entra-app-registration
Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), Azure resource security (use azure-security).
Install with Tessl CLI
npx tessl i github:microsoft/azure-skills --skill entra-app-registration85
Quality
78%
Does it follow best practices?
Impact
93%
1.22xAverage score across 3 eval scenarios
Optimize this skill with Tessl
npx tessl skill review --optimize ./.github/plugins/azure-skills/skills/entra-app-registration/SKILL.mdDiscovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that hits all the key criteria. It provides specific capabilities, comprehensive trigger terms covering both legacy and current Azure naming, explicit 'USE FOR' and 'DO NOT USE FOR' clauses that clearly define scope, and distinguishes itself from related Azure skills to prevent conflicts.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'app registration', 'OAuth 2.0 authentication', 'MSAL integration', 'configure OAuth', 'add API permissions', 'generate service principal', 'console app auth'. | 3 / 3 |
Completeness | Clearly answers both what (guides app registration, OAuth, MSAL integration) and when (explicit 'USE FOR:' clause with trigger terms, plus 'DO NOT USE FOR:' to clarify boundaries). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'create app registration', 'register Azure AD app', 'configure OAuth', 'set up authentication', 'MSAL example', 'Entra ID setup', 'Azure AD authentication' - covers both old (Azure AD) and new (Entra ID) naming conventions. | 3 / 3 |
Distinctiveness Conflict Risk | Explicitly distinguishes itself from related Azure skills by including 'DO NOT USE FOR' section referencing azure-rbac, azure-keyvault-expiration-audit, and azure-security, creating clear boundaries and reducing conflict risk. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
57%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill demonstrates strong organizational structure with excellent progressive disclosure, appropriately splitting detailed content into reference files. However, it over-explains concepts Claude already knows, lacks inline executable examples, and misses validation checkpoints in the workflow steps. The content would benefit from being more concise and including at least one complete, executable code snippet in the main file.
Suggestions
Remove or significantly condense the 'Key Concepts' and 'Application Types' tables - Claude already understands these Azure/OAuth fundamentals
Add at least one complete, executable CLI command or code snippet directly in the main file (e.g., a full `az ad app create` command with common parameters)
Add validation steps to the workflow, such as 'Verify registration: `az ad app show --id <app-id>`' after Step 1, and guidance on checking if permissions were granted correctly
Condense the Security Best Practices table into a shorter checklist format, removing explanations of obvious practices like 'Use HTTPS only'
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary explanations Claude already knows (e.g., 'Microsoft Entra ID is Microsoft's cloud-based identity and access management service') and verbose tables defining basic concepts. However, it's reasonably organized and not excessively padded. | 2 / 3 |
Actionability | The skill provides structured guidance but lacks executable code examples directly in the main file. Most concrete implementations are deferred to reference files, leaving the main content with procedural descriptions rather than copy-paste ready commands or code. | 2 / 3 |
Workflow Clarity | The 5-step workflow is clearly sequenced, but lacks explicit validation checkpoints or feedback loops. For operations involving secrets and authentication configuration, there's no guidance on verifying success or recovering from errors. | 2 / 3 |
Progressive Disclosure | Excellent use of progressive disclosure with a clear overview and well-signaled one-level-deep references to detailed materials. The SDK Quick References section and References section provide clear navigation to specialized content. | 3 / 3 |
Total | 9 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.