Last active
September 5, 2023 16:46
-
-
Save darrelmiller/6ef1f447b6a23d08ebb9c12decd5e3c9 to your computer and use it in GitHub Desktop.
Use Microsoft Graph PowerShell to create an Application Registration for an ASP NET Web Site using Auth Code Grant
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # updated to remove my really ugly first attempt, based on awesome feedback provided. | |
| $web = @{ | |
| RedirectUris = "https://localhost:5001/signin-oidc" | |
| ImplicitGrantSettings = @{ EnableIdTokenIssuance = $true } | |
| } | |
| $createAppParams = @{ | |
| DisplayName = "AspNetWebApp" | |
| Web = $web | |
| RequiredResourceAccess = @{ | |
| ResourceAppId = "00000003-0000-0000-c000-000000000000" | |
| ResourceAccess = @( | |
| @{ | |
| Id = "e1fe6dd8-ba31-4d61-89e7-88639da4683d" | |
| Type = "Scope" | |
| } | |
| ) | |
| } | |
| } | |
| # note the use of @ below, instead of the expected $ | |
| $app = New-MgApplication @createAppParams |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ah. Just answered my own questions after a side by side comparison of configs.
Need to add the signinaudience = 'AzureADMyOrg' to the createappparams like this
$createAppParams = @{
DisplayName = "AspNetWebApp"
Web = $web
signinaudience = 'AzureADMyOrg'
RequiredResourceAccess = @{
ResourceAppId = "00000003-0000-0000-c000-000000000000"
ResourceAccess = @(
@{
Id = "e1fe6dd8-ba31-4d61-89e7-88639da4683d"
Type = "Scope"
}
)
}