In this post we detail how to assign roles to enterprise applications in Azure B2C, issues with assigning via PowerShell and troubleshooting.
So this is just a super quick post to document an issue that stumped me recently. I had been asked to assign the Helpdesk Administrator role to a custom enterprise app in an Azure B2C environment. The steps I had been given to follow were from this blog post and got me most of the way there.
I had issues with using MSOL initially, but managed to get around that but every time I ran the Add-MsolRoleMember cmdlet I kept getting the same error:
Error adding Service Principal to Role: This role does not exist. Check the name and try again.
As always, the simplest solution is often the best and in this case that was true again! I was able to assign the role to the enterprise applications through the Azure B2C AAD GUI. The way I did it was to:
- Open Azure Active Directory
- Select Roles and administrators
- Select the relevant admin role (e.g. Helpdesk Administrator)
- Under Assignments > press + Add Assignments
- Search for the name of the enterprise app you want to assign the role too > select it > press Add
That’s it, no need for PowerShell you can just assign the roles direct from Azure AD.