Skip to content

Instantly share code, notes, and snippets.

@akanieski

akanieski/azuredeploy.json

Last active July 16, 2021 18:12
Show Gist options
  • Save akanieski/98a14ba21daad976eb7646698c660d2d to your computer and use it in GitHub Desktop.
Save akanieski/98a14ba21daad976eb7646698c660d2d to your computer and use it in GitHub Desktop.
Download ZIP
Azure AD: OAuth Dynamic Client Registration - Logic Apps Endpoint
Raw
azuredeploy.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workflows_AAD_DC_Sample_name": {
"defaultValue": "AAD-DC-Sample",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Logic/workflows",
"apiVersion": "2017-07-01",
"name": "[parameters('workflows_AAD_DC_Sample_name')]",
"location": "eastus2",
"properties": {
"state": "Enabled",
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"ApprovalEmailImportance": {
"defaultValue": "High",
"type": "String"
},
"ApprovalEmailSubject": {
"defaultValue": "DCR - Application Registration Approval [Action Needed]",
"type": "String"
},
"ApproversEmail": {
"defaultValue": "approvals@contoso.org",
"type": "String"
},
"CredentialsName": {
"defaultValue": "Integration Credentials",
"type": "String"
}
},
"triggers": {
"manual": {
"type": "Request",
"kind": "Http",
"inputs": {
"schema": {
"properties": {
"client_name": {
"type": "string"
},
"redirect_uris": {
"items": {
"type": "string"
},
"type": "array"
}
},
"type": "object"
}
}
}
},
"actions": {
"HTTP": {
"runAfter": {},
"type": "Http",
"inputs": {
"authentication": {
"audience": "https://graph.microsoft.com",
"type": "ManagedServiceIdentity"
},
"body": {
"displayName": "@{triggerBody()?['client_name']}",
"spa": {
"redirectUris": "@triggerBody()?['redirect_uris']"
}
},
"headers": {
"Content-Type": "application/json"
},
"method": "POST",
"uri": "https://graph.microsoft.com/v1.0/applications"
}
},
"HTTP_2": {
"runAfter": {
"Parse_JSON": [
"Succeeded"
]
},
"type": "Http",
"inputs": {
"authentication": {
"audience": "https://graph.microsoft.com",
"type": "ManagedServiceIdentity"
},
"body": {
"passwordCredential": {
"displayName": "@{parameters('CredentialsName')}"
}
},
"method": "POST",
"uri": "https://graph.microsoft.com/v1.0/applications/@{body('Parse_JSON')?['id']}/addPassword"
}
},
"Parse_JSON": {
"runAfter": {
"HTTP": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('HTTP')",
"schema": {
"properties": {
"@@odata.context": {
"type": "string"
},
"addIns": {
"type": "array"
},
"api": {
"properties": {
"acceptMappedClaims": {},
"knownClientApplications": {
"type": "array"
},
"oauth2PermissionScopes": {
"type": "array"
},
"preAuthorizedApplications": {
"type": "array"
},
"requestedAccessTokenVersion": {
"type": "integer"
}
},
"type": "object"
},
"appId": {
"type": "string"
},
"appRoles": {
"type": "array"
},
"applicationTemplateId": {},
"createdDateTime": {
"type": "string"
},
"defaultRedirectUri": {},
"deletedDateTime": {},
"description": {},
"disabledByMicrosoftStatus": {},
"displayName": {
"type": "string"
},
"groupMembershipClaims": {},
"id": {
"type": "string"
},
"identifierUris": {
"type": "array"
},
"info": {
"properties": {
"logoUrl": {},
"marketingUrl": {},
"privacyStatementUrl": {},
"supportUrl": {},
"termsOfServiceUrl": {}
},
"type": "object"
},
"isDeviceOnlyAuthSupported": {},
"isFallbackPublicClient": {},
"keyCredentials": {
"type": "array"
},
"notes": {},
"optionalClaims": {},
"parentalControlSettings": {
"properties": {
"countriesBlockedForMinors": {
"type": "array"
},
"legalAgeGroupRule": {
"type": "string"
}
},
"type": "object"
},
"passwordCredentials": {
"type": "array"
},
"publicClient": {
"properties": {
"redirectUris": {
"type": "array"
}
},
"type": "object"
},
"publisherDomain": {
"type": "string"
},
"requiredResourceAccess": {
"type": "array"
},
"signInAudience": {
"type": "string"
},
"spa": {
"properties": {
"redirectUris": {
"type": "array"
}
},
"type": "object"
},
"tags": {
"type": "array"
},
"tokenEncryptionKeyId": {},
"verifiedPublisher": {
"properties": {
"addedDateTime": {},
"displayName": {},
"verifiedPublisherId": {}
},
"type": "object"
},
"web": {
"properties": {
"homePageUrl": {},
"implicitGrantSettings": {
"properties": {
"enableAccessTokenIssuance": {
"type": "boolean"
},
"enableIdTokenIssuance": {
"type": "boolean"
}
},
"type": "object"
},
"logoutUrl": {},
"redirectUris": {
"type": "array"
}
},
"type": "object"
}
},
"type": "object"
}
}
},
"Parse_JSON_2": {
"runAfter": {
"HTTP_2": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('HTTP_2')",
"schema": {
"properties": {
"customKeyIdentifier": {},
"displayName": {
"type": "string"
},
"endDateTime": {
"type": "string"
},
"hint": {
"type": "string"
},
"keyId": {
"type": "string"
},
"secretText": {
"type": "string"
},
"startDateTime": {
"type": "string"
}
},
"type": "object"
}
}
},
"Response": {
"runAfter": {
"Parse_JSON_2": [
"Succeeded"
]
},
"type": "Response",
"kind": "Http",
"inputs": {
"body": {
"client_id": "@{body('Parse_JSON')?['appId']}",
"client_name": "@{triggerBody()?['client_name']}",
"client_secret": "@{body('Parse_JSON_2')?['secretText']}",
"client_secret_expires_at": "@{body('Parse_JSON_2')?['endDateTime']}",
"redirect_uris": "@body('Parse_JSON')?['spa']?['redirectUris']"
},
"statusCode": 200
}
}
},
"outputs": {}
},
"parameters": {}
}
}
]
}
Raw
parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workflows_AAD_DC_Sample_name": {
"value": null
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment