Forum Discussion

Copper Contributor

Nov 19, 2024

Adding users to an AD group with Azure Functions/Logic Apps

I want to add users to an Entra ID/Azure AD group. The list of users will be retrieved from a REST API call with Azure Functions, and then saved into a database, probably Azure SQL. I'm planning on t...

MVP

Nov 20, 2024

Referring this:

Azure function:

[FunctionName("GetUsersFromAPI")]

public static async Task<IActionResult> Run( [HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,

ILogger log)

{

// Call REST API and get user data

var users = await GetUsersFromAPI();

// Save users to Azure SQL Database await SaveUsersToDatabase(users); return new OkResult();

}

Adding Users to Azure AD Group from SQL:

-- Add user to Azure AD group

EXEC sp_addrolemember 'db_datareader', 'email address removed for privacy reasons';

Create and utilize Microsoft Entra server logins - Azure SQL Database & Azure SQL Managed Instance & Azure Synapse Analytics | Microsoft Learn

Set up Microsoft Entra authentication for SQL Server - SQL Server | Microsoft Learn

LainRobertson

Silver Contributor

Nov 20, 2024

The following is incorrect:

-- Add user to Azure AD group
EXEC sp_addrolemember 'db_datareader', 'email address removed for privacy reasons';

sp_addrolemember adds a server login or database user to a database role.

It does not add a user to an external directory services (be that Active Directory or Azure Active Directory) group - which to answer your question, tjson , is not directly possible from SQL itself.

Cheers,
Lain

Forum Discussion

Adding users to an AD group with Azure Functions/Logic Apps

Share

Resources