Azure-docs: Authorized Client Applications

Created on 14 Apr 2020 · 4Comments · Source: MicrosoftDocs/azure-docs

I may be mistaken, but there's no explanation of "Authorized Client application" on this page with the exception of the screenshot. Can we add a full explanation here?

If you have two separate enterprise applications one for the client app and one for web api, you can grant permission for your users, however this is an issue for multitenant applications as you need to authorized the client application so that it will not prompt the user for consent.

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 23b434db-9091-da08-2c96-839d462bc114
Version Independent ID: 7bee76e7-acdc-5bc5-50ec-6004c73b9a95
Content: Configure an app to expose web APIs - Microsoft identity platform
Content Source: articles/active-directory/develop/quickstart-configure-app-expose-web-apis.md
Service: active-directory
Sub-service: develop
GitHub Login: @rwike77
Microsoft Alias: ryanwi

Pri1 active-directorsvc assigned-to-author develosubsvc doc-enhancement triaged

Source

D4-AzIdentity

👍1

Most helpful comment

@D4-AzIdentity @derisen Update in commit https://github.com/MicrosoftDocs/azure-docs/commit/93e72fc4cafcc82e11c8d7689caab6e1f73e7ed8 has been merged and published. Please see optional step 6:

(Optional) To suppress prompting for consent by users of your app to the scopes you've defined, you can "pre-authorize" the client application to access your web API. You should pre-authorize only those client applications that you trust since your users won't have the opportunity to decline consent.
1. Under Authorized client applications, select Add a client application
2. Enter the Application (client) ID of the client application you want to pre-authorize. For example, that of a web application you've previously registered.
3. Under Authorized scopes, select the scopes for which you want to suppress consent prompting, then select Add application.

The client app is now a pre-authorized client app (PCA), and users won't be prompted for consent when signing in to it.

mmacy on 5 Aug 2020

👍2

All 4 comments

@D4-AzIdentity Thanks for your feedback! We will investigate and update as appropriate.

SaurabhSharma-MSFT on 14 Apr 2020

@rwike77 Ryan, I'll take this one. #reassign:mmacy

mmacy on 4 Aug 2020

@D4-AzIdentity @derisen Update in commit https://github.com/MicrosoftDocs/azure-docs/commit/93e72fc4cafcc82e11c8d7689caab6e1f73e7ed8 has been merged and published. Please see optional step 6:

(Optional) To suppress prompting for consent by users of your app to the scopes you've defined, you can "pre-authorize" the client application to access your web API. You should pre-authorize only those client applications that you trust since your users won't have the opportunity to decline consent.
1. Under Authorized client applications, select Add a client application
2. Enter the Application (client) ID of the client application you want to pre-authorize. For example, that of a web application you've previously registered.
3. Under Authorized scopes, select the scopes for which you want to suppress consent prompting, then select Add application.