Geeks With Blogs

News


Rohit Gupta Engaging talk on Microsoft Technologies ....My Resume

Role based Access control – Azure AD B2C – work around

 We can enable Role Based access control with Azure AD B2C using custom attributes (defined in the Sign-Up/Signin User Flow in Azure AD B2C) ( also known as custom claims)

  • For this first define a Custom Attribute named “Role” in Sign-up/Signin User Flow in Azure AD B2C as detailed here ---(Define custom attributes in Azure Active Directory B2C).
  • Using custom claims for Azure AD B2C roles
  • Next we need to add this custom Attribute “Role” for each AD B2C User that needs privileged Access in Azure AD B2C (in portal.azure.com) and set its value to say “Admin”, “StudyUser”, “TestUser” etc…
  • Next we need to check for presence of this attribute in the Authorization JWT token as part of the ClaimsPrincipal.
  • For checking for the presence of the “Role” Claim we can make use of the “RoleAuthorizeAttribute” as described here.
  • Role based authorization in Azure Functions with Azure AD and app roles and apply the “RoleAuthorizeAttribute” to each API Controller/Method e.g. ([RoleAuthorize("Admin")])
  • Note we also need to add the “ClaimsPrincipal principalparameter to each Azure Function method that needs to check for the Role
Posted on Friday, October 9, 2020 3:36 AM | Back to top


Comments on this post: Role based Access Control with Azure AD B2C and Azure Functions

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Rohit Gupta | Powered by: GeeksWithBlogs.net