Group Owners in Azure AD B2C tenant cannot add members in their group

user20201 276 Reputation points

We have Azure Active Directory B2C tenant and a security group. We invited a guest user and added him as the group owner of the security group but upon accepting the invite, an error occurred. We fixed that by changing the User Type from "Guest" to "Member." However, they still can't add members and manage their own groups.

We tried to grant the group owners "Guest Inviter" role, and luckily, they can manage their own groups and no access on other groups which apparently, we want to happen. But users in "Guest Inviter" role can invite guest users which we don't like to be done by group owners. Is there specific Azure Role which meets the requirement that group owners' permission is JUST to manage his own group and nothing more? Or if we create custom role, would there be additional requirement or license since we are using Azure AD B2C?

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
449 questions
Azure Active Directory External Identities
{count} votes