快速入門:使用 Microsoft 身分識別平台來註冊應用程式Quickstart: Register an application with the Microsoft identity platform

企業開發人員和軟體即服務 (SaaS) 提供者可以開發可與 Microsoft 身分識別平台整合的商業雲端服務或企業營運應用程式,以提供安全的登入和授權給其服務。Enterprise developers and software-as-a-service (SaaS) providers can develop commercial cloud services or line-of-business applications that can be integrated with Microsoft identity platform to provide secure sign-in and authorization for their services.

本快速入門會說明如何在 Azure 入口網站中使用應用程式註冊體驗新增和註冊應用程式,以便讓應用程式可以和 Microsoft 身分識別平台整合。This quickstart shows you how to add and register an application using the App registrations experience in the Azure portal so that your app can be integrated with the Microsoft identity platform. 若要深入了解新應用程式註冊體驗中的新功能與功能改善,請參閱此部落格文章To learn more about the new features and improvements in the new app registrations experience, see this blog post.

使用 Azure 入口網站註冊新的應用程式Register a new application using the Azure portal

  1. 使用公司或學校帳戶或個人的 Microsoft 帳戶登入 Azure 入口網站Sign in to the Azure portal using either a work or school account or a personal Microsoft account.

  2. 如果您的帳戶可讓您存取多個租用戶,請在右上角選取帳戶,然後將您的入口網站工作階段設定為想要的 Azure AD 租用戶。If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the Azure AD tenant that you want.

  3. 在左側導覽窗格中,選取 [Azure Active Directory] 服務,然後選取 [應用程式註冊] > [新增註冊]。In the left-hand navigation pane, select the Azure Active Directory service, and then select App registrations > New registration.

  4. 當 [註冊應用程式] 頁面出現時,輸入您應用程式的註冊資訊:When the Register an application page appears, enter your application's registration information:

    • 名稱 - 輸入會顯示給應用程式使用者的有意義應用程式名稱。Name - Enter a meaningful application name that will be displayed to users of the app.

    • 支援的帳戶類型 - 選取要讓應用程式支援的帳戶。Supported account types - Select which accounts you would like your application to support.

      支援的帳戶類型Supported account types 說明Description
      僅此組織目錄中的帳戶Accounts in this organizational directory only 如果您要建置企業營運 (LOB) 應用程式,請選取此選項。Select this option if you're building a line-of-business (LOB) application. 如果您未在目錄中註冊應用程式,則無法使用此選項。This option is not available if you're not registering the application in a directory.

      此選項對應至僅限 Azure AD 的單一租用戶。This option maps to Azure AD only single-tenant.

      除非您在目錄外註冊應用程式,否則會預設使用此選項。This is the default option unless you're registering the app outside of a directory. 如果在目錄外註冊應用程式,則會預設使用 Azure AD 多租用戶和個人 Microsoft 帳戶。In cases where the app is registered outside of a directory, the default is Azure AD multi-tenant and personal Microsoft accounts.
      任何組織目錄中的帳戶Accounts in any organizational directory 如果您想要鎖定所有商業和教育客戶,請選取此選項。Select this option if you would like to target all business and educational customers.

      此選項對應至僅限 Azure AD 的多租用戶。This option maps to an Azure AD only multi-tenant.

      如果您將應用程式註冊為僅限 Azure AD 的單一租用戶,則可透過 [驗證] 刀鋒視窗,將其更新為 Azure AD 多租用戶以及重新更新為單一租用戶。If you registered the app as Azure AD only single-tenant, you can update it to be Azure AD multi-tenant and back to single-tenant through the Authentication blade.
      任何組織目錄中的帳戶及個人的 Microsoft 帳戶Accounts in any organizational directory and personal Microsoft accounts 選取此選項以鎖定最廣泛的一組客戶。Select this option to target the widest set of customers.

      此選項對應至 Azure AD 多租用戶和個人 Microsoft 帳戶。This option maps to Azure AD multi-tenant and personal Microsoft accounts.

      如果您將應用程式註冊為 Azure AD 多租用戶和個人 Microsoft 帳戶,則無法在 UI 中變更此選擇。If you registered the app as Azure AD multi-tenant and personal Microsoft accounts, you cannot change this in the UI. 相反地,您必須使用應用程式資訊清單編輯器來變更支援的帳戶類型。Instead, you must use the application manifest editor to change the supported account types.
    • 重新導向 URI (選擇性) - 選取您要建置的應用程式類型 ([Web] 或 [公用用戶端 (行動和傳統型)]),然後輸入應用程式的重新導向 URI (或回覆 URL)。Redirect URI (optional) - Select the type of app you're building, Web or Public client (mobile & desktop), and then enter the redirect URI (or reply URL) for your application.

      • 若為 Web 應用程式,請提供應用程式的基底 URL。For web applications, provide the base URL of your app. 例如,http://localhost:31544 可能是在您的本機電腦上執行之 Web 應用程式的 URL。For example, http://localhost:31544 might be the URL for a web app running on your local machine. 使用者會使用此 URL 來登入 Web 用戶端應用程式。Users would use this URL to sign in to a web client application.
      • 若為公用用戶端應用程式,請提供 Azure AD 用來傳回權杖回應的 URI。For public client applications, provide the URI used by Azure AD to return token responses. 輸入應用程式特定的值,例如 myapp://authEnter a value specific to your application, such as myapp://auth.

      若要查看 Web 應用程式或原生應用程式的特定範例,請參閱我們的快速入門To see specific examples for web applications or native applications, check out our quickstarts.

  5. 完成時,選取 [註冊]。When finished, select Register.

    在 Azure 入口網站註冊新的應用程式Register a new application in the Azure portal

Azure AD 會將唯一的應用程式 (用戶端) 識別碼指派給您的應用程式,然後系統會帶您進入應用程式的 [概觀] 頁面。Azure AD assigns a unique application (client) ID to your app, and you're taken to your application's Overview page. 若要在應用程式中新增額外的功能,您可以選取其他組態選項,包括商標、憑證和祕密、API 權限等等。To add additional capabilities to your application, you can select other configuration options including branding, certificates and secrets, API permissions, and more.

新註冊應用程式的 [概觀] 頁面Newly registered app's overview page

後續步驟Next steps