maxali/MSGraphPowerShellAppRegistration.ps1

## MSGraphPowerShellAppRegistration.ps1
#Azure Resource Manager cmdlets to get hold of the dll. https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-4.0.0
Add-Type -Path "C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager\AzureRM.ApiManagement\Microsoft.IdentityModel.Clients.ActiveDirectory.dll"

#Utility function to get Microsoft Graph Access Token. To know more about this, see my post http://www.vrdmn.com/2017/05/authenticating-to-microsoft-graph-api.html
function Get-MSGraphToken($azuretenantADName, $userName, $userPassword)
{
  $AzureADAuthority = "https://login.microsoftonline.com/$azuretenantADName/oauth2/v2.0/authorize"
  $resourceURL = "https://graph.microsoft.com/"
  $powerShellClientId = "1950a258-227b-4e31-a9cf-717495945fc2"
  $userCreds = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.UserCredential($userName, $userPassword)
  $authContext = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext($AzureADAuthority)
  $authResult = $authContext.AcquireToken($resourceURL, $powerShellClientId, $userCreds)
  return $authResult.AccessToken
}

$azuretenantADName = "yourtenant.onmicrosoft.com"
$userName = "user1@yourtenant.onmicrosoft.com"
$userPassword = "password" #Using plain text password for demo purpose.

$graphAccessToken = Get-MSGraphToken $azuretenantADName $userName $userPassword

$requestHeader = @{
  "Authorization" = "Bearer $graphAccessToken"
  "Content-Type" = "application/json"
}

#JSON grabbed from the manifest of the Azure AD application
$bodyJSON = '{
  "displayName": "Created with MS Graph API",
  "identifierUris": [
    "https://yourtenant.onmicrosoft.com/unique-id"
  ],
  "replyUrls": [
    "https://yourapp.azurewebsites.net"
  ],
  "requiredResourceAccess": [
    {
      "resourceAppId": "00000002-0000-0000-c000-000000000000",
      "resourceAccess": [
        {
          "id": "311a71cc-e848-46a1-bdf8-97ff7156d8e6",
          "type": "Scope"
        }
      ]
    },
    {
      "resourceAppId": "00000003-0000-0ff1-ce00-000000000000",
      "resourceAccess": [
        {
          "id": "fbcd29d2-fcca-4405-aded-518d457caae4",
          "type": "Role"
        }
      ]
    }
  ]
}'

$Uri = "https://graph.microsoft.com/beta/applications"

$Result = (Invoke-RestMethod -Method Post -Headers $requestheader -Uri $Uri -Body $bodyJSON)
$Result
$clientID = $Result.appId
Write-Host "Client Id: $clientID"
	#Azure Resource Manager cmdlets to get hold of the dll. https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-4.0.0
	Add-Type -Path "C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager\AzureRM.ApiManagement\Microsoft.IdentityModel.Clients.ActiveDirectory.dll"

	#Utility function to get Microsoft Graph Access Token. To know more about this, see my post http://www.vrdmn.com/2017/05/authenticating-to-microsoft-graph-api.html
	function Get-MSGraphToken($azuretenantADName, $userName, $userPassword)
	{
	$AzureADAuthority = "https://login.microsoftonline.com/$azuretenantADName/oauth2/v2.0/authorize"
	$resourceURL = "https://graph.microsoft.com/"
	$powerShellClientId = "1950a258-227b-4e31-a9cf-717495945fc2"
	$userCreds = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.UserCredential($userName, $userPassword)
	$authContext = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext($AzureADAuthority)
	$authResult = $authContext.AcquireToken($resourceURL, $powerShellClientId, $userCreds)
	return $authResult.AccessToken
	}

	$azuretenantADName = "yourtenant.onmicrosoft.com"
	$userName = "user1@yourtenant.onmicrosoft.com"
	$userPassword = "password" #Using plain text password for demo purpose.

	$graphAccessToken = Get-MSGraphToken $azuretenantADName $userName $userPassword

	$requestHeader = @{
	"Authorization" = "Bearer $graphAccessToken"
	"Content-Type" = "application/json"
	}

	#JSON grabbed from the manifest of the Azure AD application
	$bodyJSON = '{
	"displayName": "Created with MS Graph API",
	"identifierUris": [
	"https://yourtenant.onmicrosoft.com/unique-id"
	],
	"replyUrls": [
	"https://yourapp.azurewebsites.net"
	],
	"requiredResourceAccess": [
	{
	"resourceAppId": "00000002-0000-0000-c000-000000000000",
	"resourceAccess": [
	{
	"id": "311a71cc-e848-46a1-bdf8-97ff7156d8e6",
	"type": "Scope"
	}
	]
	},
	{
	"resourceAppId": "00000003-0000-0ff1-ce00-000000000000",
	"resourceAccess": [
	{
	"id": "fbcd29d2-fcca-4405-aded-518d457caae4",
	"type": "Role"
	}
	]
	}
	]
	}'

	$Uri = "https://graph.microsoft.com/beta/applications"

	$Result = (Invoke-RestMethod -Method Post -Headers $requestheader -Uri $Uri -Body $bodyJSON)
	$Result
	$clientID = $Result.appId
	Write-Host "Client Id: $clientID"