(First thing that I'll do) Compared the (Role Definitions) Manifest file with roles defined in web.config? (Each role should have unique GUID), Have you compared those? and off course User that have access to that Application have also role 'CommerceAdmins'
this can be verified by writing a small piece of code that can verify that what epi returns for principal.IsInRole('CommerceAdmin'), Quite recently I have faced similar kind of issue when user must have to be in "SpecialRole" mapped to WebAdmins, for me correct mapping of roles fixed that.
Turns out I need to get the client to add the Administrators role in which hadn't been done, I thought as the config said WebAdmins were CommerceAdmins it would work without but I guess not. Thanks for the help anyhow
I have configured OpenID authentication to Azure AD using the guides for both the CMS and Commerce Manager on a test instance of Episerver. I have the user logging in to both of these and they are assigned to WebEditors and WebAdmins on the client AD instance (I have checked the claims coming back).
Everything is working for the user to be editor and admin in the CMS but on Commerce Manager I'm only seeing the tabs Catalog Management, Order Management and Marketing. I've checked the web.config and the roles are set up as follows
Which should me that WebAdmins are full admins? Can anyone help, is there something I've missed?