Reputation: 53
API Permission in AZURE AD (version july 19)
I found that to authorize the applications I can also add a client application in App registration>{my api}>Expose an API. I tried this method and the method mentioned here:
API Permission Issue while Azure App Registration
both work, What is the difference ? Is one better than the other?
Upvotes: 2
Views: 1572
Answers (1)
Reputation: 42043
If you add your client app in Authorized client applications, when your client calls the API, they will not need to consent. If you use another way, after you add the Delegated permission/Application permission, the user needs to consent to the application(if the permission is admin-consent needed, you need to use admin consent).
The one is not better than the other, they meet different requirements. As the statement said, if you want this API trusts the application, you could add your client to the Authorized client applications, then users will not be asked to consent when the client calls this API.
For more details about consenting to applications, see this link.
Upvotes: 3
Related Questions
- How to Add Api Permissions to an Azure App Registration using PowerShell
- Azure API permissions for Graph API
- API Permission Status not granted warning in Azure AD Application API Permission
- Application Permissions greyed out when requesting API Permission in Azure AD
- Azure AD application permission with scopping
- How to give API read / write permission for an added application in Azure
- Azure Active directory API permissions
- API Permission Issue while Azure App Registration
- How to configure permissions for the Azure AD authentication v2.0
- Azure Active Directory Object Permissions