Max number of roles in appRoles Azure AD B2C?

Question

I am searching for what is the limit of appRoles added in an application in azure ad b2c. 

 

What I have found is this: https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-service-limits-restrictions

In application: "A user, group, or service principal can have a maximum of 1,500 app role assignments. The limitation is on the service principal, user, or group across all app roles and not on the number of assignments on a single app role."

Am I correct that it means that one single app can have 1500 roles in approles?

Thanks for your time,

Have a nice day,

Answer 1

@Nicolas Remy

The article that you have shared is specifically for Azure AD.

Yes, you can create 1500 app roles for single application, proivded you have not created any app roles in any other applications.

Regarding Azure AD B2C,

Azure AD B2C does not currently support appRole, such as user flows or custom policy. Reference: similar answers.

However, you can use Azure AD based authentication to grant appRole because Azure AD supports appRole. First, make sure you have added appRoles in your API application's manifest, then click Managed application in local directory to go to Enterprise Applications>Users and groups>Add user/group.

Next use an Azure AD based authentication flow such as ROPC flow or auth code flow.

Parse the token and you will see your custom role.

Let me know if you have any further questions on this.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.