Introduction: This post will go over a three different ways to add owner to Azure AD Application using Azure Powershell, Azure AD Graph, and Microsoft Graph endpoint. The Microsoft Graph documentation on this may not be clear to point out that an Application owner can be either a User object or a Service Principal object. Various technique to add Application Owner: Azure AD Powershell: Use the Azure AD Powershell command…
Read MoreHow to filter Fiddler capture traffic using host name and process name
This post discusses a couple of ways to filter Fiddler traffic based on domain names (or host names) and client process(es): Note that before using filter you should make sure Fiddler is configured to capture all processes. This is indicated at the bottom left corner of Fiddler window. That area is clickable to change the selection. Filter traffic using Fiddler’s built-in filter feature: From Fiddler’s right pane –> Filters tab…
Read MoreCapture http(s) traffic with Http Fiddler
1 – Download the Fiddler 4 application and install it on the machine used to reproduce the problem (if you have not already). Go to http://www.telerik.com/download/fiddler 2 – Enable the option to decrypt HTTPS traffic: Tools -> Options -> Https -> select ‘decrypt HTTPS Traffic’ (you may be prompted to install the Fiddler certificate – make sure to select Yes) Ensure this option is checked when collecting the trace as…
Read MoreHow to change a display Name of a registered application from another application
Introduction: This post will show you to change a displayName of a registered web application from another application using client credentials flow with Application Permission Walk Through steps: 1) In Azure AD’s App Registration portal, create 2 new app registrations called TestAppA and TestAppB. We will use TestAppA to change the display Name of TestAppB. It is not important what permission you configure for TestAppB. For TestAppA make sure you…
Read MoreQuery String is not allowed in redirect_uri for Azure AD
Problem: See update at the end. This is no longer an issue. Customer configures the following redirect URLs for his registered application in Azure AD and issues the following request to authenticate to Azure AD: GET https://login.microsoftonline.com/<tenant id>/oauth2/authorize?client_id=<app id>&redirect_uri=https%3a%2f%2flocalhost%3a44396%2fbac%2faad%3freqId%3dA123&response_mode=form_post&…. After logging in he is redirected to https://localhost:44396/bac/aad instead of https://localhost:44396/bac/aad?reqId=A123. The redirected URL does not have anything after the query string. Root Cause: The behavior is by design. This is…
Read MoreV2 App Registration is missing an “Add Owner” button
Problem: Customer registers an application in the app registration portal (https://app.dev.microsoft.com). He is not able share the application with other users since the “Add Owner” button is missing. Root cause: This problem can happen if the user registers the application in the app registration portal (V2 portal) under his personal MSA account. The behavior is documented in the following link: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-limitations Resolution: Re-register the application under an Azure AD account…
Read More