Application Role Attributes
If you want to configure filters for Application Roles, you need to add the following attribute to the application Debug page:
<entry key="spnAppRoleFilter" value="servicePrincipalType eq 'Application'"/>
Enter filter statements to ensure that only the correct Application roles are included in the group aggregation. The default filter is servicePrincipalType eq 'Application'
Object Type - applicationRole
Schema Attribute Name |
Type |
Description |
---|---|---|
id |
String |
This is the unique identifier for Application Role. This is the nativeIdentity attribute. This id is a concatenation of: resourceId:appRoleId Where, For example, |
displayName |
String |
This is the display name of the Application Role. Just like id, displayName is a concatenation of: resource-DisplayName: appRole-DisplayName For example, if an SPN with displayName TestSPN, has an appRole defined with name Engineer, then the displayName for appRole after concatenation would be TestSPN:Engineer |
spn_description |
String |
This is the description for the SPN. |
appRole_description |
String |
This is the description for the appRole. |
allowedMemberTypes |
String Multi |
Displays the types of members that this role can be assigned to. For example, |
isEnabled |
boolean |
Displays whether the appRoles is enabled or disabled. |
value |
String |
|