Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Create an Azure AD application and service principal for Postman
#Requires -Modules AzureRM.Resources, AzureRM.Profile
#Modify below variables
$SubscriptionName = "Tao Playground"
$ApplicationDisplayName = "Postman"
#region functions
Function New-Passowrd
{
[CmdletBinding()]
PARAM (
[Parameter(Mandatory = $true)][int]$Length,
[Parameter(Mandatory = $true)][int]$NumberOfSpecialCharacters
)
Add-Type -AssemblyName System.Web
[Web.Security.Membership]::GeneratePassword($Length,$NumberOfSpecialCharacters)
}
#endregion
#region main
#Variables
$SignOnUrl = "https://www.getpostman.com"
$ReplyUrl = "https://www.getpostman.com/oauth2/callback" #Do not change this one
Write-Output "Loging to Azure"
Add-AzureRMAccount
#Add-AzureRMAccount -Credential $AADCred
$Context = Set-AzureRmContext -SubscriptionName $SubscriptionName
$SubscriptionId = $Context.Subscription.SubscriptionId
$TenantId = $Context.Tenant.TenantId
$ApplicationPassword = New-Passowrd -Length 16 -NumberOfSpecialCharacters 0
$Application = New-AzureRmADApplication -DisplayName $ApplicationDisplayName -HomePage $SignOnUrl -IdentifierUris "http://$ApplicationDisplayName" -ReplyUrls $ReplyUrl -Password $ApplicationPassword
Write-OUtput "Creating Azure AD Application Service Principal."
$ApplicationServicePrincipal = New-AzureRmADServicePrincipal -ApplicationId $Application.ApplicationId
Write-Output "Assigning the Contributor role to the application Service Principal..."
$NewRole = $null
$Retries = 0
While ($NewRole -eq $null -and $Retries -le 5)
{
# Sleep here for a few seconds to allow the service principal application to become active (should only take a couple of seconds normally)
Start-Sleep -Seconds 10
New-AzureRmRoleAssignment -RoleDefinitionName Contributor -ServicePrincipalName $Application.ApplicationId -ErrorAction SilentlyContinue
Start-Sleep -Seconds 10
$NewRole = Get-AzureRmRoleAssignment -ServicePrincipalName $Application.ApplicationId -ErrorAction SilentlyContinue
$Retries++
}
Write-Output "Save below information for future use:"
Write-Output "Azure Subscription Id: '$SubscriptionId'"
Write-Output "'$ApplicationDisplayName' application client ID: '$($Application.ApplicationId.ToString())'"
Write-Output "'$ApplicationDisplayName' application client secret: '$ApplicationPassword'"
Write-Output ""
Write-Output "Now go to https://manage.windowsazure.com and grant postman applicaiton access to the Windows Azure Service Management API (Delegated Permission: Access Azure Service Management as Organization users"
#endregion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment