Integration
Application registrations
The application registration is carried out at the Microsoft Azure portal via administrative credentials. A user can choose one of the following types of accounts:
- A tenant admin account;
- A tenant user account (with the enabled “Users can register applications” setting).
The option to open an application registration page is available under:
- Microsoft Azure portal > Azure services > App registrations;
- Microsoft Azure portal > Search > Enter a search request (i.e., “App registrations”) > Select the service in the list > App registrations;
- Microsoft Azure portal > Menu > All services > Enter a search request (i.e., “App registrations”) > Select the service in the list > App registrations.
Microsoft Azure portal shows the screen when successful:
The option to create a new application registration is available under the New registration option.
Microsoft Azure portal shows the Create window when successful:
To create a new application registration, a user fills in the fields in the form (see Table 1 and the Microsoft Azure manual).
Table 1. A new application registration
| Field name | Details |
| Name | This field sets a meaningful application name to display to users (i.e., Apptimized Intune Test) |
| Supported accounts |
This option identifies types of accounts that can use the application.
|
| Redirect URI |
This setting is optional, and the values can be provided later.
|
When clicking on the Register button, Microsoft Azure portal shows the following screen:
When the application successfully registered, a user needs to make a series of settings steps, namely:
- To add a redirect URIs;
- To add new client secret string;
- To configure permissions to the application to call API.
Next, each setting block is shown in more detail.
The option to add redirect URIs to the application is available under the All services > App registrations > Select the application in the list > Manage menu > Authentication > Redirect URIs > Add URI > Fill in new URI > Save button.
The option to add new client secret string is available under the All services > App registrations > Select the application in the list > Manage menu > Certificates & secrets > Client secrets > New client secret button > Fill in the description > Set the expiry mode > Add button.
Note. When clicking on the Add button, the client secret value appears (i.e., ~_fd-Y49~haNZ~g8RbDz9yQCF4KQ__1j49). A user must copy the value to the clipboard to use it in the client’s application code. It becomes inaccessible once a user leaves this page. The Client secret value correlates with the Client secret field when integrating Intune into the Apptimized portal.
The option to configure permissions to the application to call API is available under All services > App registrations > Select the application in the list > Manage menu > API permissions > Add a permission > Microsoft Graph.
Microsoft Azure portal shows the following screen when successful:
The option to set the types of permissions to the application is available under the Delegated permissions button > Select the permissions in the list > Add permissions button. The screenshot below shows the list of enabled permissions:
Some delegated permissions can be consented to by non-administrative users, but some higher-privileged permissions require administrator consent. The option to grant permissions is available under the Grant admin consent for [company name] button.