I am trying to use the Windows Azure Active Directory (WAAD) Graph API to add an application to my WAAD tenant. I have successfully used the API to create users. When using the API to add an application I receive an Authorization exception:
Authorization_RequestDenied: Insufficient privileges to complete the operation
Performing the same steps to add a user works without exception.
I followed the guide here: http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx#BKMK_Configuring and the samples here: http://code.msdn.microsoft.com/Write-Sample-App-for-79e55502 to get started.
Here is a sample of my code:
//get the tenantName
var tenantName = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
// retrieve the clientId and password values from the Web.config file
var clientId = ConfigurationManager.AppSettings["ClientId"];
var password = ConfigurationManager.AppSettings["Password"];
// get a token using the helper
var token = DirectoryDataServiceAuthorizationHelper.GetAuthorizationToken(tenantName, clientId, password);
// initialize a graphService instance using the token acquired from previous step
var graphService = new DirectoryDataService(tenantName, token);
// Create and save the application
var application = new Application();
application.availableToOtherTenants = false;
application.displayName = "some display name";
application.homepage = "https://localhost/";
application.identifierUris.Add("https://localhost/");
application.replyUrls.Add("https://localhost/");
graphService.AddTodirectoryObjects(application);
graphService.SaveChanges();
Do I need to setup rights to allow the creation of Applications via the Graph API? I was unable to find a location in the Azure Management Console that allowed me to do this.
Am I using the correct code to add an Application? There are not many examples on how to work with Applications. I assume I need to use the AddTodirectoryObjects to save an Application because I am not finding an "AddTo..." method for Applications.
