I'm wondering a few things about azure ad. I currently have a little software with self users managed, in database, with custom properties, and access token self generation, etc. In order to develop micro services, azure functions, and handle SSO the right way, i would like to migrate my users management to azure active directory, but i'm a bit lost with its features.
Is there a way to handle custom properties for users in azure ad ?
Users can be affected to one or many 'agencies', with some 'roles' in this affectation, such as 'agency supervisor', 'agency user' etc, which aad feature is the best designed for this ? Groups ? Roles ?
Is it a best practice to store custom business-related user properties in an associated database instead of aad ? (Maybe in order to migrate user management later ?)
I'm sorry for these questions but after a lot a research i'm still there.
Maybe some of you have great feedback or documentation for me.
Thank you !