是什么导致Azure AD应用程序出现在& amp; quot;我的应用程序& amp; quot; vs.& amp; quot; All Apps& amp; quot; (在传统经验中)或& amp; quot; Owned Applications& amp; quot; vs.& amp; quot; All Applications& amp; quot; (在预览中)? [英] What causes an Azure AD App to appear under "My apps" vs. "All Apps" (in legacy experience) or "Owned Applications" vs. "All Applications" (in Preview)?
问题描述
我们开发了一个在自定义域上运行的应用程序(为了这个问题,我们假设"example.com")。此外,此应用程序有三个环境 - 开发,测试和实时 - 我们希望分别在Azure AD中为SSO
设置。我们只有一个Azure AD租户,我们的主要公司域名(例如contoso.com)和自定义域名(再次,"example.com"用于我们的目的)都在该AD租户中注册。
对于"dev"环境,我们最初通过"添加应用程序"在租户中创建应用程序。 "Azure AD"下的向导> " contoso.com" > "企业应用程序" > "新的
申请表" > "正在开发的应用程序"。但是,当我们为"测试"创建应用程序注册时环境,我们经历了"Azure AD" > " contoso.com" > "应用注册(预览)"
> "新注册"。
We have an application we develop that runs on a custom domain (let's assume "example.com" for the sake of this question). In addition, this application has three environments -- dev, test, and live -- which we wanted to setup in Azure AD for SSO
separately. We have only one Azure AD tenant, and both our main corporate domain (e.g. contoso.com) and the custom domain (again, "example.com" for our purposes here) are registered in that AD tenant.
For the "dev" environment, we initially created the application in the tenant by going through the "Add an application" wizard under "Azure AD" > "contoso.com" > "Enterprise applications" > "New
application" > "Application you're developing". But, when we created the application registration for the "test" environment, we went through "Azure AD" > "contoso.com" > "App registrations (Preview)"
> "New registration".
创建"测试"后应用注册,我注意到在"应用注册(预览)"中刀片,它出现在"拥有的应用程序"下。选项卡,而"开发"选项卡应用注册没有。此外,在遗留的
"应用注册"中刀片,"测试"应用程序显示在"我的应用"下而"dev"则表示"dev"。应用程序没有。
After creating the "test" app registration, I noticed that in the "App registrations (Preview)" blade, it appears under the "Owned applications" tab while the "dev" app registration did not. Furthermore, in the legacy "App registrations" blade, the "test" app appears under "My apps" while the "dev" app does not.
之后,我尝试删除两个应用程序注册(在"应用程序注册(预览)"下),然后使用 "Azure AD"重新创建它们。 > " contoso.com" > "应用注册(预览)" > "新注册"
与其先前版本具有相同的子域名+名称(例如,我在"dev.example.com"处创建了dev作为"我的应用程序(Dev)",并且在"dev.example.com"中创建了"test"作为"我的应用程序"(测试) )在"test.example.com"中,就像它在
之前配置它被删除了)。这导致了以下两个我无法解释的奇怪行为:
Afterwards, I tried deleting both app registrations (under "App registrations (Preview)") and then recreating them both using "Azure AD" > "contoso.com" > "App registrations (Preview)" > "New registration" with an identical subdomain + name as their previous versions (e.g. I created dev as "My App (Dev)" at "dev.example.com" and "test" as "My App (Test) at "test.example.com", just like it was configured BEFORE it was deleted). This resulted in the following two curious behaviors that I cannot explain:
- Dev仍然在"拥有的应用程序"下显示不。 /"我的应用程序",尽管两者都以相同的方式创建,但是测试确实如此。
- "dev"的新应用注册继承了许多与删除之前相同的设置,而不必设置它们。例如,我打开了"隐式拨款"。并且已经提供了SSL证书,并且在我重新创建它之后,这两个
设置已经在新的应用程序注册中设置了;同时,这些设置都没有自动设置为"测试"。应用注册。
- Dev still did not appear under "Owned applications" / "My apps", while Test did, despite both being created the same way.
