Skip to main content

Prerequisites

  • Microsoft account (personal or organizational)
  • Access to Azure Portal

Step 1: Sign in to Azure Portal

  1. Visit https://portal.azure.com/ and sign in with your Microsoft account
  2. In the left sidebar or search bar, navigate to Microsoft Entra ID
  3. Click App registrations under the Manage section
Azure Portal Home App Registrations Page

Step 2: Register an Application

  1. Click New registration at the top of the App registrations page
  2. Fill out the registration form:
    • Name: Choose a descriptive app name (e.g., your brand name)
    • Supported account types: Select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
    • Redirect URI: Select Web and enter https://api.klavis.ai/oauth/azure-ad/callback
  3. Click Register
Register Application Form

Step 3: Get Client ID and Create Client Secret

After registration, you’ll be redirected to the application overview page.
  1. From the Overview page, copy the Application (client) ID - you’ll need this later
Application Overview
  1. In the left sidebar, go to Certificates & secrets
  2. Click the Client secrets tab
  3. Click New client secret
Certificates and Secrets
  1. In the dialog:
    • Description: Enter a description (e.g., klavis-api)
    • Expires: Select an expiration period (Recommended: 730 days / 24 months)
  2. Click Add
Add Client Secret
  1. Important: Copy the Value immediately - it will only be shown once!
Client Secret Created
You have successfully created a Microsoft Azure OAuth application! You now have your Application (client) ID and Client Secret ready for integration with Klavis AI.
OAuth scopes are configured automatically by Klavis when initiating the OAuth flow. You don’t need to manually set API permissions in Azure Portal, as web-configured scopes are handled dynamically based on which Microsoft service you’re connecting to (e.g., Microsoft Teams, Outlook, OneDrive).

(Optional) Step 4: Configure Branding

You can customize the branding that users see during the OAuth consent screen:
  1. In your app’s left sidebar, go to Branding & properties
  2. Configure the following optional fields:
    • Logo: Upload your company logo (displayed on the consent screen)
    • Home page URL: Your application’s homepage
    • Terms of service URL: Link to your terms of service
    • Privacy statement URL: Link to your privacy policy
  3. Click Save
Branding & Properties
Adding branding helps build trust with users during the OAuth flow by showing your company’s logo and links to your policies.

(Optional) Step 5: White Labeling

White labeling allows you to customize the OAuth experience with your own branding instead of Klavis AI’s.
If you want to use your own Microsoft Azure OAuth application with custom branding:
  1. Configure White Labeling: Go to https://www.klavis.ai/home/white-label
  2. Add Your Credentials: Enter your Azure Application (client) ID and Client Secret from Step 3
  3. Set Redirect URI: Use https://api.klavis.ai/oauth/azure-ad/callback or your custom callback URL
  4. Initiate OAuth: Use your Client ID when starting the OAuth flow: 
    // Example: Initiating Azure AD OAuth with white-label
const authUrl = `https://api.klavis.ai/oauth/azure-ad/authorize?instance_id=${instanceId}&client_id=${yourClientId}`;
window.location.href = authUrl;
For detailed white labeling implementation and code examples, see our OAuth & White Labeling guide.

Resources