Register an App in the Azure Active Directory Oauth v1.0

There are several uses for Apps in Azure Active Directory but in the most, you are opening yourself a gateway to harness the power of an API.

Below I will walk you through the required steps in order to create an app called O365ServiceAPI. Once we have this app created you will then be able to make API calls to the Office 365 Management APIs.

Once this has been created, you will have 2 bits of information, your  Application ID or ClientID and your key, or SecretID.

In addition to the ClientID & SecretID you will require your Directory ID or TenantID and here is how to go about getting that.

Go to Azure Active Directory Admin Console at http://portal.azure.com and log in as a Global Administrator.

Click Azure Active Directory, and under Manage click Properties.

Look for Directory ID and copy it to your clipboard.

Open a new .txt file (or similar) and keep a record of this value which will refer to now as TenantID.

So we can provide a ClientID and SecretID, you’ll need to first register an App in the Azure Active Directory:

  • Click Azure Active Directory
  • Click App Registrations
  • Click the +New Application Registration button
  • Name for your App something like O365ServiceAPI
  • Select Web App / API for the Application Type since this is actually a web application
  • Enter a URL made up from your application name, such as http://O365ServiceAPI
  • Click Create at the bottom of the panel

Once the App has been created, you will now see the IDs for your App. As stated above, the Application ID is our ClientID. Copy and save that value and paste it to your .txt file.

Now click the Settings, and then Keys.

Let’s name the key APIKey then click save after choosing an expiry date. I set never expire.

Now copy the value and save it to your .txt file as SecretID.

NB: This key value will be shown to you only once. You cannot go back to this page and retrieve the SecretID again later, so you must take a note.

We now have the values we require but the app needs permissions so we will address that now.

Click Required Permissions.

  • In the Required Permissions page, click +Add then click 1 Select an API
  • Select Office 365 Management APIs and click Select
  • Click Select Permissions and then select all Application Permissions and Delegated Permissions
  • Click Save

All of the permissions for the Office 365 Management APIs require an administrator to explicitly grant these permissions to the App. This is done by entering a carefully constructed URL in the browser, logging in as an Office 365 global administrator and clicking Accept to grant the selected permissions to the App.

Enter the following URL into a new browser window:

https://login.windows.net/common/oauth2/authorize?response_type=code&resource=https%3A%2F%2Fmanage.office.com&client_id={ClientID}&redirect_uri={ReplyURL}

Note: the {ClientID} in the URL and the {ReplyURL} values in the URL must be replaced with the values configured in your App.

Note: The reply url will be https%3A%2F%2FO365ServiceAPI

Login with the Office 365 global administrator credentials

Click Accept on the following screen which appears to grant the permissions listed to your App:

You have now fully set up and have a working app.

Alan