Register an app in Azure AD

Follow the steps below to register an app in Azure AD to use with the Python SDK, Jupyter notebooks, or Postman. You can use the same steps to register desktop apps and one-off/short-term scripts. Users can sign in using their browser and use the acquired token in for example Jupyter.

1. Sign in to the Azure portal as an admin.

2. If you have access to multiple tenants, use the Directory + subscription filter in the top menu to select the tenant in which you want to register an application.

3. Search for and select Azure Active Directory.

4. Under Manage, select App registrations > New registrations.

5. In the Register an application window, enter the app name, and then select Register.

6. Specify the name and select the supported account types.

7. Under Redirect URI (optional), select Public client/native (mobile & desktop) and specify the redirect URI:

   • Jupyter/Python SDK: http://localhost:53000.
   • Postman: https://oauth.pstmn.io/v1/callback.
   

8. Select Register.

9. Select Authentication to add more redirect URIs, and to select device code flow (optional). Then select Save.

   

10. Configure API permissions:

    1. Select API permissions. The Microsoft Graph User.Read permissions should already be selected.

    2. Select Add a permission and in the next screen, under APIs my organization uses, select the CDF API, for example westeurope-1.

    3. For Delegated permissions, select the required permissions for your application, for example, user_impersonation. The delegated permissions filter the permissions a user has based on group memberships but don't add any permissions.

       To use the token inspection endpoint, select IDENTITY.

       Learn more about the available permissions here.

    4. Select Add permissions.

    5. The API permissions should look similar to this:

    

    1. Select Grant admin consent for... and confirm that you want to make the new list of permissions active.