I currently have a registered app in Azure. This app has app-defined roles. The first role I created shows in the pane but is disabled (grayed out), however, it will be assigned to a user/group upon assigning that role. I created another role today, but that role isn't showing in the pane. So the default behavior when assigning a user/group a role to the application will be to assign the first role. Does anyone know what could be limiting the roles I have defined for the application?

EDIT:

In App Role under Manage in the Application Registration. There are two roles: role.one and role.two both with user/group member access. enable app role is checked.

Enterprise Application > All Application > MyApp > Users and Groups > Add Assignment

On this screen Select a role list only role.one.

CodePudding user response：

Iniitially as soon as i created new app role i waas not able to see the new app role to assign as it is not appeared, but once i refreshed the portal after saving roles , it got reflected and could add that role.

So please try refreshing the portal or try to check the same after few minutes of app role creation.

I tested, and it is working fine for me. AFAIK It maynot be issue from Microsoft end .

First added 3 roles and assigned.

Then after sometime created 4th role and was able to assign to user or group one or more than one role

Note : Sometimes the reason can be browser cache may . Try to clear the Browers cache and logout and login again in a portal or try in incognito mode and see . If it is still the same issue please reach out to support they can better help here.

CodePudding user response：

The issue was my app role description name was Default Access, which may have conflicted with an azure pre-defined role or description. I am still not sure, but once I changed the description to "Default Role" it became available.