Today one more interesting topic to discuss 🙂
In this article we will discuss the detailed steps for creating / registering new app from Azure Active Directory
Background: Recently got a chance to use Graph API for getting Office 365 Group Admins. We have use case to check whether our Office 365 group has more than two owners or not. We have console application and using CSOM to get the group owners. To use the GRAPH APIs, authentication and authorization mechanism is bit different. We need to use the Azure AD.
So, to access Microsoft GRPAH APIs we need to create the new Azure App and need to give the permissions to respective APIs to access the respective data. Here, in our case to access O365 groups we have following high level steps:
- Register / Create new Azure App from “Azure Active Directory” center
- Get the APPID and Client Secret Key
- Give the permission to access o365 Group owners to our newly created app to access GRAPH APIs
- Generate the authentication token in our program
- Use authentication token to use the GRAPH APIs
In this article we will go in details for two points – Register / Create new Azure App from “Azure Active Directory” center and generating new client secret key. We will have detailed steps as below.
Steps to Register / Create Azure App:
- Login to SharePoint Admin site – https://<mytenant>-admin.sharepoint.com here in my case – https://knowledgejunction-admin.sharepoint.com
- Go to the “Azure Active Directory” center as shown in below snap
Figure 1: Office 365 – Admin Center
3. We will be redirected to “Azure Active Directory admin center” as
Figure 2: Azure Active Directory admin center
4. Click on “Azure Active Directory” option from left side as
Figure 3:Azure Active Directory admin center – Azure Active Directory >> App registrations
5. Click on “App registrations” from left side as mentioned in above figure3 , “App registration” dashboard will appear as
Figure 4: Azure Active Directory admin center – “+ New application registration” option
6. Click on “+ New application registration” link from the top as shown in above figure.
New app registration screen will appear as shown in below screen as
Figure 5:Azure Active Directory admin center: Creating App
Enter following details:
Name – KnowledgeJunctionAzureApp
Application type – Web app / API
Sign-on URL – http://knowledgejunction.com
7. Click on “Create” button at bottom on the page.
Make sure that we have success message appeared and we are on following screen:
Figure 6:Azure Active Directory admin center-Registered app
From here important point to note is Application ID as shown in above figure. We will also get the APPID from the URL as well – https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ApplicationBlade/appId/3bd4d474-78ac-41f2-81cf-f6ffe3436f5e/objectId/1f24a919-e959-45a5-ae85-de8f2db253c1
Also, we will require client secret key, we will generate new client secret key as follows:
1. From above figure 6, click on “Settings” icon, Settings pane will open as shown in below figure
Figure 7:Azure Active Directory admin center – Azure App >> Settings icon
2. On “Settings” pane there is “Keys” option as shown in above figure 8. Click on “Keys” and Keys pane will open as
Figure 8: Azure Active Directory admin center – Azure App >> Settings >> Keys >> Generating Client Secret Key
3. Give the name under “DESCRIPTION” column and select “EXPIRES” option as “Never expires” as shown in above figure 8. Click on “Save” option on the top.
Figure 9: Azure Active Directory admin center – Azure App >> Settings >> Keys >> New Client Secret Key generated
Once new client secret key is generated, please copy it. See the warning in top brown bar. Once we left this pane, we don’t have any option to get this key. We need to create new again.
Thanks for reading 🙂
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more. If you have any suggestion / feedback / doubt, you are most welcome.
Stay tuned on Knowledge-Junction, will come up with more such articles