application-post-applications.md

title	Create application
description	Create a new application.
author	sureshja
ms.localizationpriority	high
doc_type	apiPageType
ms.subservice	entra-applications
ms.date	05/14/2024

Create application

Namespace: microsoft.graph

Create a new application object.

Important

Do not share application client IDs (appId) in API documentation or code samples.

[!INCLUDE national-cloud-support]

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

[!INCLUDE permissions-table]

HTTP request

POST /applications

Request headers

Name	Description
Authorization	Bearer {token}. Required. Learn more about authentication and authorization.
Content-Type	application/json. Required.

Request body

In the request body, supply a JSON representation of application object. The request body must contain displayName, which is a required property.

Response

If successful, this method returns 201 Created response code and an application object in the response body.

Examples

Example 1: Create an application with the default settings

Request

The following example shows a request.

HTTP

POST https://graph.microsoft.com/v1.0/applications
Content-type: application/json

{
  "displayName": "Display name"
}

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

CLI

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

---

Response

The following example shows the response.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 201 Created
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
    "id": "03ef14b0-ca33-4840-8f4f-d6e91916010e",
    "deletedDateTime": null,
    "isFallbackPublicClient": null,
    "appId": "631a96bc-a705-4eda-9f99-fdaf9f54f6a2",
    "applicationTemplateId": null,
    "identifierUris": [],
    "createdDateTime": "2019-09-17T19:10:35.2742618Z",
    "displayName": "Display name",
    "isDeviceOnlyAuthSupported": null,
    "groupMembershipClaims": null,
    "optionalClaims": null,
    "addIns": [],
    "publisherDomain": "contoso.com",
    "samlMetadataUrl": "https://graph.microsoft.com/2h5hjaj542de/app",
    "signInAudience": "AzureADandPersonalMicrosoftAccount",
    "tags": [],
    "tokenEncryptionKeyId": null,
    "api": {
        "requestedAccessTokenVersion": 2,
        "acceptMappedClaims": null,
        "knownClientApplications": [],
        "oauth2PermissionScopes": [],
        "preAuthorizedApplications": []
    },
    "appRoles": [],
    "publicClient": {
        "redirectUris": []
    },
    "info": {
        "termsOfServiceUrl": null,
        "supportUrl": null,
        "privacyStatementUrl": null,
        "marketingUrl": null,
        "logoUrl": null
    },
    "keyCredentials": [],
    "parentalControlSettings": {
        "countriesBlockedForMinors": [],
        "legalAgeGroupRule": "Allow"
    },
    "passwordCredentials": [],
    "requiredResourceAccess": [],
    "web": {
        "redirectUris": [],
        "homePageUrl": null,
        "logoutUrl": null,
        "implicitGrantSettings": {
            "enableIdTokenIssuance": false,
            "enableAccessTokenIssuance": false
        }
    }
}

Example 2: Create a new application and add a password secret

Request

HTTP

POST https://graph.microsoft.com/v1.0/applications
Content-type: application/json

{
  "displayName": "MyAppName",
  "passwordCredentials": [
    {
      "displayName": "Password name"
    }
  ]
}

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

CLI

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

---

Response

The following example shows the response. The secretText property in the response object contains the strong passwords or secret generated by Microsoft Entra ID and is 16-64 characters in length. There is no way to retrieve this password in the future.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications/$entity",
    "id": "83ab4737-da9d-4084-86f2-f8fbec220647",
    "deletedDateTime": null,
    "appId": "9519e58c-bd06-4120-a7fd-2220d4de8409",
    "applicationTemplateId": null,
    "disabledByMicrosoftStatus": null,
    "createdDateTime": "2024-04-01T19:10:02.6626202Z",
    "displayName": "MyAppName",
    "description": null,
    "keyCredentials": [],
    "parentalControlSettings": {
        "countriesBlockedForMinors": [],
        "legalAgeGroupRule": "Allow"
    },
    "passwordCredentials": [
        {
            "customKeyIdentifier": null,
            "displayName": "Password name",
            "endDateTime": "2026-04-01T19:10:02.6576213Z",
            "hint": "puE",
            "keyId": "09a0c91a-1bc3-4eaf-a945-c88c041fad6c",
            "secretText": "1234567890abcdefghijklmnopqrstuvwxyzabcd",
            "startDateTime": "2024-04-01T19:10:02.6576213Z"
        }
    ],
    "publicClient": {
        "redirectUris": []
    }
}