Forum Discussion

inkybuck's avatar
inkybuck
Copper Contributor
Jun 01, 2021

Registering Azure AD App in National Clouds

We have an app that uses the Microsoft identity platform to get tokens for Microsoft Graph and Exchange Online PowerShell, so that it can read and change settings in a customer's Office 365 tenant. W...
Azure Active Directory (AAD)
microsoft 365
Seshadrr's avatar
Seshadrr
Iron Contributor
National clouds are physically isolated instances of Azure. These regions of Azure are designed to make sure that data residency, sovereignty, and compliance requirements are honored within geographical boundaries.

Including the global cloud, Azure Active Directory (Azure AD) is deployed in the following national clouds:  

Azure Government
Azure Germany
Azure China 21Vianet

National cloud Azure AD portal endpoint
Azure AD for US Government https://portal.azure.us
Azure AD Germany https://portal.microsoftazure.de
Azure AD China operated by 21Vianet https://portal.azure.cn
Azure AD (global service) https://portal.azure.com
inkybuck's avatar
inkybuck
Copper Contributor
Jun 02, 2021

Right, so if I want to get an OAuth token for a customer using one of the national clouds, I need to have the app that is requesting the token registered in that cloud, is that correct? How to do I do that? I assume I need to log into the Azure portal that you listed for the given cloud? Do I need a Microsoft Work/School account in that cloud to do so? (It looks like yes, but can I get one, for instance, for Germany, which is not accepting new customers?)

    • inkybuck's avatar
      inkybuck
      Copper Contributor
      Jun 02, 2021

      That has to do with Azure Stack, which I'm not using, although I see it does involve registering applications in Azure AD. However, to do so, one of the steps is: "When we are prompted to enter the AAD credentials, it is important to have an AAD tenant in Microsoft Azure Germany." This is the problem, whether using a PowerShell script, the portal, or whatever other means there are for registering an app, as far as I know you need to log into Azure AD Germany. Since I don't have an account and it is not accepting new customers, how do I do this?

Resources