Steps to Create an OAuth App in Azure Active Directory

  1. Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
  2. If you can access multiple tenants, use the Settings icon in the top menu to switch to the tenant where you want to register the application from the Directories + Subscriptions menu.
  3. Navigate to Entra ID > App registrations and select New Registration.

Screenshot 2026-03-12 at 12.34.48 PM.png

  1. Enter a display Name for your application. Users of your application might see the display name when they use the app, for example, during sign-in. You can change the display name at any time. Select Supported account types ( who can use the application). Select Register to complete the initial app registration.

Screenshot 2026-03-12 at 12.38.27 PM.png

  1. When registration finishes, the Microsoft Entra admin center displays the app registration's Overview.
  2. Navigate to API Permissions and click Add a Permission ( and remove User.Read delegated type permission as shown below).

Screenshot 2026-03-12 at 12.56.05 PM.png

Screenshot 2026-03-12 at 12.56.10 PM.png

  1. Select Microsoft Graph and click Application permissions to add all required scopes.

Screenshot 2026-03-12 at 12.56.32 PM.png

Screenshot 2026-03-12 at 12.56.37 PM.png

  1. Select all these scopes mentioned below and click Add Permissions.
"<https://graph.microsoft.com/RoleManagement.Read.Directory>"
"<https://graph.microsoft.com/User.Read.All>"
  1. Grant access to all these scopes for your app as shown below.

Screenshot 2026-03-12 at 12.47.08 PM.png

  1. Navigate to Certificates & secrets → Client secrets → New client secret.

    Screenshot 2025-02-04 at 4.06.38 PM.png

  2. Copy the Secret value.