This procedure is used with Azure AD-based Single Sign-On. It is called each time a user logs in and serves to customize the user's account and permissions.
You are allowed to call
SoftadminApi.User_InsertUpdate if you need to modify the user but you must not change the username or disable the user.
You will find the user's group memberships and role memberships in temp tables with ids.
CREATE TABLE #AzureAdGroup ( AzureAdGroupId uniqueidentifier ) CREATE TABLE #AzureAppRole ( AzureAppRoleId uniqueidentifier )