> ## Documentation Index
> Fetch the complete documentation index at: https://docs.flowforma.com/llms.txt
> Use this file to discover all available pages before exploring further.

# App Registration

> Register an Azure AD app with Sites.Read.All Microsoft Graph permissions and generate a client secret to authenticate calls to the FlowForma Governance API.

## Step 1

1. Go to [portal.azure.com](https://portal.azure.com/) and sign in with your tenant administrator account.
2. Under **Azure Services**, click **Azure Active Directory**
3. On the left menu, click **App registrations**
4. On the horizontal menu, click **New registration**

   <img src="https://mintcdn.com/flowforma/g56Im1vOp6-ECYen/images/developers/flowforma-governance-api/app-registration/app-registration-1.png?fit=max&auto=format&n=g56Im1vOp6-ECYen&q=85&s=f6b7faacbd61c960e90a3adfd5a4e573" alt="New registration in App registrations" width="1304" height="586" data-path="images/developers/flowforma-governance-api/app-registration/app-registration-1.png" />
5. Set the **Application name** to `Api Authentication`
6. Set the **Redirect URI** to `https://oauth.pstmn.io/v1/browser-callback`
7. Click **Register**

   <img src="https://mintcdn.com/flowforma/g56Im1vOp6-ECYen/images/developers/flowforma-governance-api/app-registration/app-registration-2.png?fit=max&auto=format&n=g56Im1vOp6-ECYen&q=85&s=607493ae2d05b5481a8e3ee5c1962e1c" alt="Register the application" width="885" height="905" data-path="images/developers/flowforma-governance-api/app-registration/app-registration-2.png" />
8. On the left menu, click **API Permissions**
9. In the horizontal menu, click **Add a permission**, select **Microsoft Graph**, and then select **Application permissions**
10. Type `Sites.`, expand the **Sites** options, and check **Sites.Read.All**
11. Click **Add permissions**
12. In the horizontal menu, click **Grant admin consent for**, and click **Yes**
13. In the left menu, click **Overview**. From here, you can get the **Application (client) ID** and **Directory (tenant) ID**. You will need these in step 2
14. In the left menu, click **Certificates & secrets**
15. Click **New client secret**, enter a description, and click **Add**. Hover over the new client secret **Value** and copy it. You will need this in step 2

<img src="https://mintcdn.com/flowforma/g56Im1vOp6-ECYen/images/developers/flowforma-governance-api/app-registration/app-registration-3.png?fit=max&auto=format&n=g56Im1vOp6-ECYen&q=85&s=50582a12fdcc07f4bf30bb888ea088a9" alt="Configured API permissions for Sites.Read.All" width="1290" height="373" data-path="images/developers/flowforma-governance-api/app-registration/app-registration-3.png" />

The Azure AD application now has permissions to make requests as an application for Sites.Read.All.

## Step 2

1. To get Access token call to [https://api.flowforma.com/swagger/index.html](https://api.flowforma.com/swagger/index.html) endpoint providing **Application (client) ID**, **Directory (tenant) ID** and **Client secret** as query string parameters.

   <img src="https://mintcdn.com/flowforma/g56Im1vOp6-ECYen/images/developers/flowforma-governance-api/app-registration/app-registration-4.png?fit=max&auto=format&n=g56Im1vOp6-ECYen&q=85&s=3a8b7624791a93e25cfd6073ef4c8d6f" alt="Access token request in Swagger" width="1291" height="461" data-path="images/developers/flowforma-governance-api/app-registration/app-registration-4.png" />
2. Use Access token returned with this request to call FlowForma API services by adding it to Authorization header using the Bearer scheme.

Example header: Authorization

Value: Bearer 123YourToken.

## API

Refer to [https://api.flowforma.com/swagger/index.html](https://api.flowforma.com/swagger/index.html) for available operations and data schemas.

**ListDetails schema property NewLocationPick accepts following string values.**

* **'SC'** - Sitecollection Rootweb
* **'AWP'** - Appweb Parent Site (Parent Page To Flowforma App)
* **'AW'** - Appweb Site (Flowforma Page)
* **'RT'** - Retain Current List Location Defined In Flow
