I need help from someone with experience in Office365, OAUTH, ADMIN Consent process, App Registration, and Multi-tenancy.
We are developing a SaaS to analyze customer's data within office365 via Graph API and application permissions.
I'm trying to understand the best(and most automated) flow for onboarding the customers. Ideally, the Customer's Azure Global Administrator login in to our webapp using Microsoft Identity and gives consent to create an account (app registration or enterprise application) with the relevant application permissions. With these permissions our SaaS has access to analyze the Customer's data. As of right now, I'm only able to solve this through manual procedure in making the App Registration together with Customer on their Azure Tenant which gives me the Client ID, Tenant ID and Secret for our SaaS to authenticate with. I'm assuming something more fancy is possible :)
Finally, I'm looking for a method which involves a multi-tenant registration, which enables reuse of a single App Registration (in our own Azure tenant) across multiple tenants (Customers) as instances(Enterprise applications).
Your task is to walk me through the process on a shared screen of setting up Microsoft Login, Admin Consent which in turn creates the application permissions our SaaS need. Your English must be fluent, and you need to have strong experience with this type of Azure configuration.