Mojn!
I just managed to figure out how to properly setup the OpenID auth towards azure. It seems, that out of the box, anyone allowed to use the Azure enterprise app, can also just access the admin page.
The docs doesn’t cover how one would go about restricting these users to this page, or those users to that page.
Product: PowerShell Universal
Version: 2.1.0
We don’t have a way to restrict users to a specific page in the admin console. You can restrict what they can do with the built in roles but not what they can see.
So, all users that can access the dashboards, can also access the admin page?
I tried with an account with “reader” role, and still has the ability to delete and create dashboards.
If you want to prevent someone accessing the admin page and only seeing dashboards, you should create a custom role and assign that to the dashboard. They won’t have any access to the admin console but will have access to the dashboard.
In terms of deleting\creating dashboards as reader, they must have another role assigned. The higher level role will win out.
Thanks! that makes sense.