For more information, see Register an application in the Microsoft Azure documentation.
  1. Sign on to the Microsoft Azure portal and go to Azure Active Directory.
  2. Go to Manage > App registrations. Click New registration.
  3. On the Register an application page, in the Name field, enter a name for the application.
  4. For Supported Account Types section, select Personal Microsoft accounts only.
    Tip:

    Advanced configurations can provide access to organizational accounts in addition to, or instead of, personal Microsoft accounts. For help, click Help me choose and see Register an application in the Microsoft documentation. Note that each individual organization must have User.Read.All set in its API permissions. External organizations might not have this set.

    Remember your Support Account Types selection. You'll make the same selection in Configuring an adapter instance.

  5. In the Redirect URI section, select Web and enter https://pf_host:pf_port/ext/microsoft-authn.

    If you set a custom value here, write it down. You'll use it again in Configuring an adapter instance.

    For more information, see Add a redirect URI in the Microsoft Azure documentation.

  6. Click Register.
  7. On the application overview page, in the Essentials section, note the Application (client) ID. If you selected the Single tenant option for Supported Account Types, also note the Directory (tenant) ID.
  8. For Client credentials, click Add a certificate or secret. Click New client secret.
  9. Add a client secret.
    1. On the Add a client secret pane, enter a description and select an expiry period. Click Add.
      For help, see Add a client secret in the Microsoft documentation.

      Screen capture of the Certificates and secrets page with the Certificates & secrets section in the menu highlighted along with the New client secret button and the Value field.
    2. Note the client secret Value.