aad app role add
Adds role to the specified Azure AD app registration
Usage
m365 aad app role add [options]
Options
--appId [appId]
Application (client) ID of the Azure AD application registration to which to add the role. Specify either
appId
,appObjectId
orappName
--appObjectId [appObjectId]
Object ID of the Azure AD application registration to which to add the role. Specify either
appId
,appObjectId
orappName
--appName [appName]
Name of the Azure AD application registration to which to add the role. Specify either
appId
,appObjectId
orappName
-n, --name <name>
Name of the role to add
-d, --description <description>
Description of the role to add
-m, --allowedMembers <allowedMembers>
Types of members that can be added to the group. Allowed values:
usersGroups
,applications
,both
-c, --claim <claim>
Claim value
-h, --help [help]
Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are
options
,examples
,remarks
,response
,full
. Default isoptions
.--query [query]
JMESPath query string. See http://jmespath.org/ for more information and examples.
-o, --output [output]
Output type.
json
,text
,csv
,md
,none
. Defaultjson
.--verbose
Runs command with verbose logging.
--debug
Runs command with debug logging.
Remarks
For best performance use the appObjectId
option to reference the Azure AD application registration for which to add the role. If you use appId
or appName
, this command will first need to find the corresponding object ID for that application.
If the command finds multiple Azure AD application registrations with the specified app name, it will prompt you to disambiguate which app it should use, listing the discovered object IDs.
Examples
Add role to the Azure AD application registration specified by its object ID
m365 aad app role add --appObjectId d75be2e1-0204-4f95-857d-51a37cf40be8 --name Managers --description "Managers" --allowedMembers usersGroups --claim managers
Add role to the Azure AD application registration specified by its app (client) ID
m365 aad app role add --appId e75be2e1-0204-4f95-857d-51a37cf40be8 --name Managers --description "Managers" --allowedMembers usersGroups --claim managers
Add role to the Azure AD application registration specified by its name
m365 aad app role add --appName "My app" --name Managers --description "Managers" --allowedMembers usersGroups --claim managers
Response
The command won't return a response on success.