Dev Portal User groups auto assigned by domain

[LCKeith]

Hi all,

We currently are in the early phases of API Mgmt adoption. Right now, we're managing our Dev Portal manually and assigning roles by hand. It would be great if we could assign a group to a domain based on AD sign in.

We're already using AAD and AAD B2C for identity, but it doesn't seem like there's a way to specify that anyone in the AAD domain is put into one group and anyone using AAD B2C is put into another group.

Right now, it looks like there's only the default "Developer" group that everyone is put into, but some of our APIs/Products are only for internal users (testing, non-public data, etc.)

I'd love to have more granular control for both internal and external user groups for the portal.

Thoughts? It's also totally possible that we're completely not following the recommended pattern.

Thanks.

[mikebudzynski]

Thanks for opening the feature request, @LCKeith - it does make sense to automatically assign users to groups based on the identity provider or claims. At this moment, API Management doesn't offer this functionality.

[aarsan]

Just checking in here to see if this ever made it on the road map. Thanks.

[mikebudzynski]

Just checking in here to see if this ever made it on the road map. Thanks.

This feature isn't on the immediate roadmap. However, you can subscribe to Event Grid events to automate assignment of new users to specific groups: https://docs.microsoft.com/en-us/azure/api-management/how-to-event-grid