Azure AD offers quite useful features to manage accessibilities for your applications. I believe most Azure developers has already utilized user groups to assign privilege easily, but I guess many people don’t know “Dynamic User” user group. This user group enable to authorize users with user account attributes.
Let's setup to manage accessibilities with job title by using Dynamic User group. Here are accounts which are verified by the group.
How to create Dynamic User group
Let’s go to Azure Portal, choose Azure Active Directory, and click to “New Group” at first .
You can choose “Dynamic User” as membership type like below.
Click “Add dynamic query” to setup query to authorize users. This sample authorize users who contain “Principal” for their job title. It’s also possible to create complex queries to meet your business requirements.
Click “Validate Rules (Preview)” like below. You can confirm your queries will works well or not.
