Maxim Tkachenko
Reputation: 5808
Azure App registration: "Delegated permission" is disabled
I created two applications in Azure App registrations: app.client and app.server. I added a role in app.server application manifest:
...
"appRoles": [
{
"allowedMemberTypes": [
"User",
"Application"
],
"description": "some_role",
"displayName": "some_role",
"id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "some_role"
}
]
...
I use both user and application because I want to use this role with and without signed-in user. But I can't add some_role as Delegated permission for app.client. Only Application permissions is active. Delegated permissions is disabled. What am I doing wrong?
Upvotes: 1
Views: 609
Answers (1)
juunas
Reputation: 58898
Delegated permissions are not defined in appRoles. They are defined in oauth2Permissions. You can also use the Expose an API page to define them.
https://joonasw.net/view/defining-permissions-and-roles-in-aad
Upvotes: 1
Related Questions
- Azure App Registration "Roles and administrators"
- Registering an app permission in SharePoint
- How to use Delegated permissions for Azure AD app without signed-in user?
- Azure registered app error: The user or administrator has not consented to use the application with ID
- Can't use "az" to grant permissions to an app in Azure AD; getting a 403
- API Permission Issue while Azure App Registration
- Azure AD: Failed to grant permission for application
- Azure app registration returns error code AADSTS70001
- Azure AD App Registration: "AADSTS90094: The grant requires admin permission" error for permission that has "REQUIRES ADMIN" set to "No"
- azure app registration remove permissions