Ayfie Personal Assistant - Assign Personal Assistant Roles

Prerequisites

• The user performing the steps described in this guide needs to be the owner of the Enterprise Application/App Registration that is used by Ayfie Personal Assistant

Which Enterprise Application is in use by Ayfie Personal Assistant?

If you are unsure about which Enterprise Application or App Registration is used by the Ayfie Personal Assistant application, follow these steps:

1. Open the Managed Application for Ayfie Personal Assistant Application.

2. Navigate to Settings and select Parameters and outputs.

3. Copy the ClientID listed there.

Adding Required App Registration Role Permissions

We have three types of roles in our application:

• personal_assistant.admin

• personal_assistant.branding_manager

• personal_assistant.chatbot_manager

These roles need to be added to the App Registration to control access to specific functionalities within Ayfie Personal Assistant.

Steps to Add App Roles

1. Sign in to the Azure Portal with appropriate administrative privileges.

2. Navigate to Azure Active Directory > App Registrations.

3. Search for the App Registration using the ClientID or name obtained earlier.

4. Select the App Registration from the search results.

5. In the left-hand menu under Manage, select App roles.

6. Click on Create app role to add a new role.

7. Repeat the following steps for each of the three roles (add each role by clicking Apply):

   a. For personal_assistant.admin

   • Display name: personal_assistant.admin

   • Allowed member types: Users/Groups

   • Value: personal_assistant.admin

   • Description: Admin role with full access to Ayfie Personal Assistant functionalities.

   • Do you want to enable this app role?: Yes

   b. For personal_assistant.branding_manager

   • Display name: personal_assistant.branding_manager

   • Allowed member types: Users/Groups

   • Value: personal_assistant.branding_manager

   • Description: Role to manage custom branding in Ayfie Personal Assistant.

   • Do you want to enable this app role?: Yes

   c. For personal_assistant.chatbot_manager

   • Display name: personal_assistant.chatbot_manager

   • Allowed member types: Users/Groups

   • Value: personal_assistant.chatbot_manager

   • Description: Role to manage chatbots in Ayfie Personal Assistant.

   • Do you want to enable this app role?: Yes

8. Verify that the new roles are listed in the App roles section.

Open

Assigning Roles to Users or Groups

Now that the roles are created, you need to assign them to users or groups who require access to specific functionalities.

Steps to Assign Roles

1. Navigate back to the Azure Portal and go to Azure Active Directory > Enterprise Applications.

2. Search for the Enterprise Application using the ClientID or name.

3. Select the Enterprise Application from the search results.

4. In the left-hand menu under Manage, select Users and groups.

5. Click on Add user/group.

6. In the Add Assignment pane:

   • Click on Users and groups.

   • Select the user(s) or group(s) you want to assign a role to.

   • Click Select.

7. After selecting users or groups, click on Select a role.

8. Choose the appropriate role for the user or group:

   • For full administrative access, select personal_assistant.admin

   • To manage custom branding, select personal_assistant.branding_manager

   • To manage chatbots, select personal_assistant.chatbot_manager

9. Click Assign to apply the role to the selected user(s) or group(s).

10. Repeat these steps for any additional users or groups as needed.