Namespace: microsoft.graph
Importante
As APIs na versão /beta no Microsoft Graph estão sujeitas a alterações. Não há suporte para o uso dessas APIs em aplicativos de produção. Para determinar se uma API está disponível na v1.0, use o seletor Versão.
Crie um novo objeto application. Esta API também pode criar um objeto agentIdentityBlueprint quando a propriedade @odata.type está definida como #microsoft.graph.agentIdentityBlueprint.
Importante
Não partilhe os IDs de cliente da aplicação (appId) na documentação da API ou nos exemplos de código.
Esta API está disponível nas seguintes implementações de cloud nacionais.
| Serviço global |
US Government L4 |
US Government L5 (DOD) |
China operada pela 21Vianet |
| ✅ |
✅ |
✅ |
✅ |
Permissões
Escolha a permissão ou permissões marcadas como menos privilegiadas para esta API. Utilize uma permissão ou permissões com privilégios mais elevados apenas se a sua aplicação o exigir. Para obter detalhes sobre as permissões delegadas e de aplicação, veja Tipos de permissão. Para saber mais sobre estas permissões, veja a referência de permissões.
| Tipo de permissão |
Permissões com menos privilégios |
Permissões com privilégios superiores |
| Delegado (conta corporativa ou de estudante) |
Application.ReadWrite.All |
AgentIdentityBlueprint.Create |
| Delegado (conta pessoal da Microsoft) |
Application.ReadWrite.All |
Indisponível. |
| Application |
Application.ReadWrite.OwnedBy |
AgentIdentityBlueprint.Create, Application.ReadWrite.All |
Importante
Em cenários delegados com contas escolares ou profissionais, tem de ser atribuída ao administrador uma função de Microsoft Entra suportada ou uma função personalizada com uma permissão de função suportada. As seguintes funções com menos privilégios são suportadas para esta operação.
- Um membro não administrador ou convidado com permissões de utilizador predefinidas, a menos que o administrador do inquilino tenha acesso restrito
- Programador de Aplicações – crie aplicações mesmo quando o administrador tem acesso restrito a membros e convidados; o principal com esta função tem a propriedade atribuída da aplicação que criam
- Escritores de Diretórios – atualizar as propriedades da extensão
- Administrador de Identidade Híbrida – atualizar apenas as propriedades básicas
- Administrador de Segurança
- Administrador de Aplicativos de Nuvem
- Administrador de Aplicativos
Solicitação HTTP
POST /applications
| Nome |
Descrição |
| Autorização |
{token} de portador. Obrigatório. Saiba mais sobre autenticação e autorização. |
| Content-Type |
application/json. Obrigatório. |
Corpo da solicitação
No corpo da solicitação, forneça uma representação JSON do objeto application. O corpo do pedido tem de conter displayName, que é uma propriedade necessária. Para criar um agentIdentityBlueprint, defina também a propriedade @odata.type como #microsoft.graph.agentIdentityBlueprint.
Resposta
Se for bem-sucedido, este método devolve 201 Created o código de resposta e um objeto application ou agentIdentityBlueprint no corpo da resposta.
Exemplos
Exemplo 1: Criar uma aplicação com as predefinições
Solicitação
O exemplo a seguir mostra uma solicitação.
POST https://graph.microsoft.com/beta/applications
Content-type: application/json
{
"displayName": "Display name"
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new Application
{
DisplayName = "Display name",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Applications.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewApplication()
displayName := "Display name"
requestBody.SetDisplayName(&displayName)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
applications, err := graphClient.Applications().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
Application application = new Application();
application.setDisplayName("Display name");
Application result = graphClient.applications().post(application);
const options = {
authProvider,
};
const client = Client.init(options);
const application = {
displayName: 'Display name'
};
await client.api('/applications')
.version('beta')
.post(application);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\Application;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Application();
$requestBody->setDisplayName('Display name');
$result = $graphServiceClient->applications()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Applications
$params = @{
displayName = "Display name"
}
New-MgBetaApplication -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.application import Application
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Application(
display_name = "Display name",
)
result = await graph_client.applications.post(request_body)
Resposta
O exemplo a seguir mostra a resposta.
