Entra ID Group Creation
A Microsoft Entra Id Group should be used to control user access to Zeaware CDP. A separate group should be used to control user access for each environment.
To create a group follow these steps:
- Open the Azure Portal and navigate to Microsoft Entra ID
- Select “Groups” from the sidebar menu
- Click “New Group”
- Choose “Security Group”
- Enter a name for the group. This should be inline with your organization standards
- Enter a group description, something similar to “Zeaware CDP user group”
- Set “Microsoft Entra roles can be assigned to the group” to “Yes”
Assign application role to group
To assign the application role to the group, follow these steps:
- Open the Azure Portal and navigate to Microsoft Entra ID
- Choose “Enterprise Applications” from the sidebar menu
- Change the “Application Type “ to “All Applications”
- Find the Application Registration you created in a prior step and navigate to the details page.
- Select “Users and groups” in the sidebar menu.
- Click “Add user/group”
- Choose the Group you created above.
- Now click the “None Selected” button under roles which will display the application roles. Choose the “zeaware-cdp-users” role and click “Select”
- Click ”Assign”
Users who are added to the group will inherit the application role allowing them to access the Zeaware CDP application.
Group Membership
You can now control access to the Zeaware CDP application by adding and remove users to the group as required.
Please note that group membership will only control access the Zeaware CDP portal itself, permissions in Zeaware CDP are controlled in the application by a Zeaware CDP admin user.