Api Access

Welcome to Api Access documentation for AZExecute. This guide provides detailed information on how to assign roles and manage access for the Api.

Give Api permissions

Your AZExecute Api access is restricted by default. You can give access to the Api from the System Settings menu, or directly from the Azure portal.

Users, groups and service principals from your tenant can get access to the Api. When you have assigned a role for any type of principal, that entity can begin authorizing against the AZExecute Api.

Api Access Roles

Choose a role and select a principal to give Api access.

Just as in the Azure Portal this requires the logged in user to have permissions to do this. Application Administrator would for instance be able to.

Add Api Access Role

Assigning Users and Groups in Azure

API access is granted through app role assignments on the AZExecute API Enterprise Application. The System Settings page writes the same Entra ID assignments that you can manage manually from the Azure portal.

For users, the API also enriches tokens with the user's tenant role stored in AZExecute. For service principals, assign the required API app role directly so the role appears in the access token.

To assign users and groups access to AZExecute, navigate to the Azure portal and select the Enterprise Application. From there, go to the "Users and groups" section.

Enterprise Application Properties Assign Users and Groups in Azure

Provide specific users and groups with the necessary roles to access the application. This step is crucial for managing who can access and administer AZExecute.

If you encounter any issues or need further assistance, please contact us at

info@azexecute.com

. Our support team is here to help you.

Need help with setup or troubleshooting? Contact us at info@azexecute.com and include your tenant and page context.

An unhandled error has occurred. Reload 🗙
An unhandled error has occurred. Reload 🗙