Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Create an Azure AD application and service principal for Postman
#Requires -Modules AzureRM.Resources, AzureRM.Profile
#Modify below variables
$SubscriptionName = "Tao Playground"
$ApplicationDisplayName = "Postman"
#region functions
Function New-Passowrd
[Parameter(Mandatory = $true)][int]$Length,
[Parameter(Mandatory = $true)][int]$NumberOfSpecialCharacters
Add-Type -AssemblyName System.Web
#region main
$SignOnUrl = ""
$ReplyUrl = "" #Do not change this one
Write-Output "Loging to Azure"
#Add-AzureRMAccount -Credential $AADCred
$Context = Set-AzureRmContext -SubscriptionName $SubscriptionName
$SubscriptionId = $Context.Subscription.SubscriptionId
$TenantId = $Context.Tenant.TenantId
$ApplicationPassword = New-Passowrd -Length 16 -NumberOfSpecialCharacters 0
$Application = New-AzureRmADApplication -DisplayName $ApplicationDisplayName -HomePage $SignOnUrl -IdentifierUris "http://$ApplicationDisplayName" -ReplyUrls $ReplyUrl -Password $ApplicationPassword
Write-OUtput "Creating Azure AD Application Service Principal."
$ApplicationServicePrincipal = New-AzureRmADServicePrincipal -ApplicationId $Application.ApplicationId
Write-Output "Assigning the Contributor role to the application Service Principal..."
$NewRole = $null
$Retries = 0
While ($NewRole -eq $null -and $Retries -le 5)
# Sleep here for a few seconds to allow the service principal application to become active (should only take a couple of seconds normally)
Start-Sleep -Seconds 10
New-AzureRmRoleAssignment -RoleDefinitionName Contributor -ServicePrincipalName $Application.ApplicationId -ErrorAction SilentlyContinue
Start-Sleep -Seconds 10
$NewRole = Get-AzureRmRoleAssignment -ServicePrincipalName $Application.ApplicationId -ErrorAction SilentlyContinue
Write-Output "Save below information for future use:"
Write-Output "Azure Subscription Id: '$SubscriptionId'"
Write-Output "'$ApplicationDisplayName' application client ID: '$($Application.ApplicationId.ToString())'"
Write-Output "'$ApplicationDisplayName' application client secret: '$ApplicationPassword'"
Write-Output ""
Write-Output "Now go to and grant postman applicaiton access to the Windows Azure Service Management API (Delegated Permission: Access Azure Service Management as Organization users"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.