CODEWITHSUNDEEP
azureazure-active-directoryazure-ad-b2c
sam
sam

Reputation: 427

Azure Active Directory B2C User Management

I was following this article and created a sample which works perfectly well. I can sign up, sign out and edit my profile with it but can't find out how to add a user in AAD B2C and assign it some role, so that I can differentiate them on the basis of roles, i.e. when I get to the Claims Page and get a user object, I can check the user by writing something like this:

User.IsInRole("client")

I added a custom attribute in "User Attributes" with the name of "Role" but that didn't solve my problem. I can only see that when I write:

foreach (Claim claim in ClaimsPrincipal.Current.Claims)
...claim.Type .... claim.Value

But I want it as I explained above

Thanks in advance.

Ok by now, I have found out the roles by clicking on the directory name -- users, but the available roles are User, Global Admin, Billing Admin, Service Admin, User Admin and Password Admin, but User.IsInRole("User") didn't work for me. So, 1. can I add any customized roles 2. how can I check if my user belongs to a particular role programmatically? Thanks.

Upvotes: 3

Views: 4515

Answers (2)

Erik Oppedijk
Erik Oppedijk

Reputation: 3553

User attributes in Azure B2C are prefixed with "Extension_", so a user attribute "Role" will be called "extension_role" in your claims. This is the reason the UserIsInRole doesn't work

Something that works for Azure AD, maybe for B2C also(not tried by me): Try to use Groups (create a new group), add the user to the group. Group membership isn't added to your claims by default: http://justazure.com/azure-active-directory-part-4-group-claims/

Upvotes: 0

Dawid Rutkowski
Dawid Rutkowski

Reputation: 2756

You can add custom roles by modifying application manifest file (application configured in Azure Active Directory). You just have to download manifest json file, add your custom roles and upload file again. You can do it here: enter image description here

Then open the file and add custom role like that:

  "appRoles": [
{
  "allowedMemberTypes": [
    "User"
  ],
  "description": "some text",
  "displayName": "Super role",
  "id": "c530a40b-a47c-42b7-ba9a-f34d8ca7e443",
  "isEnabled": true,
  "origin": "Application",
  "value": "Super role"
}

],

Upvotes: 2

Related Questions