Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Creates an Azure AD Application Registration with Client Secret using the Azure CLI
param (
[string]$tenantId,
[string]$userName,
[string]$userPassword,
[string]$subscriptionId,
[switch]$production,
[switch]$quiet
)
## Connecting to site
Clear-Host
Write-Host "===========================================================`nCreate Azure AD Application Registration`n===========================================================" -ForegroundColor Green
if ($userPassword -eq "") {
$conn = $host.UI.Prompt("Connect to $tenantid","Connect using: $userName", "Password")
$userPassword = $conn["Password"]
}
Write-Host "`n...About to connect to tenant [$tenantId] using credential [$userName]" -ForegroundColor Green
if (-not $quiet) {
Write-Host "`nPress S to start, or any other key to exit..." -ForegroundColor Yellow
$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
$canRun = $(($x.Character -eq "S") -or ($x.Character -eq "s"))
if (-not $canRun) {
return
}
}
<#
create application ClientSecret
https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in
#>
$bytes = New-Object Byte[] 32
$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()
$rand.GetBytes($bytes)
$rand.Dispose()
$newClientSecret = [System.Convert]::ToBase64String($bytes)
$expiryDate = ((Get-Date).AddYears(2)).ToString("yyyy-MM-dd")
Write-Host "`n...Connecting" -ForegroundColor Green
$subscriptions = (az login -u $userName -p $userPassword --tenant $tenantId --output json) | ConvertFrom-Json
$subscriptions | ForEach-Object { Write-Host "name: $($_.name) id: $($_.id)" }
# show current subscriptions available
# az account list
# show current subscription details
# az account show
# set the current subscription
Write-Host "`n...Setting Current Subscription" -ForegroundColor Green
az account set --subscription $subscriptionId
$subscription = (az account show --output json) | ConvertFrom-Json
Write-Host "- name: $($subscription.name)`n- id: $($subscription.id)"
if ($production) {
$appName = "Application Name [PROD]"
$app = (az ad app list --display-name "$appName" --output json) | ConvertFrom-Json
if ($app.Count -eq 0) {
Write-Host "`n- Creating Application '$appName'" -ForegroundColor Cyan
$app = (az ad app create --display-name "$appName" --identifier-uris "https://tenant.onmicrosoft.com/{appGuid}" --homepage "https://tenant.onmicrosoft.com/{appName}" --reply-urls "https://tenant.onmicrosoft.com/{appName}" --required-resource-accesses "./app-requiredResourceManifest.json" --end-date "$expiryDate" --password "$newClientSecret" --output json) | ConvertFrom-Json
Write-Host "-Application '$($app.displayName)' created" -ForegroundColor Cyan
Write-Host "-ClientId: $($app.appId)" -ForegroundColor Cyan
Write-Host "-ClientSecret: $newClientSecret (expires: $expiryDate)" -ForegroundColor Cyan
} else {
Write-Host "`n-Application '$($app.displayName)' ClientId:$($app.appId) already created" -ForegroundColor Green
}
} else {
$appName = "Application Name [DEV]"
$app = (az ad app list --display-name "$appName" --output json) | ConvertFrom-Json
if ($app.Count -eq 0) {
} else {
Write-Host "`n-Application '$($app.displayName)' ClientId:$($app.appId) already created" -ForegroundColor Green
}
}
Write-Host "`nDone" -ForegroundColor Cyan
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.