In this article, I would like to share the steps to register an app in the Azure Active Directory.
Purpose of app registration
- It is used to integrate the application and service with Azure AD.
- Using Azure App, we can generate the token to authenticate the application.
- If we want to use the Azure AD capabilities, we must register the app.
- After we register the app, we can get the “Client ID, Secret key”.
Steps to register the new application in Azure AD
Follow the below-listed steps to register the application.
Log into the Azure portal using your Azure account.
URL - https://portal.azure.com/
Select Azure Active Directory from the left navigation.
On the “Default directory” page, select the “App registrations” from the left panel, as shown below.
From App Registration pane, click NewApplication Registration option.
On the "Create" pane, type in the following information and then click the "Create" button.
|Name||Name for the new application. Type in the desired application name.||GraphConnectorApp|
|Application type||Leave as Web app/API||Web app/API|
|Sign in URL||Login URL. (To get the data from Graph API, we no need to provide the proper login URL. Just give office URL)||https://office.com|
Once the application is created, edit the manifest file and change the value of oauth2AllowImplicitFlow parameter to true.
| Before|| |
| After|| |
Save the changes first and then click X to close the pane.
Then, we need to add the permissions. From Registered App pane, click the "Settings" option.
From Settings pane, click the "Required Permissions" option.
Now, click on + Add, then choose the “Select API”.
I’ve planned to use the new app for Graph API so I’ve selected Microsoft Graph. As per your need, you can select a different API.
From the "Enable Access" pane, place a check in the checkbox in front of the following permissions from the Application Permissions and Delegated Permissions sections. Then, click the "Select" button.
Save the permissions.
From Add API Access pane, verify the count of roles and scope. Then click the Done button.
On Required Permissions pane, click the "Grant Permissions" option.
Note: Only Azure directory admin is able to do this.
Finally, you have granted permission to the Azure app.
Generate Secret key
From Azure Active Directory Admin Centre, open the created application and click Settings option.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations > select the created application name
From Settings pane, click Keys option.
From Keys pane, type in the following information and then click the "Save" button.
|Description||Name for the key. Type in a descriptive name.||Secret Key|
|Expires On||Select Never expire option.||Never expire|
|Value||You will get the key when you click on the save|| |
From the Keys pane, copy the encoded key value. This key value cannot be retrieved after leaving this pane. This encoded key value is the Client Secret Key that will be a part of the authentication credential.
Then, close the key pane.
Steps to get the Tenant ID
From Azure Active Directory Admin Center, navigate to the App Registrations pane.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations
From App Registrations pane, click Endpoints option.
From Endpoints pane, click on the copy icon next to OAuth 2.0 Token Endpoint option and save the value.
From the copied endpoint URL, copy the value between
microsoftonline.com/ ….and / oauth2/token. This is the Tenant ID that will be part of the authentication credential.
Get the Client ID
From Azure Active Directory Admin Center, open the created application and click Settings option.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations > select the created application name .
From Settings pane, copy the Application ID value. This is the Client ID that will be part of the authentication credential.
In this article, we have explored how to register an app in Azure active directory. We also saw that we need client ID, secret key and Tenant ID to generate the oAuth token for Graph API.