Skip to main content

App Registration

The prerequisite for accessing the Microsoft Graph API is an Azure application.

Creating the application is also a prerequisite for running the setup.

The following values are required to run the Azure Service Connector setup:

  • Application ID
  • Tenant ID
  • Client Secret

app-registration-14a.png

The following steps describe how to perform the App Registration and generate the Client Secret.

Performing App Registration in Azure

Further information

  1. The first step is to register a new app.
    app-registration-1.png

  2. For this, a name must be assigned, for example Azure Service Connector, and the creation must be confirmed with OK.

    app-registration-2.png

Add API permissions

Further information

  1. The following permissions are required to access the Microsoft Graph API:

    • User Read All
    • Group Read All
    • Directory Read All
    • Organization Read All


    On the API Permissions page the required permissions are added.

    app-registration-3.png

  2. In the next dialog, select Microsoft Graph from the Microsoft APIs tab.

    app-registration-4.png

  3. The access should be in the context of the Azure Service Connector App.
    app-registration-5.png

  4. User permissions: Read All

    app-registration-6.png

  5. Group permissions: Read All

    app-registration-8.png

  6. Directory permissions: Read All

    app-registration-9.png

  7. Organization permissions: Read All

    app-registration-7.png

  8. Device Management Configuration: Read All

    app-registration-7a.png

  9. Device Management Managed Devices: Read All

    app-registration-7c.png

  10. Device Management Service Config: Read All

    app-registration-7b.png

Generate Client Secret

Additional Information

A client secret is sensitive security information.

The Client Secret is only visible in plain text when it is created, so a copy should be created for further configuration.

  1. To create a client secret, select Add Certificate or secret in the Azure Service Connector App Overview under the Client Credentials item.

    app-registration-10a.png

  2. In the Client secret tab, a new client secret can be generated at any time.

    app-registration-11.png
  3. A validity period must be specified during creation and a description can be added.

    If several different instances/installations are used to access the Microsoft Graph API, it is recommended to use a separate client secret for each instance/installation.


    app-registration-12.png

  4. The Client Secret is only visible in clear text when it is created, so a copy should be created for further configuration.
    app-registration-13a.png