问题
I was just going through some walkthrough where I created an Azure AD App to use it as an authorization/authentication in my Azure web application.
Now when I go to select existing AD app for my Azure website (App Services) it doesn't appear in my Azure AD Applications list.
The path to add existing AD app is "App Services > MyAzureApp > Authentication/Authorization > Auzre Active Directory > Express > Select existing AD App"
I have used following settings for my Azure AD app:
Sign-on URL:
https://login.windows.net
Reply URLs:
https://msmanaged-na.consent.azure-apim.net/redirect
Required permissions:
Azure Service Management API > Access Azure Service Management as organization users
Keys:
Added a key and set it's expiration date to 1 year
Help please.
Update (@dstrockis):
I pasted this in the browser
https://login.microsoftonline.com/(tenantname).onmicrosoft.com/oauth2/authorize?client_id=(API Acces-Keys-GeneratedKey)=&redirect_uri=(https://azuresitename.azurewebsites.net/.auth/login/aad/callback)&response_mode=query&response_type=code+id_token&scope=openid&nonce=12345
And I got a bad request. See image below
回答1:
If you want to configure authentication for your application, please follow the Manual approach mentioned here. I have done this to my App service and its working fine.
回答2:
In Azure AD there is a difference between "registering" an app and "provisioning" it into your tenant. The Azure AD portal UX is currently only doing the former, but not the latter. The team is aware of the problem and working on a fix.
In the meantime the best workaround is to simulate a sign-in to the app, which will "provision" the app into your Azure AD tenant.
If you complete the below request and paste it into a browser, and sign-in with an account in your tenant, you should see it show up.
https://login.microsoftonline.com/{common-or-tenant}/oauth2/authorize?client_id={client-id}&redirect_uri={redirect_uri}&response_mode=query&response_type=code+id_token&scope=openid&nonce=12345
回答3:
Late to the cake but believe it will help.
When you create your app registration don't forget to assign an owner to it (Settings -> Owner) before you close registration pane.
Otherwise it's created but won't display on the list as seems like it doesn't have a default owner.
回答4:
In the Azure Active Directory admin center, when I browse to Azure Active Directory > App registrations, the app I registered does not show up. When I change the view settings from "My apps" (selected by default) to "All Apps" it then shows in the list. No need to change owners, at least for my purposes
The owner setting was a clue--
Switching from "My Apps" view to "All apps" allowed my my app to show up.
回答5:
Well for me,
just updating the App Registration manifest file
"publicClient": false
to
"publicClient": null
does the trick
Cheers,
回答6:
From your error message in your image, it seems that the application was not added in your Azure AD tenant.
Now when I go to select existing AD app for my Azure website (App Services) it doesn't appear in my Azure AD Applications list.
When select existing AD app in Azure portal, please make sure your app was added in ‘current Active Directory’ (Highlight in below screenshot). It is very easy if you create a new AD app in Azure portal.
If you confuse with the parameters in Azure AD work flow, Please have a look at this article.
回答7:
Sounds like your application is not registered as an Enterprise Application, which is what I found my application needed to be.
回答8:
I had a similar issue with my Azure Function not showing up in my KeyVault Access. Giving me a cryptic error ([error] aadsts900023" specified tenant identifier is neither a valid dns name, nor a valid external domain.)
Ended up, that the access to key vault disappeared, but I couldn't find the app to give it permissions again.
To resolve this I went to the Azure Function > Function Settings > Platform Features section.
Under the General Settings, selected "All Settings".
On this page select "Identity" under the "Settings" section.
In the "System assigned" tab, Turn on "Status".
Which will then give: "This resource is registered with Azure Active Directory. You can control its access to services like Azure Resource Manager, Azure Key Vault, etc."
来源:https://stackoverflow.com/questions/39835124/azure-ad-application-not-appearing-in-existing-ad-app-list-for-an-azure-web-appl