Using Azure AD and Getting App Role in C# Windows Application

Question

I have a requirement to authenticate user in client side and pass the token to server side application. server side application parse the token and based on the role it will return the result. so we have created C# windows application as client and Java application as server side.

i am trying to use following https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-windows-desktop sample to authenticate in client side and pass the get authorization token. but i am not getting app roles assigned to user.

i have registered the application in Azure Active Directory via app registration and added App roles in Manifest file.

when i receive the authorization token, i have all the details, but roles were not coming as part of the token. could you please guide me as i have very limited knowledge in Azure active directory

The roles need to be defined in the app registration used by the API. Do you have separate app registrations? — juunas
To get roles you have to add users/groups to the application in Azure AD Enterprise Applications — Crowcoder
@Crowcoder i have assigned roles via enterprise application , but no luck :( — PMC Karur
@juunas i have tried following, but somehow i have lost. not getting roles :( — PMC Karur

alphaz18 alphaz18 · Accepted Answer · 2020-06-09T20:54:13

In order to get app roles follow this guide: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps

Did you assign those app roles to the users? if the user isn't assigned any app roles, the roles claim will not be sent in the token.

after that it should be in the id_token. also take note when you are declaring the app roles in the manifest, of the

"allowedMemberTypes": [
    "User"]

It needs to contain at least User if you want the role to be assignable to users.

Using Azure AD and Getting App Role in C# Windows Application

2 Answers