问题
I have seen that some Services can add an entry into my ActiveDirectory-> EnterpriseApplications page when i just enter my Azure Account UserId and Password on their page. Using this they can use Azure RestAPI and get List of my subscriptions and Resources etc.
Even I have created a custom web Application(hosted on some public server) and I want to access Subscriptions and Resources of users using the REST API. But to do that it asks me to do the AppRegistration. But i do not want every user to do App Registration, rather i want to add that entry in AppRegistration programatically using some sort of REST based API, all they have to do is provide me access to an account that has the necessary rights. However i am unable to find any documentation for this.
There is a threads which say its possible but fail to provide any necessary references https://social.msdn.microsoft.com/Forums/azure/en-US/d9bfefbf-d1ea-4ba1-bd28-5379caab0e33/azure-programatically-add-entry-into-app-registrations-in?forum=WindowsAzureAD
--------------Edit---------------- Thanks juunas
The MS documentation is really confusing, I use this .net code to get some "code", but what do we do with this code.
string authorizationRequest = String.Format(
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id={0}&redirect_uri={1}&state={2}&scope={3}",
Uri.EscapeDataString(ConfigurationManager.AppSettings["ida:ClientID"]),
Uri.EscapeDataString("mywebsite.com"),
Uri.EscapeDataString(stateMarker), "https://graph.microsoft.com/.default"
);
This code does not work
ClientCredential credential = new ClientCredential(ConfigurationManager.AppSettings["ida:ClientID"],
ConfigurationManager.AppSettings["ida:Password"]);
AuthenticationContext authContext = new AuthenticationContext("https://login.microsoftonline.com/common/");
AuthenticationResult result = await authContext.AcquireTokenByAuthorizationCodeAsync(
code, new Uri("mywebsite.com"), credential);
and gives an error, also there seems to be two kinds of API v1.0 and v2.0. Also there is another page here where we need to add App Registrations, dont know why MS created 2 pages https://apps.dev.microsoft.com If I dont create application here and create it on the Azure portal I get this error when I run the first part of the code
error=unauthorized_client&error_description=The+client+does+not+exist.+If+you+are+the+application+developer%2c+configure+a+new+application+through+the+application+management+site+at+https://apps.dev.microsoft.com/.
来源:https://stackoverflow.com/questions/51341938/azure-app-registeration-vs-enterprise-applications