It provides ready to use RBAC setup so you can focus more on the functionality of your application instead of the security.

The downside is indeed the "magic code" and less fine grained control.

You're also shifting the responsability of making it robust and secure to Azure, where they probably have a dedicated security development team with much more time and expertise than me to work on it.