Name: entra-app-registration
Rating: 0.85 (1 reviews)
Author: microsoft

entra-app-registration

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), Azure resource security (use azure-security).

Install with Tessl CLI

npx tessl i github:microsoft/github-copilot-for-azure --skill entra-app-registration

What are skills?

1.22x

Review — 78%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Evaluation — 93%

↑ 1.22x

Agent success when using this skill

Validation — 11 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

89%

24%

Microsoft Graph Data Sync Service — Authentication Module

Production vs development credential selection

Criteria

Without context

With context

ManagedIdentityCredential in production

100%

DefaultAzureCredential for dev only

100%

Environment-aware branching

100%

No hardcoded secrets

100%

Correct azure-identity imports

50%

100%

DefaultAzureCredential NOT in production path

100%

User-assigned identity support

40%

Env variable for credentials

50%

Without context: $0.3356 · 1m 8s · 23 turns · 27 in / 3,809 out tokens

With context: $0.4035 · 1m 14s · 20 turns · 23 in / 4,093 out tokens

90%

17%

Platform Engineering: App Registration as Infrastructure Code

Bicep IaC for Entra app registration

Criteria

Without context

With context

Microsoft Graph Bicep extension

53%

100%

Correct app registration resource type

100%

Service principal resource

100%

requestedAccessTokenVersion set to 2

identifierUris uses api:// format

100%

Implicit grant access token disabled

100%

signInAudience configured

100%

Outputs include applicationId

100%

Web redirect URIs configured

100%

Without context: $0.1861 · 47s · 13 turns · 17 in / 2,540 out tokens

With context: $0.4514 · 1m 17s · 23 turns · 2,535 in / 4,184 out tokens

100%

Automate Service Account Provisioning for a Nightly Reporting Job

Azure CLI service principal provisioning script

Criteria

Without context

With context

Microsoft Graph resource ID

100%

Application permission type flag

100%

Explicit service principal creation

100%

Admin consent granted

100%

Credential reset warning acknowledged

20%

100%

Password field extracted

100%

Tenant ID retrieved

100%

Sign-in audience configured

100%

No delegated scope for background service

100%

Without context: $0.2273 · 1m 27s · 10 turns · 15 in / 5,120 out tokens

With context: $0.6517 · 2m 2s · 24 turns · 4,411 in / 6,773 out tokens

Evaluated: 2 days ago
Agent: Claude Code
Model: Unknown

Table of Contents

Microsoft Graph Data Sync Service — Authentication Module Platform Engineering: App Registration as Infrastructure Code Automate Service Account Provisioning for a Nightly Reporting Job

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.