Quickstart: Register an application in Microsoft Entra ID

In this quickstart, you learn how to register an application in Microsoft Entra ID. This process is essential for establishing a trust relationship between your application and the Microsoft identity platform. By completing this quickstart, you enable identity and access management (IAM) for your app, allowing it to securely interact with Microsoft services and APIs.

Prerequisites

  • An Azure account that has an active subscription. Create an account.
  • The Azure account must be at least a Application Developer.
  • A workforce tenant. You can use your Default Directory for this quickstart.

Register an application

Registering your application in Microsoft Entra establishes a trust relationship between your app and the Microsoft identity platform. The trust is unidirectional. Your app trusts the Microsoft identity platform, and not the other way around. Once created, the application object can't be moved between different tenants.

Follow these steps to create the app registration:

  1. Sign in to the Microsoft Entra admin center as at least an Application Developer.

  2. If you have access to multiple tenants, use the Settings icon in the top menu to switch to the tenant in which you want to register the application.

  3. Browse to Identity > Applications > App registrations and select New registration.

  4. Enter a meaningful Name for your, for example identity-client-app. App users can see this name, and it can be changed at any time. You can have multiple app registrations with the same name.

  5. Under Supported account types, specify who can use the application. We recommend you select Accounts in this organizational directory only for most applications. Refer to the table for more information on each option.

    Supported account types Description
    Accounts in this organizational directory only For single-tenant apps for use only by users (or guests) in your tenant.
    Accounts in any organizational directory For multitenant apps and you want users in any Microsoft Entra tenant to be able to use your application. Ideal for software-as-a-service (SaaS) applications that you intend to provide to multiple organizations.
  6. Select Register to complete the app registration.

    Screenshot of Microsoft Entra admin center in a web browser, showing the Register an application pane.

  7. The application's Overview page is displayed. Record the Application (client) ID, which uniquely identifies your application and is used in your application's code as part of validating the security tokens it receives from the Microsoft identity platform.

    Screenshot of the Microsoft Entra admin center in a web browser, showing an app registration's Overview pane.

Important

New app registrations are hidden to users by default. When you're ready for users to see the app on their My Apps page you can enable it. To enable the app, in the Microsoft Entra admin center navigate to Identity > Applications > Enterprise applications and select the app. Then on the Properties page, set Visible to users? to Yes.