none
Provisioning In The AzureAD RRS feed

  • 質問

  • Unassigned group / user information does not disappear from the application.

    Things I did are below:

    1.Provision with application.
    2.Assign a group having user information.
    3.Unassign the group.

    At this time, even after the initial cycle and the incremental cycle, the group information did not disappear from the application side, and there was no group information in the audit log.

    I want to know how to delete the information of unassigned groups and users from the application side.


    2020年1月30日 8:07

すべての返信

  • Hi, SkywalkerCJ.
    Sorry for the late reply.


    I do not know Azure, sorry if you make a mistake. It may be the following page.

    Remove a user or group assignment from an enterprise app in Azure Active Directory
    https://docs.microsoft.com/ja-jp/azure/active-directory/manage-apps/remove-user-or-group-access-portal
    ※This is Japanese langage page. if you want to read English, please click to "英語で読む".
    It changes from Japanese to English.

    Sorry to trouble you, but if there is no response as it is, please ask a question at the following site (ja-jp to en-us).
    https://social.msdn.microsoft.com/Forums/en-US/home?category=windowsazureplatform
    2020年2月1日 13:00
  • Hi, SkywalkerCJ.
    Thanks for posting on MSDN forum.

    It seems that you are concern about app still keep the user's groups after groups are not assigned to that user . 

    In your application(for example , web application ) , if user login with AAD , AAD will issue tokens to your application , your application will decode token , and get the claims(user's information) and write to cookie , so that your application will keep the user's information among http requests . If user is not assigned to groups in azure , that won't affect the cookie which pass between your browser and your web application  . You need to logout user and login again which will update user's groups information from Azure AD .

    As a workaround ,  you can confirm again user's groups using Microsoft Graph if you want to authorize user based on groups .

    If I misunderstand you requirement , please feel free to let me know .

    MSDN/ TechNet Community Support Haruka
    ~参考になった投稿には「回答としてマーク」をご設定ください。なかった場合は「回答としてマークされていない」も設定できます。同じ問題で後から参照した方が、情報を見つけやすくなりますので、 ご協力くださいますようお願いいたします。また、MSDNサポートに賛辞や苦情がある場合は、MSDNFSF@microsoft.comまでお気軽にお問い合わせください。~

    2020年2月10日 8:42
    モデレータ