Azure AD groups to id_token

qawebenterprise · August 29, 2018, 3:05pm

I have configured Azure AD as an enterprise connection, and use the rule as shown here (Azure AD : can't get groups for guest azure ad users - #4 by francois.beauchemin) to include the groups a user is member of to the app_metadata field of the user profile.
However, I would like to map those groups to the groups as defined in the Authorization extension or - at least - have them listed in the id_token.
The idea is to go from AD user group to permissions (using roles).

Any suggestion?

James.Morrison · August 19, 2019, 1:45pm

Hey there @qawebenterprise, I apologize for the delay in getting your question answered.

I would recommend giving Role Based Access Control (RBAC) a look for all your latest permission needs when assigning roles. Give the doc a look and please let me know if you have any questions. Thanks!

James.Morrison · August 29, 2019, 1:45pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to authorize users based on Azure AD roles/groups Help	2	6173	August 27, 2019
Adding an Action to return Azure AD Groups for a user logging in Help extensibility , actions-extensibility	3	2115	April 6, 2023
Get Azure AD Group Ids Help azure-ad , groups	4	5858	December 17, 2018
Group ids from azure AD in post login actions Help connections , azure-ad-enterprise-connection	0	315	February 22, 2024
Missing groups for AAD guested users Help azure-ad , group-mapping , user-group	1	4165	April 21, 2020

Azure AD groups to id_token

Related topics