Hi @71185955,
Have you assigning roles to users ? And could you kindly check this official document Add app roles to your application and receive them in the token.
Best Regards
Jason
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
I have a Blazor Server app and I want to use role based authorization in Microsoft Entra ID. I created role for it and I added permission to it:
Program.cs
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
.AddMicrosoftGraph(builder.Configuration.GetSection("MicrosoftGraph"))
.AddInMemoryTokenCaches();
builder.Services.AddControllersWithViews().AddMicrosoftIdentityUI();
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("Officer", policy => policy.RequireRole("Officer"));
});
MainLayout.razor
`<AuthorizeView Policy="Officer">`
<Authorized>
<MudMainContent Style="background-color:--mud-palette-background-grey;">
@Body
</MudMainContent>
</Authorized>
<NotAuthorized>
<MudMainContent Style="background-color:--mud-palette-background-grey;">
<p>Access denied.</p>
</MudMainContent>
</NotAuthorized>
</AuthorizeView>
appsettings.json
"MicrosoftGraph": {
"BaseUrl": "https://graph.microsoft.com/v1.0",
"Scopes": [ "user.read.all", "directory.read.all", "GroupMember.Read.All", "Group.Read.All" ]
},
Unfortunately, I haven't been able to figure out the cause of the problem so far.
Hi @71185955,
Have you assigning roles to users ? And could you kindly check this official document Add app roles to your application and receive them in the token.
Best Regards
Jason