Creating the Entra ID App Registration

In order for AuthUpdateApp to retrieve users and update their authentication methods, an app registration needs to be set up in your Entra ID tenant.

Entra ID admin portal

1. Navigate to the App Registrations page on the Entra ID admin portal.
   • You can also access it by:
     1. Navigating to the Entra ID admin portal.
     2. Expanding the Identity section on the left-hand side.
     3. Expanding the Applications section under the Identity section.
     4. Click on App registrations.
2. Click on New registration at the top of the page.
3. Give the app a unique name and then click the Register button at the bottom of the page.
4. Once it creates the app registration, make note of the Application (client) ID and Directory (tenant) ID values on the page.
5. Click on API permissions on the left-hand side of the page.
6. Click on Add a permission.
7. Click on Microsoft Graph.
8. Click on Application permissions.
9. In the search field, type in User.Read.All. Expand the User section and click the checkbox for User.Read.All.
10. In the search field, type in UserAuthenticationMethod.ReadWrite.All. Expand the UserAuthenticationMethod section and click the checkbox for UserAuthenticationMethod.ReadWrite.All.
11. Click the Add permissions button at the bottom of the pane.
12. Click on Grant admin consent and then click the Yes button.
    • ⚠️ Note: This requires your user account to have the necessary permissions to do.
13. Click on Certificates & secrets on the left-hand side of the page.
14. Click on New client secret and then click the Add button.
    • You can optionally provide a description and change the lifetime of the secret.
15. Copy the value for the newly created secret and store it somewhere secure.
    • ⚠️ Note: This value is only showed once. If you lose it, you will have to create a new one.