Application Registration in Azure Active Directory

Official Content
This documentation is valid for:

When you need to authenticate to Office 365 using GAM, you will first have to create an application in Azure portal.
Following the steps explained here, you will have all the information necessary to configure the GAM OAuth 2.0 Authentication Type for using Office 365.

The steps below should be followed to create an Application within the Azure Portal:

Important note: the following screens capture can be different depending on the Azure Portal version that you are using. We recommend seeing the document Register an app with the Azure Active Directory

  1. Sign in to your Azure Account through the Azure portal.
  2. Select Azure Active Directory -> App registrations.
    image_2019222162028_1_png
  3. Select New application registration.
    image_2019222162151_1_png
    • Fill Name Application Name, Type and Sign-on URL

      image_2019222162344_1_png

      Note: The Sign-on URL is not used for the callback after the login. The URL used for that purpose should be configured in Step 5 (Reply URLs)
       
  4. Click on Settings.
    image_201922216279_1_png
  5. Select the section Reply URLs and configure accordingly (by default, you have the same URL specified in Step 3.) This URL is used for the callback. You may specify more than one if you have more than one app using the same Azure application.
    image_2019222162838_1_png
     
  6. Go through "Required Permissions" to configure at least the following permissions:

    - Microsoft Graph
    - Windows Azure Directory

    Each of them must include the following settings (access to Delegated Permissions: "Sign in and read user profile" and "Read all user's basic profiles" ).

    image_201922216487_1_png
    image_2019222165733_1_png
    So, you will have:
    image_2019222165830_1_png
  7. Configure the client secret of the application. Go through "Keys", and add a new key, whose description should be "client_secret" (with that casing). Configure the expiration and the value (it should be a valid GUID).
    image_201922217310_1_png
    Note the warning: Copy the key value. You will not be able to retrieve it after leaving this blade.
  8. Done! If needed, the Manifest with the application detail is available.

Note: You will need the Application Id (= Client Id), the client_secret, and the Reply URL for configuring the GAM OAuth 2.0 authentication type.

See Also

Register an app with the Azure Active Directory
HowTo: Authenticate to Azure Active Directory using GAM