Andrew Connell
Andrew Connell
Articles Newsletter YouTube Publications Voitanos About

Microsoft Learning: Work with users, groups, and roles in custom apps and APIs

Learn how to use both Microsoft Entra ID Groups and Application Roles to provide fine grained access control to an application.

I work with Microsoft Learning to publish & maintain multiple self-paced learning modules related to Microsoft 365. These modules are primarily used as self-paced study resources for developers preparing to take the MS-600 exam , the only prerequisite to achieve the Microsoft 365 Certified: Teams Application Developer Associate certification. This is one of those modules.

Role-based access control (RBAC) is a popular mechanism to enforce authorization in applications. The administrator assigns roles to different users and groups to control who can access to what content and functionality. Using RBAC with Application Roles and Role Claims, developers can securely enforce authorization in their apps with little effort on their part. Another approach is to use Microsoft Entra ID Groups and Group Claims.

In this module, you’ll learn how to use both Microsoft Entra ID Groups and Application Roles to provide fine grained access control to an application.

Learning objectives

  1. Create a custom ASP.NET web app that is secured with Microsoft identity
  2. Demonstrate how to obtain security groups as a claim in the token and use them in the app
  3. Demonstrate how to use app roles to grant users access to an app
Andrew Connell
Developer & Chief Course Artisan, Voitanos LLC. | Microsoft MVP
Written by Andrew Connell

Andrew Connell is a web & cloud developer with a focus on Microsoft Azure & Microsoft 365. He’s received Microsoft’s MVP award every year since 2005 and has helped thousands of developers through the various courses he’s authored & taught. Andrew’s the founder of Voitanos and is dedicated to helping you be the best Microsoft 365 web & cloud developer. He lives with his wife & two kids in Florida.