in the article, the action I want to perform is in the 4th screenshot), Has anyone encountered with something like that? The following is the appRoles part of my application manifest:
"appRoles": [ { "allowedMemberTypes": [ "User" ], "description": "Can do some stuff", "displayName": "AU", "id": "c400a00b-f67c-42b7-ba9a-f73d8c67e433", "isEnabled": true, "origin": "Application", "value": "au" } ],
Update It turns out that the reason the button was disabled was pretty simple: I assigned the user earlier and suggested that if I implemented the roles in the manifest, it would allow me to assign them using the Assign button, even if the user was already assigned.
However, it does not solve the root problem - after removing the user from the application and then assigning him, the invitation with the role assignment is not displayed to him, the user status "Assigned" simply changes to "Yes", as if no roles were specified in the manifest.
source share