Updated: 02/09/2025

Create a native API for WorkZone Mobile (New)

Register the native API

If your WorkZone Mobile (New) app is already registered as “WorkZoneMobileNative,” skip this step and proceed to Add a redirect URI.

Log in to the Microsoft Azure portal.
Click App registrations. It must be the same place as your WorkZone Mobile (New) publication is created.
Click New registration.
Enter a Name for your WorkZone Mobile (New) app. For example, KMDWorkZoneNative.
Select appropriate supported account type.
Click Register.

See Microsoft quickguide on how to register an app or a web API for the detailed steps.

Add a redirect URI

See Microsoft quickguide on adding a redirect URI for the detailed steps.

Under Configure platforms, select the needed platform type (Web, iOS/macOS, Android, Mobile and desktop applications).
Provide your Redirect URI (URL of your WorkZone Mobile (New) web app publication).

For Web: enter the redirect URI in the following format: https://<Your host>/oauth2/signin-oidc (replace <your host> with your host).
For iOS: enter dk.kmd.kmd-workzone.intune for Bundle ID. The Redirect URI will be generated automatically.
For Android: enter dk.kmd.kmd_workzone for Package name. The Redirect URI will be generated automatically.

Add API permissions

See Microsoft quickguide on how to add API permissions for the detailed steps.

Make sure that the following API permissions are added:
- Under Microsoft Graph: User.Read.
- Under Microsoft Mobile Application Management: DeviceManagementManagedApps.ReadWrite.
- Under My APIs > [name of your hosted web app] (for example, My APIs > KMDWorkZoneWebApp): user_impersonation.
Click Add permissions.

See Microsoft article Give your app access to the Intune Mobile App Management service.

Configure tokens

Under Manage > Token configurations, click Add optional claim.
Select ID as the Token type.
Add upn claim.