{
	"id": "e0700c09-afe9-454a-a0e3-a40085a188e9",
	"created_at": "2026-04-06T00:06:40.416479Z",
	"updated_at": "2026-04-10T13:12:37.556738Z",
	"deleted_at": null,
	"sha1_hash": "594860c65805e645a7ef47ddda5f4ccbef6ed701",
	"title": "How to register an app in Microsoft Entra ID - Microsoft identity platform",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 242258,
	"plain_text": "How to register an app in Microsoft Entra ID - Microsoft identity\r\nplatform\r\nBy cilwerner\r\nArchived: 2026-04-05 22:37:39 UTC\r\nIn this how-to guide, you learn how to register an application in Microsoft Entra ID. This process is essential for\r\nestablishing a trust relationship between your application and the Microsoft identity platform. By completing this\r\nquickstart, you enable identity and access management (IAM) for your app, allowing it to securely interact with\r\nMicrosoft services and APIs.\r\nAn Azure account that has an active subscription. Create an account for free.\r\nThe Azure account must be at least a Application Developer.\r\nA workforce or external tenant. You can use your Default Directory for this quickstart. If you need an\r\nexternal tenant, complete set up an external tenant.\r\nRegistering your application in Microsoft Entra establishes a trust relationship between your app and the\r\nMicrosoft identity platform. The trust is unidirectional. Your app trusts the Microsoft identity platform, and not the\r\nother way around. Once created, the application object can't be moved between different tenants.\r\nFollow these steps to create the app registration:\r\n1. Sign in to the Microsoft Entra admin center as at least an Application Developer.\r\n2. If you have access to multiple tenants, use the Settings icon in the top menu to switch to the tenant in\r\nwhich you want to register the application.\r\n3. Browse to Entra ID \u003e App registrations and select New registration.\r\n4. Enter a meaningful Name for your app, for example identity-client-app. App users can see this name, and it\r\ncan be changed at any time. You can have multiple app registrations with the same name.\r\n5. Under Supported account types, specify who can use the application. We recommend you select\r\nAccounts in this organizational directory only for most applications. Refer to the table for more\r\ninformation on each option.\r\nSupported account types Description\r\nAccounts in this\r\norganizational directory only\r\nFor single-tenant apps for use only by users (or guests) in your\r\ntenant.\r\nAccounts in any\r\norganizational directory\r\nFor multitenant apps and you want users in any Microsoft Entra\r\ntenant to be able to use your application. Ideal for software-as-a-https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app\r\nPage 1 of 3\n\nSupported account types Description\r\nservice (SaaS) applications that you intend to provide to multiple\r\norganizations.\r\nAccounts in any\r\norganizational directory and\r\npersonal Microsoft accounts\r\nFor multitenant apps that support both organizational and personal\r\nMicrosoft accounts (for example, Skype, Xbox, Live, Hotmail).\r\nPersonal Microsoft accounts\r\nFor apps used only by personal Microsoft accounts (for example,\r\nSkype, Xbox, Live, Hotmail).\r\n6. Select Register to complete the app registration.\r\n7. The application's Overview page is displayed. Record the Application (client) ID, which uniquely\r\nidentifies your application and is used in your application's code as part of validating the security tokens it\r\nreceives from the Microsoft identity platform.\r\nhttps://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app\r\nPage 2 of 3\n\nImportant\r\nNew app registrations are hidden to users by default. When you're ready for users to see the app on their My Apps\r\npage you can enable it. To enable the app, in the Microsoft Entra admin center navigate to Entra ID \u003e Enterprise\r\napps and select the app. Then on the Properties page, set Visible to users? to Yes.\r\nOnce you register your application, it gets assigned the User.Read permission. However, for external tenants, the\r\ncustomer users themselves can't consent to permissions themselves. You as the admin must consent to this\r\npermission on behalf of all the users in the tenant:\r\n1. From the Overview page of your app registration, under Manage select API permissions.\r\n2. Select Grant admin consent for \u003c tenant name \u003e, then select Yes.\r\n3. Select Refresh, then verify that Granted for \u003c tenant name \u003e appears under Status for the permission.\r\nAdd a redirect URI to your application\r\nAdd credentials to your application\r\nConfigure an application to expose a web API\r\nMicrosoft identity platform code samples\r\nAdd your application to a user flow\r\nSource: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app\r\nhttps://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app"
	],
	"report_names": [
		"quickstart-register-app"
	],
	"threat_actors": [],
	"ts_created_at": 1775434000,
	"ts_updated_at": 1775826757,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/594860c65805e645a7ef47ddda5f4ccbef6ed701.pdf",
		"text": "https://archive.orkl.eu/594860c65805e645a7ef47ddda5f4ccbef6ed701.txt",
		"img": "https://archive.orkl.eu/594860c65805e645a7ef47ddda5f4ccbef6ed701.jpg"
	}
}