Authorization with Azure AD roles in Django

Good evening experts,

I am trying to apply authorization with Azure AD roles in my Django web app. What I have so far:

  • I created a user in Azure AD (which works with SAML in my Django web app so the authentication works fine) and I assigned a role to it
  • I have a Django web app which uses djangosaml2 to perform SSO

I added the following attribute mapping:

'http://schemas.microsoft.com/ws/2008/06/identity/claims/role': ('user_permissions')

I cannot see the assigned role in the SAML response. I added the attribute mappping above to the djangosaml2 config so I thought I can instruct Azure AD to add the roles to the SAML response but obviously it doesn't work.

How can I make Azure AD to work with Django (or any other web app framework) to perform the authorization (what I mean is that I'd like to see the assigned roles in the SAML response so the Django user will have this role as permission)?

I'd appreciate any help please! Thanks!

You must create an App registration and/or give those permissions to your App Registration

Follow this documentation https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles

Back to Top