category
Applications can sign in users themselves or delegate sign-in to an identity provider. This article discusses the steps that are required to register an application with the Microsoft identity platform. For an identity provider to know that a user has access to a particular app, both the user and the application must be registered with the identity provider. When you register your application with Microsoft Entra ID, you're providing an identity configuration for your application that allows it to integrate with the Microsoft identity platform. Registering the app also allows you to: After the app is registered, it's given a unique identifier that it shares with the Microsoft identity platform when it requests tokens. If the app is a confidential client application, it will also share the secret or the public key depending on whether certificates or secrets were used. The Microsoft identity platform represents applications by using a model that fulfills two main functions: The Microsoft identity platform: Consent is the process of a resource owner granting authorization for a client application to access protected resources, under specific permissions, on behalf of the resource owner. The Microsoft identity platform enables: 在Microsoft身份平台中,应用程序对象描述应用程序。在部署时,Microsoft身份平台使用应用程序对象作为蓝图来创建服务主体,该主体表示目录或租户中应用程序的具体实例。服务主体定义了应用程序在特定目标目录中实际可以做什么,谁可以使用它,它可以访问什么资源等等。Microsoft身份平台通过同意从应用程序对象创建服务主体。 下图显示了由同意驱动的简化的Microsoft身份平台配置流程。它显示了两个租户:A和B。 In this provisioning flow: You can repeat this process for more tenants. Tenant A retains the blueprint for the app (application object). Users and admins of all the other tenants where the app is given consent keep control over what the application is allowed to do via the corresponding service principal object in each tenant. For more information, see Application and service principal objects in the Microsoft identity platform. For more information about authentication and authorization in the Microsoft identity platform, see the following articles: For more information about the application model, see the following articles:
Register an application
Multitenant apps
Next steps
- 登录 发表评论
- 2 次浏览
最新内容
- 1 week ago
- 1 week ago
- 1 week ago
- 1 week ago
- 1 week ago
- 1 week 6 days ago
- 2 weeks ago
- 2 weeks 2 days ago
- 2 weeks 2 days ago
- 2 weeks 2 days ago