B2C

Azure Business to Customer

Assigning roles to enterprise applications in Azure B2C

AnthonyLeave a comment

In this post we detail how to assign roles to enterprise applications in Azure B2C, issues with assigning via PowerShell and troubleshooting.

The issue

So this is just a super quick post to document an issue that stumped me recently. I had been asked to assign the Helpdesk Administrator role to a custom enterprise app in an Azure B2C environment. The steps I had been given to follow were from this blog post and got me most of the way there.

I had issues with using MSOL initially, but managed to get around that but every time I ran the Add-MsolRoleMember cmdlet I kept getting the same error:

Error adding Service Principal to Role: This role does not exist. Check the name and try again.

The solution

As always, the simplest solution is often the best and in this case that was true again! I was able to assign the role to the enterprise applications through the Azure B2C AAD GUI. The way I did it was to:

  • Open Azure Active Directory
  • Select Roles and administrators
  • Select the relevant admin role (e.g. Helpdesk Administrator)
  • Under Assignments > press + Add Assignments
Once you have selected the relevant admin role, press Add Assignments.
  • Search for the name of the enterprise app you want to assign the role too > select it > press Add

That’s it, no need for PowerShell you can just assign the roles direct from Azure AD.

Advertisement