As an Azure application owner, you can add app roles to your application in Resource Admin. EmpowerID fulfills this action by adding the app role to the application in Azure.
Create scopes
Log in to Resource Admin.
Select Applications from the Resource Type menu and search for the Azure application you want to manage.
Click the Friendly Name link for the application.
This directs you to the Overview page for the application.
Click App Roles and then expand the Actions accordion.
Click the Create Azure Application Role action.
This opens the Create Azure Application Scope form.Fill in the form fields with the appropriate information for your app role.
Field
Description
Example
Name
Name of the app role
Report Writer
Allowed Member Types
Specifies whether the app role can be assigned. Options include:
Default
Users/Groups
Applications
Both (Users/Groups) + Applications
Users/Groups
Value
Specifies the value of the roles claim that the application should expect in the token
Report.Create
Description
Description of the app role
Writers can create reports
Application Role Requestable in IAM Shop
Specifies whether users can request the role in the IAM Shop
Select A Location
Select a location in EmpowerID for the application role. This location is for RBAC delegation only.
If there is a location selected by default and you wish to change it, click the link for the location and then search for and select the desired location from the Location tree.EmpowerID Applications
Click Next.
Review the summary information and click Submit when ready.