The Make application is managed by an application object in the Azure portal through the App Registrations experience. Application objects describe the application to Azure AD and can be considered the definition of the application, allowing the service to know how to issue tokens to the application based on its settings. The Make app registration has the following information configured during the installation by script
| Property | Value |
|---|---|
| Name | Make – [ENVIRONMENT] |
| Logo | AppLogo.png from the install folder |
| Redirect URIs | [Azure Web App URL] |
| [Azure Web App URL]/frameRedirect.html | |
| Secret | Name: Primary |
| Expires: 1, 2 years after installation date (or never) | |
| Value: Hidden. Logged during installation | |
| Certificate | Generated during installation. |
| Owners | The account used during installation |
| OAuth2 Allow Implicit Flow (see manifest) | True |
| User Assignments | Yes |
API Permissions
The Make application has the following API permissions configured:
Microsoft Graph
| Permission Name | Type |
|---|---|
| Access directory as the signed in user | Delegated |
| Read and write directory data | Application |
| Read and write all groups | Application |
| Read and write all OneNote notebooks | Application |
| Read and write all users' full profiles | Application |
SharePoint
| Permission Name | Type |
|---|---|
| Read and write items and lists in all site collections | Delegated |
| Read and write user files | Delegated |
| Have full control of all site collections | Application |
| Read and write items and lists in all site collections | Application |
| Read items in all site collections | Application |
| Read and write items in all site collections | Application |
| Read managed metadata | Application |
| Read and write managed metadata | Application |
| Read user profiles | Delegated |
| Read user profiles | Application |
| Read and write user profiles | Application |