Access ISHCM from PowerShell

Get-ISHCMWebSession.ps1

Function Get-ISHCMWebSession {
    param (
        [Parameter(Mandatory=$true)]
        [string]$DeploymentName,
        [Parameter(Mandatory=$false)]
        [PSCredential]$Credential=$null
    )

    $deployment=Get-ISHDeployment -Name $DeploymentName
    $deploymentParameters=Get-ISHDeploymentParameters -ISHDeployment $DeploymentName
    $ishCMURL="https://$($deployment.AccessHostName)/$($deployment.WebAppNameCM)/"
    $ishWSURL="https://$($deployment.AccessHostName)/$($deployment.WebAppNameWS)/"
    $issuerwstrustmexurl=$deploymentParameters |Where-Object -Property Name -EQ "issuerwstrustmexurl"|Select-Object -ExpandProperty Value
    $issuerwstrustendpointurl=$deploymentParameters |Where-Object -Property Name -EQ "issuerwstrustendpointurl"|Select-Object -ExpandProperty Value
    $importer=New-WcfWsdlImporter -Endpoint $issuerwstrustmexurl
    $newSecurityTokenHash=@{
        Endpoint=$importer|New-WcfServiceEndpoint -Endpoint $issuerwstrustendpointurl
        AppliesTo=$ishCMURL
        Bearer=$true
    }
    if($Credential)
    {
        $newSecurityTokenHash.Credential=$Credential
    }

    $token=New-SecurityToken @newSecurityTokenHash

    $validFrom = $token.ValidFrom.ToString("O");
    $validTo = $token.ValidTo.ToString("O");

    $tokenXML=$token.TokenXml.OuterXml

    $saml11Response='
    <t:RequestSecurityTokenResponse xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
      <t:Lifetime>
        <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">$validFrom</wsu:Created>
        <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">$validTo</wsu:Expires>
      </t:Lifetime>
      <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
        <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
          <wsa:Address>$ishCMURL</wsa:Address>
        </wsa:EndpointReference>
      </wsp:AppliesTo>
      <t:RequestedSecurityToken>$tokenXML</t:RequestedSecurityToken>
      <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
      <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
      <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType>
    </t:RequestSecurityTokenResponse>
    '

    $saml11Response=$saml11Response.Replace('$validFrom',$validFrom)
    $saml11Response=$saml11Response.Replace('$validTo',$validTo)
    $saml11Response=$saml11Response.Replace('$ishCMURL',$ishCMURL)
    $saml11Response=$saml11Response.Replace('$tokenXML',$tokenXML)

    $fields=@{
        wa="wsignin1.0"
        wresult=$saml11Response
    }
    Remove-Variable -Name ishCMSession -ErrorAction SilentlyContinue
    $response=Invoke-WebRequest -Uri $ishCMURL -Method POST -Body $fields -SessionVariable ishCMSession
    $ishCMSession
}

The cmdlet should allow using direct urls instead of the deployment name that queries the deployment locally with ISHDeploy
Example

$ishCMWebSession=Get-ISHCMWebSession 
$aspUrl=""
$content=Invoke-WebRequest -WebSession $ishCMWebSession -Uri $aspUrl