- The new app registration for "dev" inherited many of the same settings as it had before it was deleted, without my having to set them. For example, I had turned on "implicit grants" and had provided an SSL certificate, and both of those settings were already set on the new app registration after I re-created it; meanwhile, neither of those settings were automatically set for the "test" app registration.
就好像"dev"的设置一样。当我删除它的注册时,实际上没有被删除,当我将新实例命名为与旧实例相同时,Azure AD只是重用了旧设置。
It's as if the settings for "dev" were not actually deleted when I deleted its registration, and when I named the new instance the same as the old instance, Azure AD just reused the old settings.
有人可以了解一下是什么发生在这里?什么决定了应用的出现位置?删除应用程序注册时是否删除设置?如果您重新创建一个与旧版已删除的应用程序同名的应用程序,它是否会自动继承
那些较旧的设置?
Can someone shed some light on what's happening here? What determines where an app appears? Do settings not get deleted when an app registration is deleted? If you recreate an app with the same name as an older, deleted one, does it automatically inherit those older settings?
推荐答案
Hello,
Hello,
Azure中有两种类型的对象,一般用于Azure AD中的应用程序。
There are two types of objects in Azure which are used by application s in general in Azure AD.
1)服务主体对象 - 在企业应用程序刀片下显示
1) Service principal object - Displayed under enterprise applications blade
2)应用程序对象 - 在应用程序注册下显示
2) Application object - displayed under app registrations
您可以了解有关这些对象的更多信息,请 $ b这里是$ b。
You can learn more about these objects here.
现在让我们来看看你在部分中遇到的行为。
Now let's look at the behavior you experienced in parts.
创建"测试"后应用注册,我注意到在"应用注册(预览)"中刀片,在"拥有的应用程序"下看起来是
。选项卡,而"开发"选项卡应用注册没有。此外,在传统的"应用注册"中,刀片,"测试"应用程序显示在"我的应用"下而"dev"则表示"dev"。应用不会。
您创建了"测试"应用程序注册(预览)中的应用程序,它创建应用程序注册并明确地将您添加为所有者。
You created the "test" app from app registrations(preview), which creates an app registration and explicitly adds you as an owner.
您从企业应用程序创建了Dev - 它创建服务主体并为其创建应用程序对象映射。在这种情况下,您的用户帐户将不会作为应用注册的所有者明确添加。
You created Dev from enterprise applications - which creates a service principal and creates an application object for mapping. In this scenario your user account will not be added explicitly as the owner of the app registration.
当您在"测试"中明确添加为所有者时,您将在旧版刀片中的我的应用程序。
As you are explicitly added as owner in "test", you will see it under my apps in the legacy blade.
Dev仍然没有 出现在"拥有的应用程序"之下/"我的应用程序",而测试确实如此,尽管两者都以相同的方式创建了
。
我无法重现这一点。你能否确认你是如何删除"dev"的? ?从企业应用程序?或应用注册?
I am not able to reproduce this. Can you confirm how you deleted "dev" ? from enterprise applications ? or app registrations ?
"dev"的新应用注册继承了许多与删除之前相同的设置,而不必设置它们。
例如,我打开了"隐式拨款"并且提供了SSL证书,在重新创建之后,这两个设置都已在新的应用程序注册中设置;同时,这些设置都没有自动设置为
"测试"。应用注册。
如果您刚从企业应用程序中删除了服务主体对象,则应用程序对象将保留并保留设置。当您创建应用注册
时,将再次创建服务主体和应用程序对象。
希望这能澄清一点。
这篇关于是什么导致Azure AD应用程序出现在& amp; quot;我的应用程序& amp; quot; vs.& amp; quot; All Apps& amp; quot; (在传统经验中)或& amp; quot; Owned Applications& amp; quot; vs.& amp; quot; All Applications& amp; quot; (在预览中)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
