Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Question] How to use roles? #117

Closed
r3r00t3d opened this issue Mar 8, 2023 · 6 comments
Closed

[Question] How to use roles? #117

r3r00t3d opened this issue Mar 8, 2023 · 6 comments
Labels
question Further information is requested

Comments

@r3r00t3d
Copy link

r3r00t3d commented Mar 8, 2023

I'm using the 3.5.1 version of the library. For some reason, roles array is always empty inside the User object even though my user has 10 roles assigned in Azure AD. I'm trying to debug an issue and I cannot find a way to resolve if this is an Azure issue or a library issue. All of the other information inside the User object are filled out correctly.

Is there some special permission needed or anything that you can provide that can point me in the right direction? My user is also a member of a Global Administrator group, so it has the highest available privileges in the tenant.

Thanks.

@r3r00t3d r3r00t3d added the question Further information is requested label Mar 8, 2023
@JonasKs
Copy link
Member

JonasKs commented Mar 8, 2023

Hi,

Typing this on my phone, so no screenshots (I can help more tomorrow), but from memory:

  • Go to your application registration
  • roles
  • Create a new role
  • Go to the enterprise application (you can go to overview -> click the name of the appreg, it'll take you there)
  • map your users/enterprise roles to the app role

I can give a small tutorial tomorrow when I'm on a laptop. 😊

@JonasKs JonasKs changed the title [BUG/Question] [Question] How to use roles? Mar 8, 2023
@r3r00t3d
Copy link
Author

r3r00t3d commented Mar 8, 2023

Thanks, I'll try that and I really appreciate all the help.

@JonasKs
Copy link
Member

JonasKs commented Mar 9, 2023

Go to your application registration, click Groups:
image

Create a role:

image

Go to Overview and click the Enterprise application link:
image

Go to Users and groups and add a user/group:

image

Add the user/group that you want to have this role (if you use a group, the users must be a direct member of that group. Nested membership does not work):

image

Click select role and assign the user/role to your application role:
image

Finish by clicking Assign. The user will now have that group in their token.

@r3r00t3d
Copy link
Author

r3r00t3d commented Mar 9, 2023

I did this and it worked. Maybe you can put this in the documentation as this will be a very common pattern for developers. The usual thing would be to map application roles with groups and check in the backend if user has certain role based on the group membership.

Thanks again for the detailed answer.

@JonasKs
Copy link
Member

JonasKs commented Mar 9, 2023

Pull requests welcome if you'd like to contribute. If not, yes, I will fix 😊

@JonasKs JonasKs mentioned this issue Jul 12, 2024
Merged
@JonasKs
Copy link
Member

JonasKs commented Jul 13, 2024

#200 will solve this issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants