Is there a way to automatically assign a default app role to users during the sign-up process using Microsoft Azure External ID? If so, how can this be achieved?
Microsoft Entra External ID for customers - Assign default app role
177 views Asked by Purvesh Desai At
1
Unfortunately, currently there is no easy option to define it (including Entra portal). In the future I heard that this will be supported with Custom Authentication Extensions and event like OnUserCreated (or similar that will be provided by Microsoft). Here you can read more:
https://learn.microsoft.com/en-us/entra/external-id/customers/concept-custom-extensions
In this case you could implement Azure Function to be triggered during the sign up process and with Microsoft Graph API you could assign specific app role to the user. Here is the documentation on how to do it. Specifically you can look at Grant an appRoleAssignment to a user endpoint in Graph API.
However, as I mentioned, now there is no straightforward way to do it.