In this video, learn how to register a web application in Azure AD for authentication purposes.
- [Instructor] Now, before we can start writing authentication code in our project, we first need to inform Azure AD about our application. That means registering our application in Azure AD. So I went ahead and logged in to my Office 365 tenancy and went to the Azure AD section. And from there, I was able to access Azure Active Directory, App registrations.
Now, from here, I can go ahead and perform a new application registration. Registering an application is the equivalent of telling Azure AD that you have an application entrusted in being authenticated or accepting services, like authentication, from this Azure AD tenancy. So I'm going to click on New application registration. And let's give it a name. I'm going to call it MyWebApp.
This'll be a web application kind of registration, and the sign-on URL will be the HTTPS URL of my Visual Studio project. So let's go ahead and grab that. So select the project. And in project settings, under SSL URL, copy paste the HTTPS URL, and bring it back into Azure AD and go ahead and paste it here. Go ahead and click the Create button to finish this registration.
Now, once this registration has been performed, we need to grab some values out of here, and we need to update our Visual Studio project with those values. Specifically, the one value that I'm really interested in is the Application ID. So I'm going copy that, and I'm going to put that in my clipboard. So let's go ahead and run Notepad and take a note of this. So the AppId, sometimes we also call it ClientID, so I'll just write ClientID is this long GUID.
Application URL is local host 44303. So let's go ahead and put that here as well. And rest of the settings, we don't need them for this particular example. So now let's head back to Visual Studio, and I'm going to modify the Web.config of my project so we can access these settings.
Specifically, I need to add four different app key settings. So let's go ahead and place them here. The ClientId, as you may have guessed, is this GUID that I got from my application registration. So let's go ahead and copy that and put that in my Web.config. The next entry you see is the Azure AD instance I will authenticate against, and that is generally login.microsoftonline.com/ we're going to prefix the tenant here.
Now, mostly this value is going to be exactly like what you see here. But if you're, say, in China or if you're in some reserved government instance of Office 365, potentially this value could be different. But for 99% of commercial installations, this value will be the same. The next value you see in line 15 is the tenant. Now, this tenant, in my case, mrdeveloper.onmicrosoft.com, well, that's my tenant.
So make sure you put your tenant in there. And the PostLogoutRedirectUri is the URL of my application. So let's go ahead and place that in here as well. Now my application is registered. The Web.config is updated. We're ready to start writing some authentication code.
- What is Microsoft Graph?
- Registering a web application in Azure AD
- Adding authentication logic and authentication UI
- Native applications calling Graph
- Reviewing scenarios where web apps involving Graph are useful
- Web applications with application identity and delegated identity calling Graph
- Daemons calling Graph