I hope you must have enjoyed our last article about How to create a communication site using PowerShell.
In this article, we will see how we can register our application in the Azure portal and grant him access so that we could use the app to access Graph API or Office 365 management API. We will cover up following things
- Register your app in the Azure portal.
- Configure permissions for Microsoft Graph on your app.
Please follow the below steps to register your app in the Azure portal
- Go to the app registration. You can use work or school Microsoft account to access this for free\
- Click on the New Registration then the following screen will pop up
3. Write your preferred application name and select the account type as a single tenant.
4. Then enter Redirect URI this could be any for example “https://appname.com/auth”
5. Then click on register.
Your app will be registered successfully in the Azure portal. Now you need to note down the Client ID, Tenant ID
Go to the overview section of your newly created app and note down the details highlighted below
Now we will configure permissions for Microsoft Graph on your app.
There are two types of permission for the app
1. Delegated permissions are used by apps that have a signed-in user present. For these apps, either the user or an administrator consents to the permissions that the app requests and the app is delegated permission to act as the signed-in user when making calls to the target resource. Some delegated permissions can be consented to by non-administrative users, but some higher-privileged permissions require administrator consent.
2. Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
To configure application permissions for your app in the Azure app registrations portal: under an application’s API permissions page, choose to Add permission, select Microsoft Graph, and then choose the permissions your app requires under Application permissions.
The next steps will be to generate the client secret and granting admin consent to your app permissions which will be explained in upcoming posts.