In this article, I would like to share the steps to register an app in the Azure Active Directory.
Purpose of app registration
- It is used to integrate the application and service with Azure AD.
- Using Azure App, we can generate the token to authenticate the application.
- If we want to use the Azure AD capabilities, we must register the app.
- After we register the app, we can get the “Client ID, Secret key”.
Steps to register the new application in Azure AD
Follow the below-listed steps to register the application.
Step 1. Log into the Azure portal using your Azure account.
Step 2. Select Azure Active Directory from the left navigation.
![Azure active]()
Step 3. On the “Default directory” page, select the “App registrations” from the left panel, as shown below.
![Default directory]()
Step 4. From the App Registration pane, click the NewApplication Registration option.
![users]()
Step 5. On the "Create" pane, type in the following information and then click the "Create" button.
| Field |
Description |
Sample |
| Name |
Name for the new application. Type in the desired application name. |
GraphConnectorApp |
| Application type |
Leave as Web app/API |
Web app/API |
| Sign in URL |
Login URL. (To get the data from Graph API, we do not need to provide the proper login URL. Just give the office URL) |
https://office.com |
![Graphconnector]()
Step 6. Once the application is created, edit the manifest file and change the value of the oauth2AllowImplicitFlow parameter to true.
![Edit manifest]()
Before
![Options]()
After
Step 7. Save the changes first and then click X to close the pane.
![Save]()
Step 8. Then, we need to add the permissions. From the Registered App pane, click the "Settings" option.
![ConnectorApp]()
Step 9. From the Settings pane, click the "Required Permissions" option.
![Settings]()
Step 10. Now, click on + Add, then choose “Select API”.
![Permissions]()
![API]()
I’ve planned to use the new app for Graph API so I’ve selected Microsoft Graph. As per your need, you can select a different API.
![Graph API]()
Step 11. From the "Enable Access" pane, place a check in the checkbox in front of the following permissions from the Application Permissions and Delegated Permissions sections. Then, click the "Select" button.
Application Permissions
![Usage reports]()
![Directory Data]()
![Read item]()
Delegated Permissions
![Delegated permissions]()
Save the permissions
![Enable Access]()
Step 12. From the Add API Access pane, verify the count of roles and scope. Then click the Done button.
![Window Azure]()
Step 13. On the Required Permissions pane, click the "Grant Permissions" option.
Note: Only Azure directory admin is able to do this.
![Reply URLs]()
![Add]()
Finally, you have granted permission to the Azure app.
![Applications]()
Generate Secret key
Step 1. From the Azure Active Directory Admin Centre, open the created application and click the Settings option.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations > select the created application name.
Step 2. From the Settings pane, click the Keys option.
![Keys]()
Step 3. From the Keys pane, type in the following information and then click the "Save" button.
| Field |
Description |
Example |
| Description |
Name for the key. Type in a descriptive name. |
Secret Key |
| Expires On |
Select the Never Expire option. |
Never expire |
| Value |
You will get the key when you click on the save |
|
Step 4. From the Keys pane, copy the encoded key value. This key value cannot be retrieved after leaving this page. This encoded key value is the Client Secret Key that will be a part of the authentication credential.
![Passwords]()
Then, close the key pane.
Steps to get the Tenant ID
Step 1. From the Azure Active Directory Admin Center, navigate to the App Registrations pane.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations.
Step 2. From the App Registrations pane, click the Endpoints option.
![Endpoint]()
&;
Step 3. From the Endpoints pane, click on the copy icon next to the OAuth 2.0 Token Endpoint option and save the value.
![AD graph]()
From the copied endpoint URL, copy the value between microsoftonline.com/ ….and / oauth2/token. This is the Tenant ID that will be part of the authentication credential.
Get the Client ID
Step 1. From the Azure Active Directory Admin Center, open the created application and click the Settings option.
Log into https://aad.portal.azure.com/ > Azure Active Directory > App Registrations > select the created application name.
Step 2. From the Settings pane, copy the Application ID value. This is the Client ID that will be part of the authentication credential.
![Web app]()
Summary
In this article, we have explored how to register an app in the Azure active directory. We also saw that we need a client ID, secret key, and Tenant ID to generate the OAuth token for Graph API.
Happy learning.