Role Based Authentication

By default, VirtualMetric uses email addresses to match users with Azure Active Directory users. You can also allow Azure AD users to logon VirtualMetric by their role names.

1. First of all, please make sure that Azure Active Directory Anonymous User Access is enabled in the Advanced Settings.

2. Click on the application name to navigate application settings.

3. Make sure that you have your Azure Active Directory groups under the Users and groups section.

4. Please go back to App registrations page and click on Manifest menu.

5. Add your role configuration under the appRoles section and save the manifest file.

Example configuration of the roles:

"appRoles": [
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "Users with readonly access",
		"displayName": "VirtualMetricUserRole",
		"id": "18d14569-c3bd-439b-9a66-3a2aee01d14c",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": "VirtualMetricUserRole"
	},
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "Users with admin access",
		"displayName": "VirtualMetricAdminRole",
		"id": "18d14569-c3bd-439b-9a66-3a2aee01d14f",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": "VirtualMetricAdminRole"
	},
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "msiam_access",
		"displayName": "msiam_access",
		"id": "b9632174-c057-4f7e-951b-be3adc52bfe6",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": null
	}
],