Managing Roles

This article explains how to grant privileges to Entra ID users by assigning Application Roles for the XplicitTrust Network Access Entra ID Enterprise Application.

Application Roles

The Entra ID enterprise application XplicitTrust Network Access defines two roles:

• The Management.User role grants the user the right to log in with the XplicitTrust Network Access Agent and access Assets according to the configured Policies.
• The Management.Admin role grants the user the right to log in with the XplicitTrust Network Access Management Console.

Assign an Application Role

To assign an Application Role to Users and Groups in MS Entra ID:

1. Login to MS Entra ID
   • Visit https://entra.microsoft.com
   • Navigate to Identity / Applications / Enterprise applications
2. Navigate to the XplicitTrust Network Access Enterprise Application
   • In the side menu click Enterprise applications
   • Search for XplicitTrust Network Access and click on the table entry
3. Assign the XplicitTrust Network Access Management.Admin or the Management.User Application Role
   • In the side menu click Users and groups
   • Click + Add user/group
     
     
     
     
   • Under Users or Groups click None Selected
     
     
     
     
   • Select the users/groups you want to grant admin access and click Select
     
     
     
     
   • Under Select a role click None Selected, select the role Management.Admin or Management.User, and click Select
     
     
     
     
   • Click Assign