Creating a claim with multiple roles for a SAML app, receive multiple roles for a user.

Alexander Sorenzon 1 Reputation point
2021-10-05T09:07:28.027+00:00

Hello,

Would appreciate some help.

We are trying to create a claim with multiple roles for an app on azure.
Each role has different group applied to it.
We have joined a user to some groups applied to different roles.
But when connecting with this user to the app, we see only 1 role for that user, instead of multiple. ( funniest thing is that the role it receives is always the last one, if we delete the group from that role, it receives the next role from the bottom )

So the question is, is it possible to make the user receive multiple roles, connecting with SAML?

Thanks!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,559 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nandeesh Swami 1 Reputation point
    2021-10-25T14:38:54.503+00:00

    If you have AAD Premium Lvl 2, you can associate application roles with groups and when you assign a user to that group, they will gain the roles automatically. The automatic assignment only works for Premium Lvl 2 though.
    If you already have L2 and already following what I have mentioned above, Can you provide more context? Take 1 or 2 examples and provide us what roles have you applied to which group, etc.

    0 comments