To register a new application you need an account on Azure with enough permissions within your organization.
Set up an application
Step 1 – Register an application in the Azure AD portal
#1 — Go to portal.azure.com and sign in to the Azure portal #2 — Select 'App registrations' in the side menu > Click 'New registration' on top
#3 — Provide the required app information and click 'Register' at the bottom of the page:
Name: Enter a meaningful application name
Supported account types: Select 'Accounts in this organizational directory only'
Redirect URI: Select 'Web' and fill in the following redirect URI: https://spencerlogin.b2clogin.com/spencerlogin.onmicrosoft.com/oauth2/authresp
#4 — Share the Directory ID (orange) & Application ID (yellow) with Spencer
#5 -- Make sure to add the UPN as well:
Go to App registrations
Then token configuration
Click on the button "Add optional claim"
Select ID
Select UPN and add claim
Step 2 – Create a client secret
#1 — Go to the app's overview page and select 'Certificates & secrets' in the sidebar menu.
#2 — Click the 'New client secret' button. Add a description and select the maximum expiry period. Important: It is important you keep the end date of the expiry period in a shared calendar and provide the info to your Spencer contact as well because Azure will not notify you when this expires. Click 'Add'.
#3 — Copy the client secret and share it with Spencer Important: You can only copy the client secret right after the initial creation. You will not be able to do this later.
Grant the correct permissions Grant the following API permissions to the Spencer Azure application to sync users:
Make sure all Spencer test accounts are included in your Azure AD. Share a list of these test accounts with Spencer. At least one test account is required.