How to register an Azure AD application.


An Azure AD application can be authorized with permission to back up and restore data for all users in your organization. This article will guide you through how to register and authorize the Azure AD application.

What is the registered application in Azure AD? Why is it needed?
Basically, an application registered in the Azure Active Directory acts as a service principal, which is used to apply identity and access management (IAM) provided by Microsoft's identity platform, and to authorize unattended operations such as calling APIs. Refer to Azure's official doc for more information.

Register an Azure AD application using PowerShell script


Note: This PowerShell script must run on Windows 10 or Windows Server 2016 and above.

  1. Download the following PowerShell Script: create_azure_app.ps1.
  2. Click Start and type Windows Powershell in the search box. Right-click Windows PowerShell and then click Run as Administrator.
  3. To authorize the script, you need to change the Powershell execution policy in the Powershell Windows with the command below. This command changes the execution policy only once.

    Set-ExecutionPolicy  -ExecutionPolicy RemoteSigned -Scope Process

    Then, type Y to confirm.

  4. Run the script file to create an Azure AD application by typing the full path or the script file, like:

    C:\Users\Administrator\Desktop\create_azure_app.ps1

    Or get into the directory of the script file and run the script.

    cd C:\Users\Administrator\Desktop
    .\create_azure_app.ps1
  5. If the required modules have not yet been installed in your PowerShell, type Y to import and install them from the NuGet provider.
  6. Sign in to Microsoft 365 as a global admin in the window that pops up and connect to the Azure AD of your organization.
  7. Once the script has successfully created an application in your Azure AD, it will display the Application ID, Directory ID and Private key file path in PowerShell.
  8. Before proceeding to the next step in the wizard, please paste the following URL into a web browser and click the Grant admin consent button to authorize the API permissions.