Reputation: 16826
Creating custom user roles in ASP.NET MVC and Azure AD
I am working on an ASP.NET MVC application that uses Azure AD auth out-of-the-box.
What I want to do is define custom roles for certain users. For example, mark JohnDoe@contoso as a "Portal Admin" or SarahJones@contoso as a "Site Manager" - I want to do that without messing with AD roles, since I don't have full access to the AD internals.
I am fine deploying a custom DB to contain the roles. Is there a generic solution for this or do I have to implement my custom verification layer?
Update 1: I can deploy a custom role provider and connect it to a different DB, but am wondering if there is a more straightforward way to do this.
Upvotes: 2
Views: 1657
Answers (1)
Reputation: 2258
If you use Azure Web Apps, which supports ASP.NET MVC then you can use the Azure Active Directory authentication mechanism. Here is a blog post describing how to set it up: https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-active-directory-authentication/
Once you have that, auth will be enabled for your app and you can configure the AAD app in the portal. See this blog post for more details: http://blogs.technet.com/b/ad/archive/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles.aspx
To modify the permission levels, you should be able to use role claims. See this example for guidance: https://github.com/Azure-Samples/active-directory-dotnet-webapp-roleclaims
Accessing the manifest:
Upvotes: 3
Related Questions
- MVC Azure AD Authorization Roles
- ASP.NET MVC How to create a custom role provider
- Asp.net core mvc role-based authorization with Azure AD
- Custom Role with .NET Core 3 Azure AD Authentication
- How do you create a custom user role in Azure AD?
- Provide role for user in Azure Active Directory
- Custom role storage asp.net
- Adding custom roles to windows roles in ASP.NET MVC 5
- custom roles and user adminstration in ASP.net MVC 4
- Membership Roles in Azure and MVC