Versions Compared

Version Old Version 1 New Version Current
Changes made by

Lars Gjestang

Lars Gjestang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel6
outlinefalse
styledefault
typelist
printabletrue

Prerequisites

  • The user performing the steps described in this guide needs to be the owner of the Enterprise Application/App Registration that is used by Ayfie Personal Assistant

Which Enterprise Application is in use by Ayfie Personal Assistant?

If one is you are unsure about which Enterprise Application /or App Registration that is used by the Ayfie Personal Assistant Applicationapplication, follow these steps

Retrieve the Client ID/Name from the Deployment Output

:

  1. Open the Managed Application

...

  1. for Ayfie Personal Assistant Application.

  2. Navigate to Settings and select Parameters and outputs.

  3. Copy the ClientID listed there.

...

Adding Required App Registration Role

...

Go to https://portal.azure.com and navigate to “App Registrations”

...

Look up the App Registration with the ClientId or name

...

Navigate to “App roles” within “Manage” on the left side

...

Click “Create app role

Enter the following

...

Permissions

We have three types of roles in our application:

  • personal_assistant.admin

  • personal_assistant.branding_manager

  • personal_assistant.chatbot_manager

These roles need to be added to the App Registration to control access to specific functionalities within Ayfie Personal Assistant.

Steps to Add App Roles

  1. Sign in to the Azure Portal with appropriate administrative privileges.

  2. Navigate to Azure Active Directory > App Registrations.

  3. Search for the App Registration using the ClientID or name obtained earlier.

  4. Select the App Registration from the search results.

  5. In the left-hand menu under Manage, select App roles.

  6. Click on Create app role to add a new role.

  7. Repeat the following steps for each of the three roles (add each role by clicking Apply):

    a. For personal_assistant.admin

    • Display name: personal_assistant.admin

    • Allowed member types: Users/Groups

    • Value:

    • personal_assistant.admin

    • Description:

    “Required role to change

    • Admin role with full access to Ayfie Personal Assistant functionalities.

    • Do you want to enable this app role?: Yes

    b. For personal_assistant.branding_manager

    • Display name: personal_assistant.branding_manager

    • Allowed member types: Users/Groups

    • Value: personal_assistant.branding_manager

    • Description: Role to manage custom branding in Ayfie Personal

    Assistant”

    • Assistant.

    • Do you want to enable this app role?

    : “Yes”

  8. Select “Apply”

  9. Verify the new entry in the list within “App roles”

...

Add User Role Assignment

  1. Go to https://portal.azure.com and navigate to “Enterprise Applications”

  2. Look up the Enterprise Application with the ClientId or name (same as above)

  3. Navigate to “Users and Groups” within “Manage” on the left side

  4. If no users are added, add the user(s) that should be assigned the new role

  5. Check the checkbox in front of the person and click “Edit assignemnt”

  6. Click “None Selected” under “Select a role”

  7. Select the role “personal_assistant.admin” and hit the button “Select”

...

    • : Yes

    c. For personal_assistant.chatbot_manager

    • Display name: personal_assistant.chatbot_manager

    • Allowed member types:Users/Groups

    • Value:personal_assistant.chatbot_manager

    • Description: Role to manage chatbots in Ayfie Personal Assistant.

    • Do you want to enable this app role?: Yes

  2. Verify that the new roles are listed in the App roles section.

...

Assigning Roles to Users or Groups

Now that the roles are created, you need to assign them to users or groups who require access to specific functionalities.

Steps to Assign Roles

  1. Navigate back to the Azure Portal and go to Azure Active Directory > Enterprise Applications.

  2. Search for the Enterprise Application using the ClientID or name.

  3. Select the Enterprise Application from the search results.

  4. In the left-hand menu under Manage, select Users and groups.

  5. Click on Add user/group.

  6. In the Add Assignment pane:

    • Click on Users and groups.

    • Select the user(s) or group(s) you want to assign a role to.

    • Click Select.

  7. After selecting users or groups, click on Select a role.

  8. Choose the appropriate role for the user or group:

    • For full administrative access, select personal_assistant.admin

    • To manage custom branding, select personal_assistant.branding_manager

    • To manage chatbots, select personal_assistant.chatbot_manager

  9. Click Assign to apply the role to the selected user(s) or group(s).

  10. Repeat these steps for any additional users or groups as needed.