Skip to main content

Documentation Index

Fetch the complete documentation index at: https://nango.dev/docs/llms.txt

Use this file to discover all available pages before exploring further.

This guide shows you how to register your own app with Microsoft (via Microsoft Entra ID) to obtain your OAuth credentials (client ID & secret). These are required to let your users grant your app access to the Microsoft People API.
1

Create a Microsoft account and Azure account

If you don’t already have them, sign up for a Microsoft account and an Azure account.
2

Register an application in Microsoft Entra ID

  1. Sign in to the Microsoft Entra admin center as at least an Application Developer.
  2. If you have access to multiple tenants, use the Settings icon in the top menu to switch to the tenant in which you want to register the application.
  3. From the search bar at the top of the Azure portal, search for App registrations and select it. Then choose New registration. Or from your left navigation tab, navigate to Applications > App registrations then choose New registration.
  4. Enter a meaningful name for your application, for example “Nango Integration”.
  5. Under Supported account types you need to decide who can install your integration:
    • Accounts in any organizational directory - Any user account in a professional Microsoft organization (Business, School, etc.)
    • Accounts in any organizational directory and personal Microsoft accounts - The accounts from the first option, plus personal Microsoft accounts (pick this unless you want to restrict your integration to business accounts)
  6. Leave the Redirect URI section blank for now; we’ll configure it in a later step.
  7. Click Register to complete the app registration.
3

Note your application (client) ID

After registration, you’ll be taken to the application’s Overview page. Record the Application (client) ID, which uniquely identifies your application and is used in your application’s code as part of validating security tokens.
4

Add a redirect URI

  1. In the left sidebar, select Authentication.
  2. Under Platform configurations, select Add a platform.
  3. Select Web as the platform type.
  4. Enter https://api.nango.dev/oauth/callback as the Redirect URI.
  5. Under Advanced settings, keep Allow public client flows set to the default No for web applications.
  6. Click Configure to save your changes.
5

Add API permissions

  1. In the left sidebar, select API permissions.
  2. Click Add a permission.
  3. Select Microsoft Graph.
  4. Select Delegated permissions.
  5. Search for and select People.Read. If you need to retrieve people relevant to other users in your organization, also add People.Read.All (requires admin consent).
  6. Click Add permissions.
  7. If your application requires admin consent (e.g. for People.Read.All), click Grant admin consent for [tenant].
6

Create a client secret

  1. In the left sidebar, select Certificates & secrets.
  2. Under Client secrets, click New client secret.
  3. Enter a description for the secret and select an expiration period. Note that the maximum is 24 months — you’ll need to rotate it before it expires.
  4. Click Add.
  5. Important: Copy the secret value immediately and store it securely. You won’t be able to see it again after you leave this page.
7

Next

Follow the Quickstart.

Common scopes

ScopeDescription
People.ReadRead the signed-in user’s relevant people list (requires end-user consent)
People.Read.AllRead people relevant to any user in the organization (requires admin consent)
offline_accessAccess to refresh tokens for offline access
For a complete list of available scopes, see Microsoft Graph permissions reference.