Observação: o objeto de resposta mostrado aqui pode ser encurtado para legibilidade.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#applications/$entity",
"id": "03ef14b0-ca33-4840-8f4f-d6e91916010e",
"deletedDateTime": null,
"isFallbackPublicClient": null,
"appId": "631a96bc-a705-4eda-9f99-fdaf9f54f6a2",
"applicationTemplateId": null,
"identifierUris": [],
"createdDateTime": "2019-09-17T19:10:35.2742618Z",
"displayName": "Display name",
"isDeviceOnlyAuthSupported": null,
"groupMembershipClaims": null,
"optionalClaims": null,
"addIns": [],
"publisherDomain": "contoso.com",
"samlMetadataUrl": "https://graph.microsoft.com/2h5hjaj542de/app",
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"tags": [],
"tokenEncryptionKeyId": null,
"api": {
"requestedAccessTokenVersion": 2,
"acceptMappedClaims": null,
"knownClientApplications": [],
"oauth2PermissionScopes": [],
"preAuthorizedApplications": []
},
"appRoles": [],
"publicClient": {
"redirectUris": []
},
"info": {
"termsOfServiceUrl": null,
"supportUrl": null,
"privacyStatementUrl": null,
"marketingUrl": null,
"logoUrl": null
},
"keyCredentials": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"requiredResourceAccess": [],
"uniqueName": null,
"web": {
"redirectUris": [],
"homePageUrl": null,
"logoutUrl": null,
"implicitGrantSettings": {
"enableIdTokenIssuance": false,
"enableAccessTokenIssuance": false
}
},
"windows" : null
}
Exemplo 2: Criar uma nova aplicação e adicionar um segredo de palavra-passe
Solicitação
POST https://graph.microsoft.com/beta/applications
Content-type: application/json
{
"displayName": "MyAppName",
"passwordCredentials": [
{
"displayName": "Password name"
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new Application
{
DisplayName = "MyAppName",
PasswordCredentials = new List<PasswordCredential>
{
new PasswordCredential
{
DisplayName = "Password name",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Applications.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewApplication()
displayName := "MyAppName"
requestBody.SetDisplayName(&displayName)
passwordCredential := graphmodels.NewPasswordCredential()
displayName := "Password name"
passwordCredential.SetDisplayName(&displayName)
passwordCredentials := []graphmodels.PasswordCredentialable {
passwordCredential,
}
requestBody.SetPasswordCredentials(passwordCredentials)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
applications, err := graphClient.Applications().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
Application application = new Application();
application.setDisplayName("MyAppName");
LinkedList<PasswordCredential> passwordCredentials = new LinkedList<PasswordCredential>();
PasswordCredential passwordCredential = new PasswordCredential();
passwordCredential.setDisplayName("Password name");
passwordCredentials.add(passwordCredential);
application.setPasswordCredentials(passwordCredentials);
Application result = graphClient.applications().post(application);
const options = {
authProvider,
};
const client = Client.init(options);
const application = {
displayName: 'MyAppName',
passwordCredentials: [
{
displayName: 'Password name'
}
]
};
await client.api('/applications')
.version('beta')
.post(application);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\Application;
use Microsoft\Graph\Beta\Generated\Models\PasswordCredential;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Application();
$requestBody->setDisplayName('MyAppName');
$passwordCredentialsPasswordCredential1 = new PasswordCredential();
$passwordCredentialsPasswordCredential1->setDisplayName('Password name');
$passwordCredentialsArray []= $passwordCredentialsPasswordCredential1;
$requestBody->setPasswordCredentials($passwordCredentialsArray);
$result = $graphServiceClient->applications()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Applications
$params = @{
displayName = "MyAppName"
passwordCredentials = @(
@{
displayName = "Password name"
}
)
}
New-MgBetaApplication -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.application import Application
from msgraph_beta.generated.models.password_credential import PasswordCredential
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Application(
display_name = "MyAppName",
password_credentials = [
PasswordCredential(
display_name = "Password name",
),
],
)
result = await graph_client.applications.post(request_body)
Resposta
O exemplo a seguir mostra a resposta. A propriedade secretText no objeto de resposta contém as palavras-passe fortes ou o segredo gerado por Microsoft Entra ID e tem entre 16 e 64 carateres de comprimento. Não existe nenhuma forma de obter esta palavra-passe no futuro.
