Setting up Groups and Roles

note this is an optional step that assumes you have already set up zen master as a registered app on azure you can define management groups and roles for zen master users in zen master and replicate them in azure group and role information for a user will be communicated to zen master when the user signs in through azure sso you can also enable syncing so that updates made in azure will be reflected in zen master creating groups in zen master if you will only have a few users in zen master, you may not want to bother creating a group however, groups make it easier to assign roles to multiple people and to keep track of users with the group syncing feature, it will also allow you to add or remove users in azure and have your changes reflected automatically in zen master to create groups in zen master, you must have admin permissions then follow the steps below in zen master, mouse over account management on the left to reveal the menu, and select user groups account management menu next, click on + add to add a new user group add user group add a name for the group in the create new user group screen you can also add a description, users, and roles if you like, or add those later by editing the group click save creating roles in zen master creating roles, like groups, is also optional, but allows you to manage the specific actions that users are allowed to perform in zen master you can also have user roles and groups sent from azure to zen master when a user signs in, and that way you can make changes to user roles on in azure, and they will be reflected in zen master you must be an admin in zen master to create roles use the following steps in zen master, mouse over the account management icon to reveal the dropdown menu and select roles click + add to create a new role add the required name and select a tag because of the way it will be used in azure, the name must not contain spaces in the different categories under permissions , select the permissions that users in this role should have assign the role to users , groups , or both as needed click save permissions, users, and groups can be modified at any time by selecting the role in list of roles and clicking edit creating roles in azure roles can be assigned to groups or individual users in azure for the purposes of using zen master, unless you just have a few users, you will probably want to define user groups and assign roles to the groups for registered apps such as zen master you will need to go to the zen master page in the app registrations section and creat app roles see add app roles to your application and receive them in the token https //learn microsoft com/en us/entra/identity platform/howto add app roles in apps#assign users and groups to roles for details you will want to create an app role in azure for each role that you created in zen master and the value for the app role must match the name of the role in zen master creating management groups in azure you can create groups in azure allow you specify a group of users with the same roles, rather than having to assign roles one by one if you created a group for your users in zen master, you will want to create a group with the same name in azure to allow the group information to be passed to zen master and keep the groups in sync the group in azure must have the same name as the zen master group, and have the appropriate roles added to it see add app roles to your application and receive them in the token https //learn microsoft com/en us/entra/identity platform/howto add app roles in apps#assign users and groups to roles for details