Use Microsoft Graph PowerShell to create an Application Registration for an ASP NET Web Site using Auth Code Grant

NewWebAppRegistration.ps1

# updated to remove my really ugly first attempt, based on awesome feedback provided.

$web = @{
    RedirectUris = "https://localhost:5001/signin-oidc"
    ImplicitGrantSettings = @{ EnableIdTokenIssuance = $true }
}

$createAppParams = @{
    DisplayName = "AspNetWebApp"
    Web = $web
    RequiredResourceAccess = @{
        ResourceAppId = "00000003-0000-0000-c000-000000000000"
        ResourceAccess = @(
            @{
                Id = "e1fe6dd8-ba31-4d61-89e7-88639da4683d"
                Type = "Scope"
            }
        )
    }
}
# note the use of @ below, instead of the expected $
$app = New-MgApplication @createAppParams

Hi Darrel, this is a really helpful post, thanks. I could use a little more help if you don't mind.
I am trying to create an app for user that are already logged in, that just acts as a redirect to an SPO site. I plan to use it in an access package for invited guests so when the go to the app portal, there is something to click on. If I use your code without the $web variable, then go to the portal gui and add the web redirect under the authentication tab, it works fine. But when I try to add the SPO link in place of your example, I get an error "Reply url contains punycode"

Would you have an example of how to add this during app create as I am trying to use this within an Azure Function.

Thanks

ah. Just answered my own questions after a side by side comparison of configs.

Need to add the signinaudience = 'AzureADMyOrg' to the createappparams like this

$createAppParams = @{
DisplayName = "AspNetWebApp"
Web = $web
signinaudience = 'AzureADMyOrg'
RequiredResourceAccess = @{
ResourceAppId = "00000003-0000-0000-c000-000000000000"
ResourceAccess = @(
@{
Id = "e1fe6dd8-ba31-4d61-89e7-88639da4683d"
Type = "Scope"
}
)
}