Observação: o objeto de resposta mostrado aqui pode ser encurtado com fins de legibilidade.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#applications/$entity",
"id": "83ab4737-da9d-4084-86f2-f8fbec220647",
"deletedDateTime": null,
"appId": "9519e58c-bd06-4120-a7fd-2220d4de8409",
"applicationTemplateId": null,
"disabledByMicrosoftStatus": null,
"createdDateTime": "2024-04-01T19:10:02.6626202Z",
"displayName": "MyAppName",
"description": null,
"keyCredentials": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [
{
"customKeyIdentifier": null,
"displayName": "Password name",
"endDateTime": "2026-04-01T19:10:02.6576213Z",
"hint": "puE",
"keyId": "09a0c91a-1bc3-4eaf-a945-c88c041fad6c",
"secretText": "1234567890abcdefghijklmnopqrstuvwxyzabcd",
"startDateTime": "2024-04-01T19:10:02.6576213Z"
}
],
"publicClient": {
"redirectUris": []
}
}
Exemplo 3: Criar uma nova aplicação multi-inquilino limitada apenas a alguns inquilinos
Solicitação
O exemplo seguinte cria uma aplicação multi-inquilino que só pode ser utilizada em dois inquilinos permitidos Microsoft Entra (e no inquilino onde a aplicação está registada).
POST https://graph.microsoft.com/beta/applications
Content-type: application/json
{
"displayName": "MyAppName",
"signInAudience": "AzureADMultipleOrgs",
"signInAudienceRestrictions": {
"@odata.type": "#microsoft.graph.allowedTenantsAudience",
"isHomeTenantAllowed": true,
"allowedTenantIds": [
"818ce016-78c2-457c-91d7-c02c2faaa5fe",
"c62670b0-53a1-4a38-b26c-4093cbaa510a"
]
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new Application
{
DisplayName = "MyAppName",
SignInAudience = "AzureADMultipleOrgs",
SignInAudienceRestrictions = new AllowedTenantsAudience
{
OdataType = "#microsoft.graph.allowedTenantsAudience",
IsHomeTenantAllowed = true,
AllowedTenantIds = new List<string>
{
"818ce016-78c2-457c-91d7-c02c2faaa5fe",
"c62670b0-53a1-4a38-b26c-4093cbaa510a",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Applications.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewApplication()
displayName := "MyAppName"
requestBody.SetDisplayName(&displayName)
signInAudience := "AzureADMultipleOrgs"
requestBody.SetSignInAudience(&signInAudience)
signInAudienceRestrictions := graphmodels.NewAllowedTenantsAudience()
isHomeTenantAllowed := true
signInAudienceRestrictions.SetIsHomeTenantAllowed(&isHomeTenantAllowed)
allowedTenantIds := []string {
"818ce016-78c2-457c-91d7-c02c2faaa5fe",
"c62670b0-53a1-4a38-b26c-4093cbaa510a",
}
signInAudienceRestrictions.SetAllowedTenantIds(allowedTenantIds)
requestBody.SetSignInAudienceRestrictions(signInAudienceRestrictions)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
applications, err := graphClient.Applications().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
Application application = new Application();
application.setDisplayName("MyAppName");
application.setSignInAudience("AzureADMultipleOrgs");
AllowedTenantsAudience signInAudienceRestrictions = new AllowedTenantsAudience();
signInAudienceRestrictions.setOdataType("#microsoft.graph.allowedTenantsAudience");
signInAudienceRestrictions.setIsHomeTenantAllowed(true);
LinkedList<String> allowedTenantIds = new LinkedList<String>();
