Register a public client application in Azure Active Directory
In this article, you'll learn how to register a public application in Azure Active Directory.
The quickstart provides general information about how to register an application with the Microsoft identity platform.
App registrations in Azure portal
In the Azure portal, on the left navigation panel, click Azure Active Directory.
In the Azure Active Directory blade, click App registrations:
Click the New registration.
Application registration overview
Give the application a display name.
Provide a reply URL. The reply URL is where authentication codes will be returned to the client application. You can add more reply URLs and edit existing ones later.
In the Azure portal, in App registrations, select your app, and then select Authentication.
Select Advanced settings > Default client type. For Treat application as a public client, select Yes.
For a single-page application, select Access tokens and ID tokens to enable implicit flow.
- If your application signs in users, select ID tokens.
- If your application also needs to call a protected web API, select Access tokens.
Similarly to the confidential client application, you'll need to select which API permissions this application should be able to request on behalf of users:
Open the API permissions.
If you are using the Azure API for FHIR, you will add a permission to the Azure Healthcare APIs by searching for Azure Healthcare APIs under APIs my organization uses. You will only be able to find this if you have already deployed the Azure API for FHIR.
If you are referencing a different Resource Application, select your FHIR API Resource Application Registration that you created previously under My APIs:
Select the permissions that you would like the application to be able to request:
Validate FHIR server authority
If the application you registered in this article and your FHIR server are in the same Azure AD tenant, you are good to proceed to the next steps.
If you configure your client application in a different Azure AD tenant from your FHIR server, you will need to update the Authority. In Azure API for FHIR, you do set the Authority under Settings --> Authentication. Set your Authority to https://login.microsoftonline.com/\.
In this article, you've learned how to register a public client application in Azure Active Directory. Next, test access to your FHIR server using Postman.