Azure Active Directory - Add Users with multiple agencies/roles

0
votes

In my current non-Azure AD, I am handling agents for a insurance company. A given Agent could be a member of multiple agencies where the agent's roles could be different at each agency. Something like this:

enter image description here

Based on the Azure Portal, the only approach that I can see (and I do not want to do it) is to make each Group/Role be a group and have the user be part of the the Group/Role group. Something like this:

enter image description here

But this approach would cause me to create 4 or 5 times the groups that I truly need and seems messy to maintain. Is there an approach that I am not seeing that would give me similar functionality in AAD that I currently have in my non-Azure AD?

1
azureactive-directoryazure-active-directory
The question is too generic and there is no single, neither better approach. You may also take a look at Azure AD Application Roles. Having said that, the format of the question does not really fit the StackOverflow format (i.e.: stackoverflow.com/help/on-topic )astaykov
Please kindly make your question more specific.Wayne Yang
I guess that is part of my problem. I do not know how to make it more specific as this work load was dumped on me and I do not have any experience doing this type of stuff. I understand what needs to be done (create user/group roles so a given user can have different roles depending on which group it is looking at) but I do not understand how to accomplish something like this with AAD.Holt

1 Answers

1
votes

You can not assign AAD roles to a group, you need to assign the roles to the specific user.

Refer to this feedback for more details.