Integrated apps and Azure AD for Microsoft 365 administrators
There's more to managing integrated apps than just managing user consent to apps. With the advent of the Microsoft 365 REST APIs, users can grant apps access to their Microsoft 365 data, such as mail, calendars, contacts, users, groups, files, and folders. By default, users need to individually grant permissions to each app.
But this doesn't scale well if you want to authorize an app once at the global administrator level and roll it out to your whole organization through the app launcher. To do this, you must register the app in Azure Active Directory (Azure AD). There are some steps you need to take before you can register an app in Azure AD and some background information you should know that can help you manage apps in your Microsoft 365 organization.
Azure AD resources for Microsoft 365 admins
You have to do these two tasks before you can manage your Microsoft 365 apps in Azure AD.
|Use your free Azure AD subscription
||Every paid subscription to Microsoft 365 comes with a free subscription to Azure AD. You can use Azure AD to manage your apps and to create and manage user and group accounts. To use Azure AD, just go to the Azure portal at https://portal.azure.com and sign in using your Microsoft 365 account.
|Manage user consent to apps
||You must manage user consent to apps to allow third-party apps to access user Microsoft 365 information and for you to register apps in Azure AD. For example, when someone uses a third-party app, that app might ask for permission to access their calendar and to edit files that are in a OneDrive folder.
Managing Microsoft 365 apps requires you to have knowledge of apps in Azure AD. Use these articles to give you the background you need.
|Meet the Microsoft 365 app launcher
||If you're new to the app launcher, you might be wondering what it is and how to use it. The app launcher is designed to help you get to your apps from anywhere in Microsoft 365.
|Office 365 management APIs overview
||The Microsoft 365 management APIs let you provide access to your Microsoft 365 data, including the things they care about most—their mail, calendars, contacts, users and groups, files, and folders.
|Integrating applications in Azure AD
||Learn about applications that are integrated with Azure AD, and how to register your application, understand concepts behind a registered application, and learn about branding guidelines for multi-tenant applications.
|Add custom tiles to the app launcher
||The app launcher in Microsoft 365 makes it easier for users to find and access their apps. This article describes the ways you as a developer can get your apps to appear in users' app launchers and also give them a single sign-on (SSO) experience using their Microsoft 365 credentials.
|Azure AD integration tutorials
||The objective of these tutorials is to show you how to configure Azure AD SSO for third-party SaaS applications.
|Authentication scenarios for Azure AD
||Azure AD simplifies authentication for developers by providing identity as a service, with support for industry-standard protocols such as OAuth 2.0 and OpenID Connect, as well as open source libraries for different platforms to help you quickly start coding. This document helps you understand the various scenarios Azure AD supports and shows you how to get started.
||Azure AD enables easy integration to many of today's popular software as a service (SaaS) applications. It provides identity and access management, and it delivers an Access Panel for users where they can discover what application access they have and where they can use SSO to access their applications. This article provides you with links to the related resources that enable you to learn more about the application access enhancements for Azure AD and how you can contribute to them.
|Personalize your Office 365 experience
||You can get quick access to the apps you use every day by adding or removing apps in the Microsoft 365 app launcher.