AzureADAppProxy

RegisterAppProxyConnectorCredential.ps1

# Register Azure AD App Proxy Connector
# PS! Using Credential Object cannot be used with MFA enabled administrator accounts, use offline token

$User = "<username of global administrator>"
$PlainPassword = '<password>'
$SecurePassword = $PlainPassword | ConvertTo-SecureString -AsPlainText -Force
$cred = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList $User, $SecurePassword

Set-Location "C:\Program Files\Microsoft AAD App Proxy Connector"
.\RegisterConnector.ps1 -modulePath "C:\Program Files\Microsoft AAD App Proxy Connector\Modules\" `
     -moduleName "AppProxyPSModule" -Authenticationmode Credentials -Usercredentials $cred

RegisterAppProxyConnectorOfflineToken.ps1

# Get Offline Token for Azure AD App Proxy Register Connector
# Then Register Connector with that Token

# Locate AzureAD/AzureADPreview PowerShell Module
# Change Name of Module to AzureAD or AzureADPreview after what you have installed 
$AADPoshPath = (Get-InstalledModule -Name AzureADPreview).InstalledLocation
# Set Location for ADAL Helper Library
$ADALPath = $(Get-ChildItem -Path $($AADPoshPath) -Filter Microsoft.IdentityModel.Clients.ActiveDirectory.dll -Recurse ).FullName | `
    Select-Object -Last 1

# Add ADAL Helper Library
Add-Type -Path $ADALPath

#region constants

# The AAD authentication endpoint uri
[uri]$AadAuthenticationEndpoint = "https://login.microsoftonline.com/common/oauth2/token?api-version=1.0/" 

# The application ID of the connector in AAD
[string]$ConnectorAppId = "55747057-9b5d-4bd4-b387-abf52a8bd489"

# The reply address of the connector application in AAD
[uri]$ConnectorRedirectAddress = "urn:ietf:wg:oauth:2.0:oob" 

# The AppIdUri of the registration service in AAD
[uri]$RegistrationServiceAppIdUri = "https://proxy.cloudwebappproxy.net/registerapp"

#endregion

#region GetAuthenticationToken

# Set AuthN context
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" `
 -ArgumentList $AadAuthenticationEndpoint

# Build platform parameters
$promptBehavior = [Microsoft.IdentityModel.Clients.ActiveDirectory.PromptBehavior]::Always
$platformParam = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters" -ArgumentList $promptBehavior

# Do AuthN and get token
$authResult = $authContext.AcquireTokenAsync($RegistrationServiceAppIdUri.AbsoluteUri, `
 $ConnectorAppId, `
 $ConnectorRedirectAddress, `
 $platformParam).Result

# Check AuthN result
If (($authResult) -and ($authResult.AccessToken) -and ($authResult.TenantId) ) {
    $token = $authResult.AccessToken
    $tenantId = $authResult.TenantId
    }
Else {
    Write-Output "Authentication result, token or tenant id returned are null"
    }

#endregion

# Create a secure string from token
$secureToken = $token | ConvertTo-SecureString -AsPlainText -Force

# Register connector with secure token and tenant guid
Set-Location "C:\Program Files\Microsoft AAD App Proxy Connector"
.\RegisterConnector.ps1 -modulePath "C:\Program Files\Microsoft AAD App Proxy Connector\Modules\" `
    -moduleName "AppProxyPSModule" -Authenticationmode Token -Token $SecureToken -TenantId $tenantId `
    -Feature ApplicationProxy