I've followed this tutorial to create a role-based application:
In my Azure Active directory (AAD) (Free Edition):
- I've created a user : "Admin one".
- I've created a group: "Developers".
- I've created an application role : "admin" (using the application manifest).
- I've assigned the application role "admin" to the "Developers" group (using the graph api).
In my application, I can now use the User.IsInRole method to verify that my user got the application role "admin".
I wanted to test if this is going to work with nested groups so in my AAD:
- I've removed the "admin one" user from the "Developers" group.
- I've created a second group named "SubDevelopers".
- I've added the "admin one" user as a member of the "SubDevelopers".
- I've added the "SubDevelopers" group as a member of the "Developers" group (using the Graph API).
Now the User.IsInRole("admin") method return false for the "admin one user"...
Am I missing something, Is it possible to check role for user that are in nested group ? Is available for the AAD Free edition ?
