You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/develop/howto-convert-app-to-be-multi-tenant.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -83,7 +83,7 @@ For a user to sign in to an application in Azure AD, the application must be rep
83
83
84
84
For a multi-tenant application, the initial registration for the application resides in the Azure AD tenant used by the developer. When a user from a different tenant signs in to the application for the first time, Azure AD asks them to consent to the permissions requested by the application. If they consent, then a representation of the application called a *service principal* is created in the user’s tenant, and sign-in can continue. A delegation is also created in the directory that records the user’s consent to the application. For details on the application's Application and ServicePrincipal objects, and how they relate to each other, see [Application objects and service principal objects][AAD-App-SP-Objects].
85
85
86
-
![Diagram which illustrates a user's consent to a single-tier app][Consent-Single-Tier]
86
+
![Diagram which illustrates a user's consent to a single-tier app.][Consent-Single-Tier]
87
87
88
88
This consent experience is affected by the permissions requested by the application. The Microsoft identity platform supports two kinds of permissions, app-only and delegated.
89
89
@@ -122,7 +122,7 @@ This can be a problem if your logical application consists of two or more applic
122
122
123
123
This is demonstrated in a multi-tier native client calling web API sample in the [Related content](#related-content) section at the end of this article. The following diagram provides an overview of consent for a multi-tier app registered in a single tenant.
124
124
125
-
![Diagram which illustrates consent to multi-tier known client app][Consent-Multi-Tier-Known-Client]
125
+
![Diagram which illustrates consent to multi-tier known client app.][Consent-Multi-Tier-Known-Client]
126
126
127
127
#### Multiple tiers in multiple tenants
128
128
@@ -137,7 +137,7 @@ If it's an API built by an organization other than Microsoft, the developer of t
137
137
138
138
The following diagram provides an overview of consent for a multi-tier app registered in different tenants.
139
139
140
-
![Diagram which illustrates consent to multi-tier multi-party app][Consent-Multi-Tier-Multi-Party]
140
+
![Diagram which illustrates consent to multi-tier multi-party app.][Consent-Multi-Tier-Multi-Party]
141
141
142
142
### Revoking consent
143
143
@@ -163,7 +163,7 @@ Multi-tenant applications can also get access tokens to call APIs that are prote
163
163
164
164
## Next steps
165
165
166
-
In this article, you learned how to convert a single tenant application to a multi-tenant application. After enabling Single Sign-On (SSO) between your app and Azure AD, update your app to access APIs exposed by Microsoft resources like Microsoft 365. This lets you offer a personalized experience in your application, such as showing contextual information to the users, for example, profile pictures and calendar appointments.
166
+
In this article, you learned how to convert a single tenant application to a multi-tenant application. After enabling single sign-on (SSO) between your app and Azure AD, update your app to access APIs exposed by Microsoft resources like Microsoft 365. This lets you offer a personalized experience in your application, such as showing contextual information to the users, for example, profile pictures and calendar appointments.
167
167
168
168
To learn more about making API calls to Azure AD and Microsoft 365 services like Exchange, SharePoint, OneDrive, OneNote, and more, visit [Microsoft Graph API][MSFT-Graph-overview].
0 commit comments