I'm working on an Azure static web app for a small non-profit and I want certain features to be accessible only to authorized users. Since they predominantly use Microsoft services, it seems logical to utilize Microsoft logins for managing permissions. I heard that I could set up an Entra role without granting any permissions, allowing my app to recognize logged-in users based on the role info in the header. However, the sysadmin is struggling to create a role without any assigned permissions, and since I don't have admin access, I'm looking for guidance to provide her with the necessary instructions. Is this approach a best practice?
4 Answers
Creating an Entra Group instead of a role might be simpler for managing users. Groups allow you to add users directly without the complexity of roles. However, it depends on your app's needs. If you’re not familiar with Entra, starting with groups could be a more straightforward path.
I get that the docs might look like a maze sometimes, especially with so many options under Entra. If you're feeling lost, I would recommend picking one area to explore at a time instead of trying to tackle everything at once.
It's best to dive into Microsoft’s Entra documentation. They provide extensive resources that clarify differences between roles and groups, making it easier for beginners to navigate. But it can feel overwhelming at first!
You can definitely create an Entra role without permissions. Check out the documentation on how to add app roles for a clear guide. It’s important to understand how roles work within your app, especially when considering user authentication and permissions handling.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads