Skip to content

Instantly share code, notes, and snippets.

@phillipharding

phillipharding/Create Azure AD App Registration.ps1

Created March 19, 2019 00:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save phillipharding/b36e66f98cf2b230725fccc924788400 to your computer and use it in GitHub Desktop.
Save phillipharding/b36e66f98cf2b230725fccc924788400 to your computer and use it in GitHub Desktop.
Download ZIP
Creates an Azure AD Application Registration with Client Secret using the Azure CLI
Raw
Create Azure AD App Registration.ps1
param (
[string]$tenantId,
[string]$userName,
[string]$userPassword,
[string]$subscriptionId,
[switch]$production,
[switch]$quiet
)
## Connecting to site
Clear-Host
Write-Host "===========================================================`nCreate Azure AD Application Registration`n===========================================================" -ForegroundColor Green
if ($userPassword -eq "") {
$conn = $host.UI.Prompt("Connect to $tenantid","Connect using: $userName", "Password")
$userPassword = $conn["Password"]
}
Write-Host "`n...About to connect to tenant [$tenantId] using credential [$userName]" -ForegroundColor Green
if (-not $quiet) {
Write-Host "`nPress S to start, or any other key to exit..." -ForegroundColor Yellow
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
$canRun = $(($x.Character -eq "S") -or ($x.Character -eq "s"))
if (-not $canRun) {
return
}
}
<#
create application ClientSecret
https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in
#>
$bytes = New-Object Byte[] 32
$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()
$rand.GetBytes($bytes)
$rand.Dispose()
$newClientSecret = [System.Convert]::ToBase64String($bytes)
$expiryDate = ((Get-Date).AddYears(2)).ToString("yyyy-MM-dd")
Write-Host "`n...Connecting" -ForegroundColor Green
$subscriptions = (az login -u $userName -p $userPassword --tenant $tenantId --output json) | ConvertFrom-Json
$subscriptions | ForEach-Object { Write-Host "name: $($_.name) id: $($_.id)" }
# show current subscriptions available
# az account list
# show current subscription details
# az account show
# set the current subscription
Write-Host "`n...Setting Current Subscription" -ForegroundColor Green
az account set --subscription $subscriptionId
$subscription = (az account show --output json) | ConvertFrom-Json
Write-Host "- name: $($subscription.name)`n- id: $($subscription.id)"
if ($production) {
$appName = "Application Name [PROD]"
$app = (az ad app list --display-name "$appName" --output json) | ConvertFrom-Json
if ($app.Count -eq 0) {
Write-Host "`n- Creating Application '$appName'" -ForegroundColor Cyan
$app = (az ad app create --display-name "$appName" --identifier-uris "https://tenant.onmicrosoft.com/{appGuid}" --homepage "https://tenant.onmicrosoft.com/{appName}" --reply-urls "https://tenant.onmicrosoft.com/{appName}" --required-resource-accesses "./app-requiredResourceManifest.json" --end-date "$expiryDate" --password "$newClientSecret" --output json) | ConvertFrom-Json
Write-Host "-Application '$($app.displayName)' created" -ForegroundColor Cyan
Write-Host "-ClientId: $($app.appId)" -ForegroundColor Cyan
Write-Host "-ClientSecret: $newClientSecret (expires: $expiryDate)" -ForegroundColor Cyan
} else {
Write-Host "`n-Application '$($app.displayName)' ClientId:$($app.appId) already created" -ForegroundColor Green
}
} else {
$appName = "Application Name [DEV]"
$app = (az ad app list --display-name "$appName" --output json) | ConvertFrom-Json
if ($app.Count -eq 0) {
} else {
Write-Host "`n-Application '$($app.displayName)' ClientId:$($app.appId) already created" -ForegroundColor Green
}
}
Write-Host "`nDone" -ForegroundColor Cyan
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment