Setting up Groups and Roles
- robert.crooks
Analytics
Note: this is an optional step that assumes you have already set up ZEN Master as a registered app on Azure.
You can define management groups and roles for ZEN Master users in ZEN Master and replicate them in Azure. Group and role information for a user will be communicated to ZEN Master when the user signs in through Azure SSO. You can also enable syncing so that updates made in Azure will be reflected in ZEN Master.
Creating Groups in ZEN Master
If you will only have a few users in ZEN Master, you may not want to bother creating a group. However, groups make it easier to assign roles to multiple people and to keep track of users. With the group syncing feature, it will also allow you to add or remove users in Azure and have your changes reflected automatically in ZEN Master.
To create groups in ZEN Master, you must have admin permissions. Then follow the steps below.
Next, click on + Add:
Add a Name for the group in the Create New User Group screen.
You can also add a description, users, and roles if you like, or add those later.
Click Save.
Creating Roles in ZEN Master
Creating roles, like groups, is also optional, but allows you to manage the specific actions that users are allowed to perform in ZEN Master. You can also have user roles and groups sent from Azure to ZEN Master when a user signs in, and that way you can make changes to user roles on in Azure, and they will be reflected in ZEN Master.
You must be an admin in ZEN Master to create roles - use the following steps.
In ZEN Master, mouse over the Account Management icon to reveal the dropdown menu and select Roles:
Click + Add to create a new role.
Add the required Name and select a Tag:
Because of the way it will be used in Azure, the Name must not contain spaces.
In the different categories under Permissions, select the permissions that users in this role should have:
Assign the role to Users, Groups, or both as needed
Click Save.
Permissions, Users, and Groups can be modified at any time by selecting the role in list of roles and clicking Edit.
Creating Roles in Azure
Roles can be assigned to groups or individual users in Azure. For the purposes of using ZEN Master, unless you just have a few users, you will probably want to define user groups and assign roles to the groups.
For registered apps such as ZEN Master you will need to go to the ZEN Master page in the App registrations section and creat App Roles. See Add app roles to your application and receive them in the token for details.
You will want to create an App Role in Azure for each role that you created in ZEN Master and the value for the app role must match the name of the role in ZEN Master.
Creating Management Groups in Azure
You can create groups in Azure allow you specify a group of users with the same roles, rather than having to assign roles one-by-one. If you created a group for your users in ZEN Master, you will want to create a group with the same name in Azure to allow the group information to be passed to ZEN Master and keep the groups in sync.
See Add app roles to your application and receive them in the token for details.