allowedTenantIds.add("818ce016-78c2-457c-91d7-c02c2faaa5fe");
allowedTenantIds.add("c62670b0-53a1-4a38-b26c-4093cbaa510a");
signInAudienceRestrictions.setAllowedTenantIds(allowedTenantIds);
application.setSignInAudienceRestrictions(signInAudienceRestrictions);
Application result = graphClient.applications().post(application);
const options = {
authProvider,
};
const client = Client.init(options);
const application = {
displayName: 'MyAppName',
signInAudience: 'AzureADMultipleOrgs',
signInAudienceRestrictions: {
'@odata.type': '#microsoft.graph.allowedTenantsAudience',
isHomeTenantAllowed: true,
allowedTenantIds: [
'818ce016-78c2-457c-91d7-c02c2faaa5fe',
'c62670b0-53a1-4a38-b26c-4093cbaa510a'
]
}
};
await client.api('/applications')
.version('beta')
.post(application);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\Application;
use Microsoft\Graph\Beta\Generated\Models\AllowedTenantsAudience;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Application();
$requestBody->setDisplayName('MyAppName');
$requestBody->setSignInAudience('AzureADMultipleOrgs');
$signInAudienceRestrictions = new AllowedTenantsAudience();
$signInAudienceRestrictions->setOdataType('#microsoft.graph.allowedTenantsAudience');
$signInAudienceRestrictions->setIsHomeTenantAllowed(true);
$signInAudienceRestrictions->setAllowedTenantIds(['818ce016-78c2-457c-91d7-c02c2faaa5fe', 'c62670b0-53a1-4a38-b26c-4093cbaa510a', ]);
$requestBody->setSignInAudienceRestrictions($signInAudienceRestrictions);
$result = $graphServiceClient->applications()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Applications
$params = @{
displayName = "MyAppName"
signInAudience = "AzureADMultipleOrgs"
signInAudienceRestrictions = @{
"@odata.type" = "#microsoft.graph.allowedTenantsAudience"
isHomeTenantAllowed = $true
allowedTenantIds = @(
"818ce016-78c2-457c-91d7-c02c2faaa5fe"
"c62670b0-53a1-4a38-b26c-4093cbaa510a"
)
}
}
New-MgBetaApplication -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.application import Application
from msgraph_beta.generated.models.allowed_tenants_audience import AllowedTenantsAudience
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Application(
display_name = "MyAppName",
sign_in_audience = "AzureADMultipleOrgs",
sign_in_audience_restrictions = AllowedTenantsAudience(
odata_type = "#microsoft.graph.allowedTenantsAudience",
is_home_tenant_allowed = True,
allowed_tenant_ids = [
"818ce016-78c2-457c-91d7-c02c2faaa5fe",
"c62670b0-53a1-4a38-b26c-4093cbaa510a",
],
),
)
result = await graph_client.applications.post(request_body)
Resposta
O exemplo a seguir mostra a resposta.
Observação: o objeto de resposta mostrado aqui pode ser encurtado com fins de legibilidade.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#applications/$entity",
"id": "83ab4737-da9d-4084-86f2-f8fbec220647",
"appId": "9519e58c-bd06-4120-a7fd-2220d4de8409",
"createdDateTime": "2025-11-01T19:10:02.6626202Z",
"displayName": "MyAppName",
"signInAudience": "AzureADMultipleOrgs",
"signInAudienceRestrictions": {
"@odata.type": "#microsoft.graph.allowedTenantsAudience",
"isHomeTenantAllowed": true,
"allowedTenantIds": [
"818ce016-78c2-457c-91d7-c02c2faaa5fe",
"c62670b0-53a1-4a38-b26c-4093cbaa510a"
]
}
}