Application objects describe the application to Azure AD and can be considered the definition of the application, allowing the service to know how to issue tokens to the application based on its settings.
The application object may include any of the following:
- Name, logo, and publisher
- Redirect URIs
- Secrets (symmetric and/or asymmetric keys used to authenticate the application)
- API dependencies (OAuth)
- Published APIs/resources/scopes (OAuth)
- App roles (RBAC)
- SSO metadata and configuration
- User provisioning metadata and configuration
- Proxy metadata and configuration
- and so on….
More and more applications are consuming information in Azure. An Azure AD application is required for these applications or for scripts that you have created by yourself.
Create Azure AD Application with Azure Portal
To register an Application in Azure AD go to https://portal.azure.com
- Search for “Azure Active Directory”:
2. In the menu on the left you’ll find “App registrations”.
3. Now you can create an App registration by clicking on “New registration”
4. You have to enter a name for the new Application. Then click on “Register”
5. The Azure AD Application is created and you receive the first two important IDs:
- Application ID (also known as Client ID)
- Directory ID (also known as Tenant ID)
Please take a note of these two IDs.
6. In the next step we will generate the password for our application.
In a future article, I’ll discuss certificate-based authentication. But for now we use Password based auth.
7. You have to enter a name for your secret and the validity period.
8. You’ll receive your Secret. But be careful. The password is only displayed when it is created – not afterwards
So please take a note of the Secret Value.
9. So. For now you have created your application. What is still missing now are the permissions.
You can set the reuqired application permissions when you click on “API Permissions”
Each application needs its own permissions. You have to ask your Applikation Dealer what exact permission you have to give.
Create Azure AD Application with PowerShell
1. Install AZ Module from PSGallery
Install-Module Az
2. Connect to Azure AD
Connect-AzureAD
When you have successfully connected to AzureAD, you will receive the first important ID – the TenantID
3. Create Azure AD Application
New-AzureADApplication -DisplayName "My new application"
Yeah.. the second important ID – the AppID
4. Add Application Secret to your Appliation
$appID = (Get-AzureADApplication -SearchString "My new application").ObjectID
New-AzureADApplicationPasswordCredential -ObjectId $appID
And finally we have the Secret for the application.
Schreibe einen Kommentar