Azure Application Registration Management for VS Code
This Visual Studio Code extension provides an easy way to view and manage Azure Application Registrations outside of the Azure Portal.
It allows for easy viewing, copying, adding, and editing of most the core application properties, such as:
It also allows for the simple creation of new applications, quickly viewing of the full application manifest in the editor, and has the ability to open the application registration directly in the Azure Portal when you need full editing control.
The application list is shown in a tree view, with the application itself at the top level, and each of the application properties as children. This allows for easy navigation and management of the application properties. The default list view is for applications owned by the signed in user. This can be changed in user settings, via the command palette, or via the view button on the toolbar to show all applications, or deleted applications.
All application properties have their own range of functionality. From the top-level application itself, down to each individual property, functionality can be accessed via a range of context menus. If required functionality is not currently implemented for a particular property then you can open the application registration in the Azure portal from the context menu of the application itself.
Most elements also have tooltips to help explain what they are and how they work, this includes the application list itself, which gives a quick view of the date the application was created and any internal notes you may have added.
Where password or certificate credentials are shown, the tooltip and icon colour will indicate if the credential is about to expire or has expired. This is based upon the expiry date of the credential. An upcoming expiry is determined as anything less than 30 days.
By default, to improve performance, the application list is limited to show 40 applications. This however is exposed as a user setting and can be changed if you wish. The list is sorted by application display name. If your application is not shown in the list you can also apply a filter on display name, which is applied before the maximum application shown limit (although only when eventual consistency is applied - see section below).
The default view only shows applications where the signed in user is an owner. This behaviour can be changed in user settings to show all applications if required.
This extension uses the
Please ensure your Azure CLI is authenticated to the correct tenant using
Manual commands are also available via the command palette to allow you to sign into a different tenant or sign out of the Azure CLI. Other additional top level application commands are also available, as can be seen in the image below. All top level commands also have keyboard shortcuts assigned to them.
The access token used for this extension uses the scope
Azure Active Directory stores multiple copies of data to handle large read volumes and provide high availability. When directory objects are created or updated, changes will eventually be applied to all the copies. This means that occasionally after making changes they may not initially be reflected in the application list. It can take anything from a few seconds to a few minutes for all copies to be updated, hence the term Eventual.
Microsoft Graph API (which this extension uses to manage applications registrations) handles this with the use of an eventual consistency header in API requests. Adding this header means the API will only return the results of directory objects where all copies have been updated. This can sometimes lead to confusing results.
Furthermore, some advanced query functionality of Graph API such as server-side ordering and filtering only works when explicitly telling the API to use eventual consistency. To deliver a better user experience this extension offers the ability to make Graph API calls with or without the eventual consistency header. This can be enabled or disabled in the user settings (see section below).
As a rule of thumb, if you are working with a small list of applications (fewer than 200 in total) it is recommended to disable the use of the eventual consistency header (which is enabled by default). The application list will then be ordered client-side, although the filter option will be unavailable.
If you are working with a large list of applications (more than 200 in total) then it is recommended to enable the use of the eventual consistency header. This will allow the list of applications to be filtered server-side by Graph API before results are returned ensuring the filter is based upon a full list of applications.
By default a consistency setting check and warning is enabled. When the application list is refreshed the total number of applications is counted and if it is considered that the consistency setting is set incorrectly then a warning will be shown. This warning can be disabled in the user settings.
If you have enabled the use of the eventual consistency header and some applications or properties are not initially showing correctly after creation or editing then simply wait a short time and refresh the list again. Read more on Eventual Consistency.
There are a number of user settings to control the behaviour of this extension. These are:
Functionality In Progress
The following functionality has not yet been implemented, but is on the backlog for addition in future releases. If any of this functionality is required you can right-click the application and open in the portal blade to manage them. If you have any suggestions for useful functionality please get in touch.
This extension is not officially supported and you use it at your own risk. It has a dependency on the Azure Tools extension pack, but only because it places the application registrations view into the Azure view container.