cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
jakesh
Helper I
Helper I

What is the best way to load a bulk of users in the portal using Azure AD that can be used to assign web roles to restrict specific pages to different AAD security groups?

My end goal is to replace the process of creating an individual Contacts that can be used in Web Roles by assigning users to AAD Security Groups. I would like to create AAD Security Groups, load them into the Power Pages/Apps Portal, and assign them to Web Roles so that the users in that group are restricted to specific pages.

 

I was able to create a Team in my environment based on an AAD Security Group but I haven't found a way to assign this team to a web role so that the users in this team are restricted to seeing a specific page in the portal. Also, these users are authenticated through AAD, but the web role cannot be set to yes for authenticated users because it would not let them see the page at all.

 

What is the best way to load a bulk of users in the portal using Azure AD that can be used to assign web roles to restrict specific pages to different AAD security groups?

 

Please help.

 

Thanks.

4 REPLIES 4
OliverRodrigues
Super User
Super User

You can't associate the Web Roles with AAD Security Groups directly

You might be able to achieve this using Microsoft Graph API, you could maybe retrieve the security group and than associate your Web Role (perhaps based on a Matrix setup in Dataverse)

If you need this to be sync, you would have to do it via sync Plugin, if you are happy for it to be async, you might be able to use Power Automate Flows

 

I can't think that any solution would be very easy, it would probably take a good bit of time to setup

 

A few links that might help:

Power Automate Flow: Calling MS Graph API - TechNet Articles - United States (English) - TechNet Wik...

Use the Microsoft Graph API - Microsoft Graph | Microsoft Docs




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

jakesh
Helper I
Helper I

@OliverRodrigues thanks for your response. I will look into this.

 

I've also been looking into "Force Sync Azure Active Directory Group members to specified CDS instance". Have you tried this?

https://powerautomate.microsoft.com/en-US/templates/details/6e4162ca7afc48479e3ad1caadc6c1e6/force-s...

OliverRodrigues
Super User
Super User

I haven't used that, but it's probably related to sync AAD users to Dataverse (CDS/D365) users, and not Power Pages Users.

 

Basically the way Power Pages works is that a user is always represented by a Contact record, this is the same for either internal or external users.

When a user signs in via Azure AD, the Power Pages automatically creates a Contact record for that user.




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

NikitaPolyakov
Microsoft
Microsoft

You have to manually design and map and integrate your Authorization Management solution concept into the Power Pages concepts.

 

I recommend customers to always design this a pre-load system and consider a more proactive invitation process for your users too, this way they are aware and invited to login. You can have a job that regularly synchronizes your portal users (Contacts and checks their associated Web Roles) triggered from Azure AD Group membership changes. Here also new users would get welcome emails and instructions to access your website.

 

Please stay away from synchronous (Dataverse plugin) routes as those are more complex and taxing. Primarily syncronous plugins would hold a transaction in Dataverse and website at the same time, so they can be detrimental to your website performance, especailly at scale.  

Helpful resources

Announcements
Microsoft 365 Conference – December 6-8, 2022

Microsoft 365 Conference – December 6-8, 2022

Join us in Las Vegas to experience community, incredible learning opportunities, and connections that will help grow skills, know-how, and more.

Difinity Conference 2022

Difinity Conference 2022

Register today for two amazing days of learning, featuring intensive learning sessions across multiple tracks, led by engaging and dynamic experts.

European SharePoint Conference

European SharePoint Conference

The European SharePoint Conference returns live and in-person November 28-December 1 with 4 Microsoft Keynotes, 9 Tutorials, and 120 Sessions.

Top Kudoed Authors
Users online (3,209)