OAuth 2.0 for Microsoft Apps
Configuring OAuth 2.0 for integrations with Microsoft applications
Many Microsoft applications (like Teams, Outlook, OneDrive, etc.) use OAuth 2.0 for authorization.
To enable OAuth 2.0 authentication in your integration, you'll first need to register your application with Microsoft.
- Open Azure Portal and create a new application registration.
- Be sure to select Any Azure AD directory - Multi-tenant as the supported account type, so your customers (who have different Microsoft tenants) can use your integration.
- Select Web under Platforms and add the Prismatic OAuth 2.0 callback URL as the Redirect URI. The Prismatic OAuth 2.0 callback URL for the US commercial region is
https://oauth2.prismatic.io/callback
. If your Prismatic tenant is in a different region or you're using a custom domain, you'll need to use the appropriate callback URL for your region or domain. See OAuth 2.0 callback URLs for more information. - Open Certificates & Secrets and add a new Client Secret. Note the value of the secret (not the ID!).
- Note the Application (client) ID from the Overview page.
With your application registered, you can now configure your integration to use OAuth 2.0 using the client ID and client secret you generated.
Customizing the Microsoft OAuth 2.0 consent screen
You can customize the icon and name that appear on the OAuth 2.0 consent screen by adding a Branding & properties section to your application registration.
Microsoft OAuth 2.0 app approval
Microsoft will allow you to test your integration with your own Microsoft account, but you'll need to submit your application for approval before it can be used by other users. You can do that by adding your MPN ID under the Branding & properties section of your application registration.