Registration updating dating one of the guys
They may also need to access web APIs such as the Microsoft Graph API (to access Azure Active Directory, Intune, and services in Office 365) and other Microsoft services' APIs, in addition to your own web APIs.The framework is based on a user or an administrator giving consent to an application that asks to be registered in their directory, which may involve accessing directory data.The Microsoft Graph API provides access to data in Office 365 (like calendars and messages from Exchange, sites and lists from Share Point, documents from One Drive, notebooks from One Note, tasks from Planner, workbooks from Excel, etc.), as well as users and groups from Azure AD and other data objects from more Microsoft cloud services.The consent framework is built on OAuth 2.0 and its various flows, such as authorization code grant and client credentials grant, using public or confidential clients.The article contains complete reference information on the Application entity members used to specify permissions for your API, including: For more information on application manifest concepts in general, see Understanding the Azure Active Directory application manifest.As mentioned earlier, in addition to exposing/accessing APIs for your own applications, you can register your client application to access APIs exposed by Microsoft resources.By using OAuth 2.0, Azure AD makes it possible to build many different types of client applications, such as on a phone, tablet, server, or a web application, and gain access to the required resources.
The following steps show you how the consent experience works for both the application developer and user.In order for a web/confidential client application to be able to participate in an authorization grant flow that requires authentication (and obtain an access token), it must establish secure credentials.The default authentication method supported by the Azure portal is Client ID secret key.For example, if a web client application needs to read calendar information about the user from Office 365, that user is required to consent to the client application first.After consent is given, the client application will be able to call the Microsoft Graph API on behalf of the user, and use the calendar information as needed.
This registration process involves giving Azure AD details about your application, such as the URL where it’s located, the URL to send replies after a user is authenticated, the URI that identifies the app, and so on.