Application and service principal object. – Part 3 (SAAS Application with Azure Directory).
Hello All,
In this video we have covered details about application and service principal object.
Please click on the below mentioned link to check the entity model of both the objects.
github link to download the sample :-
Also we have tried to explain how the consent framework works and how you can control the consent at the directory, application and user object level.
The commands used are listed below:-
Get-AzureADOAuth2PermissionGrant
Get-AzureADServicePrincipalOAuth2PermissionGrant
Get-AzureADUserOAuth2PermissionGrant
Remove-AzureADOAuth2PermissionGrant
Regards,
Concepts work.
Hello Sir, Could you please explain bit more on application permissions vs delegated permissions
You one heck of a trainer.You are skills on this subject is amazing.All I learnt here is more than in any of the Microsoft Doc /learning Site.You Simplify so well.
Thanks Subramanya.
Great Video. Just wanted to understand the difference between Client Id and App Id. Also the difference between Service Principle Auth and User Pricniple auth
ClientID and AppID is same, when a service principal Object and application Object is created they both have an attribute named as app id, which maps the service principal with Applicaiton Object.
ClientId is a term referered for app id itself as clientid and client secret is generated for applications which will perform confidential client auth.
Please check this article which has all the details – https://tools.ietf.org/pdf/rfc6749.pdf
Also, if you want to know more, please watch my Oauth series, I have covered everything.
Very well Explained, keep it up!!!
Thanks for liking
Keep it up…! Awesome .
Thank you so much ?
OMG – This video has cleared up so much stuff for me (Non dev) so much better than reading pages and pages of Microsoft documentation!!!!!!
Thank you !
This was really good and informative.However when i tried to follow along in my Azure portal i can see MS has changed app registration portal so had to understand the change before doing it my self. A new video on app registration may be more useful.
Thank you so much for the feedback, will try to post it as soon as possible.
Even though I am not a developer, your videos are of high quality and brilliant. Please keep making more Azure concepts and we are very grateful. Many Thanks
For sure will try to keep on creating content with brief description.
I am not getting the consent after I add the permission
Which protcol and platform you are using ?
Can you also upload the video showing how did you publish the test app for openid connect in azure using the code from git hub? I couldn’t get that part… Or is that out of scope for this video….? I am not a developer.
It is covered in one of our video, for membership content – https://www.youtube.com/watch?v=fxWAwCmle6A&list=PL8wOlV8Hv3o_6MSbTZgzyumc9vHl-z62j
If an app is available in Gallery and I want to add that in my 2-3 tenants, will the Client Id be same always
or the Clinet ID of an app is different for Different tenants?
Also for the first time when the app redirects me to AAd for the token does it send the Client ID?
When you register an app as a multi-tenant, application object and service principal will be created in that tenant where client id will be same. When this application is granted consent by either a user or administrator of another tenant it will create a Service Principal with a new client id in that tenant, this time application object won’t get created. I hope this answers your question.
your video is really helpful. we are working on a project which need to use Azure AD to do the sign in authentication. as our application is based on C#, not ASP. so I want to know will it also work for C# ? and what else should we do at our application side, except for the web.config file showing in the video? really appreciate your answer!
Checkout this link, it has a sample application, which you can review.
https://github.com/Azure-Samples/active-directory-webapp-webapi-multitenant-openidconnect-aspnetcore/
Hi, Nice and descriptive video, however it arise many questions
1, you are showing wordpad content, from where you got the content. Is this menifesto of that application i.e open connect-test.
2. How you have opened the app, i saw you ran some script from where you are showing consent.
I am also agreed with AMIT MISHRA, please let me know if you upload new video on app registration coz this was the only video which was hard to understand for me, rest all videos were easy.
@Concepts Work Thanks for uploading such knowledgeable videos… Please let me know once you upload PKI videos.. or let me know the url if already uploaded..Thx
The agenda of this video was let you know, how the entire consent framework works, and how it can be customized as per the application.
The script/commands that I was using was to check each and every consent object.
Thank you so much for your feedback, I will be posting the new portal experience as soon as possible.