Part 2: Applications and Service Principals
The Mystery of Two App Screens
App Registrations vs Enterprise Applications
App Registrations
Enterprise Applications
The Relationship
Registering Your First Application
Step 1: Navigate to App Registrations
Step 2: Basic Configuration
Step 3: Review What You Got
Configuring Your Application
Authentication Settings
Platform Configurations
Advanced Settings
Certificates & Secrets
Client Secrets (Password-Based)
Certificates (More Secure)
API Permissions
Microsoft Graph Permissions
Custom API Permissions
Token Configuration
Expose an API
Service Principals in Depth
Finding Your Service Principal
Service Principal Properties
Assigning Users and Groups
Service Principal Authentication
Multi-Tenant Applications
When to Use Multi-Tenant
Converting to Multi-Tenant
Multi-Tenant Authentication Flow
Multi-Tenant Implementation
Real-World Application Patterns
Pattern 1: SPA + Backend API
Pattern 2: Microservices with Service Principal Auth
Pattern 3: Azure Function with Managed Identity
Common Pitfalls
Pitfall 1: Confusing Object ID and Application ID
Pitfall 2: Exposing Client Secrets
Pitfall 3: Wrong Platform Configuration
Pitfall 4: Forgetting to Grant Admin Consent
Key Takeaways
What's Next
Last updated