Skip to main content

entra app role add

Adds role to the specified Entra app registration

Usage

m365 entra app role add [options]

Alias

m365 entra appregistration role add [options]

Options

--appId [appId]

Application (client) ID of the Entra application registration to which to add the role. Specify either appId, appObjectId or appName

--appObjectId [appObjectId]

Object ID of the Entra application registration to which to add the role. Specify either appId, appObjectId or appName

--appName [appName]

Name of the Entra application registration to which to add the role. Specify either appId, appObjectId or appName

-n, --name <name>

Name of the role to add

-d, --description <description>

Description of the role to add

-m, --allowedMembers <allowedMembers>

Types of members that can be added to the group. Allowed values: usersGroups, applications, both

-c, --claim <claim>

Claim value

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See http://jmespath.org/ for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.

--verbose

Runs command with verbose logging.

--debug

Runs command with debug logging.

Remarks

For best performance use the appObjectId option to reference the Entra application registration for which to add the role. If you use appId or appName, this command will first need to find the corresponding object ID for that application.

If the command finds multiple Entra application registrations with the specified app name, it will prompt you to disambiguate which app it should use, listing the discovered object IDs.

Examples

Add role to the Entra application registration specified by its object ID

m365 entra app role add --appObjectId d75be2e1-0204-4f95-857d-51a37cf40be8 --name Managers --description "Managers" --allowedMembers usersGroups --claim managers

Add role to the Entra application registration specified by its app (client) ID

m365 entra app role add --appId e75be2e1-0204-4f95-857d-51a37cf40be8 --name Managers --description "Managers" --allowedMembers usersGroups --claim managers

Add role to the Entra application registration specified by its name

m365 entra app role add --appName "My app" --name Managers --description "Managers" --allowedMembers usersGroups --claim managers

Response

The command won't return a response on success.

CTRL + M