none
What exactly is the App ID URI when adding a new Azure AD Application?

    Question

  • I am trying to create an Azure AD Application for multi-tenant use and I am running into some problems.  

    For one, the documentation on this page https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx does not appear to align with what the oAuth APIs actually want.  The docoumentation states that the resource parameter for the request of the oAuth Token is optional, but the API gives an error saying its missing the resource parameter when I try to exclude it.

    So I added the resource (App ID URI), but now it is telling me that the "AADSTS90027: The client '1ff78c4b-414f-44c7-834b-XXXXXXX' and resource 'https://www.cloudthings.info/oauth' identify the same application."

    I am not very familiar with Azure AD and how this process works, but there is definitely something I am doing wrong here.  Could someone please give some insight on what these values are and how they tie in with my Azure AD oAuth process?

    Monday, February 09, 2015 6:19 PM

Answers

  • Hi,

    What kind of application are you building? In the linked scenario you have a client application (e.g. mobile, desktop or web app) and an API resource you want to access using that application. As you can see from the Flow diagram, client application requests a token from Azure AD for the Web API.

    So, you effectively have to have two applications in Azure AD: one for the client and one for the Web API service. You also have to configure at least one permission on the Web API side in AAD and then configure the client to require that permission. See this link on how to do that.

    Then in the OAuth request you have to specify which client is it (client_id) and what resource you're trying to access. The terminology is not the most clear here, for the OAuth request "resource" parameter you should use the "app id" of the API you want to. App ID can be chosen freely but must be a form-valid (https) URI.

    Does this help?

    Wednesday, February 11, 2015 6:42 AM