用于登录用户的 Web 应用:应用注册Web app that signs in users: App registration

本文介绍可将用户登录的 Web 应用的应用注册具体信息。This article explains the app registration specifics for a web app that signs in users.

若要注册应用程序,可以使用:To register your application, you can use:

  • Web 应用快速入门The web app quickstarts. 除了提供创建应用程序的第一手体验,Azure 门户中的快速入门还包含名为“为我进行此更改”的按钮。 In addition to being a great first experience with creating an application, quickstarts in the Azure portal contain a button named Make this change for me. 可以使用此按钮设置所需属性,对现有应用也可以这样做。You can use this button to set the properties you need, even for an existing app. 需根据自己的情况调整这些属性的值。You'll need to adapt the values of these properties to your own case. 具体而言,应用的 Web API URL 可能会不同于建议的默认值,后者还会影响注销 URI。In particular, the web API URL for your app is probably going to be different from the proposed default, which will also affect the sign-out URI.
  • 用于手动注册应用程序的 Azure 门户。The Azure portal to register your application manually.
  • PowerShell 和命令行工具。PowerShell and command-line tools.

按照快速入门注册应用Register an app by using the quickstarts

可使用以下链接启动 Web 应用程序的创建:You can use these links to bootstrap the creation of your web application:

使用 Azure 门户注册应用程序Register an app by using the Azure portal

备注

要使用的门户根据应用程序是在 Azure 公有云中运行还是在国家云或主权云中运行而异。The portal to use is different depending on whether your application runs in the Azure public cloud or in a national or sovereign cloud. 有关详细信息,请参阅国家云For more information, see National clouds.

  1. 使用工作或学校帐户登录到 Azure 门户Sign in to the Azure portal by using a work or school account. 或者,登录到适用于国家云的所选 Azure 门户Alternatively, sign in to the Azure portal of choice for the national cloud.
  2. 如果你的帐户有权限访问多个租户,请在右上角选择该帐户。If your account gives you access to more than one tenant, select your account in the upper-right corner. 然后,将门户会话设置为所需的 Azure Active Directory (Azure AD) 租户。Then, set your portal session to the desired Azure Active Directory (Azure AD) tenant.
  3. 在左侧窗格中选择“Azure Active Directory”服务,然后选择“应用注册” > “新建注册”。 In the left pane, select the Azure Active Directory service, and then select App registrations > New registration.
  1. “注册应用程序”页出现后,请输入应用程序的注册信息: When the Register an application page appears, enter your application's registration information:
    1. 为应用程序选择支持的帐户类型。Choose the supported account types for your application. (请参阅支持的帐户类型。)(See Supported account types.)
    2. 在“名称”部分输入一个会显示给应用用户的有意义的应用程序名称。 In the Name section, enter a meaningful application name that will be displayed to users of the app. 例如,输入 AspNetCore-WebAppFor example, enter AspNetCore-WebApp.
    3. 在“重定向 URI”中,添加将在成功进行身份验证后接受返回的令牌响应的应用程序类型和 URI 目标。 For Redirect URI, add the type of application and the URI destination that will accept returned token responses after successful authentication. 例如,输入 https://localhost:44321 。For example, enter https://localhost:44321. 然后,选择“注册”。Then, select Register. 屏幕截图显示了“注册应用程序”页,可在其中选择“注册”。Screenshot shows the Register an application page where you can select Register.
  2. 选择“身份验证”菜单,然后添加以下信息:Select the Authentication menu, and then add the following information:
    1. 对于“回复 URL”,请添加“Web”类型的 https://localhost:44321/signin-oidcFor Reply URL, add https://localhost:44321/signin-oidc of type Web.
    2. 在“高级设置”部分,将“注销 URL”设置为 https://localhost:44321/signout-oidcIn the Advanced settings section, set Logout URL to https://localhost:44321/signout-oidc.
    3. 选择“隐式授权”下的“ID 令牌”。Under Implicit grant, select ID tokens.
    4. 选择“保存”。Select Save. 屏幕截图显示了“身份验证选项”,可在其中进行所述的更改。Screenshot shows the Authentication options, where you can make the changes described.

使用 PowerShell 注册应用Register an app by using PowerShell

备注

目前,Azure AD PowerShell 只能使用下述受支持帐户类型创建应用程序:Currently, Azure AD PowerShell creates applications with only the following supported account types:

  • MyOrg(仅限此组织目录中的帐户)MyOrg (accounts in this organizational directory only)
  • AnyOrg(任何组织目录中的帐户)AnyOrg (accounts in any organizational directory)

后续步骤Next steps