Step 1: Create the new application
- Log into the Azure Management Portal for your Office 365 tenant.
- Go to
...
- the Azure Active Directory
...
- tab and select App Registrations.
- Select
...
Image Removed
...
Image Removed
- Select Add an application my organization is developing.
Image Removed
- Set "Aspire AAD Group Expander" as the application name and "Web application and/or web api" as application type.
- Click the arrow.
Image Removed
...
- "New Application Registration".
- Give the application a name and keep the default selection of "Web App / API".
- Enter a Sign-on URL (the value of this doesn’t really matter other than being unique) and click "Create".
- Look for your new application on the Registered Applications list and click it.
- Go to Required Permissions and click on "Add".
- On the "Select an API" section, select the "Windows Azure Active Directory" application.
- On "Select Permissions", select the following "Application Permissions":
- Read Directory.
- After saving you have to click "Grant Permissions" to apply the changes.
Step 2: Get the Client ID and Secret Key
Image Removed
- Scroll down until you find the Client ID and the "Keys" Section.
- First copy and save the Client ID.
- Then select the duration for the new key.
Image Removed
Image Removed
- You'll now see the Client Key and it's expiration date.
- Copy this key and save it. It'll not appear again after you leave the page
Image Removed
Step 3: Application Permissions
...
- To get the ClientID copy the value from Application ID in the App Properties tab.
- To get a new client secret key go to Keys in the Registered App menu.
- Add a key description and a duration.
- After saving you'll get the key. Store it in some place safe, because it is shown only once and won't be available after leaving the page
...
- .
{"serverDuration": 118, "requestCorrelationId": "7c56a795cfd4971a"}