Versions Compared

Old Version 7

changes.mady.by.user Steinar Line

Saved on

compared with

New Version 8

changes.mady.by.user Steinar Line

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The manifest appRoles section before modification:

Code Block
"appRoles": [
    {
        "allowedMemberTypes": [
            "User"
        ],
        "description": "msiam_access",
        "displayName": "msiam_access",
        "id": "UUID_DO_NOT_CHANGE",
        "isEnabled": true,
        "lang": null,
        "origin": "Application",
        "value": null
    }
],

And after adding a "jira-software-users" and "jira-administrators" application roles:

Code Block
"appRoles": [
    {
        "allowedMemberTypes": [
            "User"
        ],
        "description": "msiam_access",
        "displayName": "msiam_access",
        "id": "UUID_DO_NOT_CHANGE",
        "isEnabled": true,
        "lang": null,
        "origin": "Application",
        "value": null
    },  /* <-- ADD COMMA AND COPY THE TWO BLOCKS BELOW INTO YOUR OWN JSON FILE AND CREATE TWO UNIQUE GUID VALUES */
    {
        "allowedMemberTypes": [
            "User"
        ],
        "description": "jira-software-users",
        "displayName": "jira-software-users",
        "id": "<NEW GENERATED UUID>",
        "isEnabled": true,
        "lang": null,
        "value": "jira-software-users"
    },
    {
        "allowedMemberTypes": [
            "User"
        ],
        "description": "jira-administrators",
        "displayName": "jira-administrators",
        "id": "<NEW GENERATED UUID>",
        "isEnabled": true,
        "lang": null,
        "value": "jira-administrators"
    }
],

Also note the value field is the actual claim value AAD will include in the SAML Response, so it cannot be null or the application role will essentially be useless. You may, of course, add any number of appRoles as your desired permission model requires.

...