external help file | Module Name | online version | schema |
---|---|---|---|
Microsoft.Open.MS.GraphBeta.PowerShell.dll-Help.xml |
AzureADPreview |
2.0.0 |
Creates (registers) a new application object.
New-AzureADMSApplication [-AddIns <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]>]
[-Api <ApiApplication>] [-AppRoles <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]>]
[-GroupMembershipClaims <String>] [-IsDeviceOnlyAuthSupported <Boolean>] [-IsFallbackPublicClient <Boolean>]
[-IdentifierUris <System.Collections.Generic.List`1[System.String]>] -DisplayName <String>
[-InformationalUrl <InformationalUrl>]
[-KeyCredentials <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]>]
[-OptionalClaims <OptionalClaims>] [-OrgRestrictions <System.Collections.Generic.List`1[System.String]>]
[-ParentalControlSettings <ParentalControlSettings>]
[-PasswordCredentials <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]>]
[-PreAuthorizedApplications <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication]>]
[-PublicClient <PublicClientApplication>]
[-RequiredResourceAccess <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]>]
[-SignInAudience <String>] [-Tags <System.Collections.Generic.List`1[System.String]>]
[-TokenEncryptionKeyId <String>] [-Web <WebApplication>] [<CommonParameters>]
Creates (registers) a new application object.
PS C:\>New-AzureADMSApplication -DisplayName "My new application" -IdentifierUris "http://mynewapp.contoso.com"
ObjectId AppId DisplayName
-------- ----- -----------
acd10942-5747-4385-8824-4c5d5fa904f9 b5fecfab-0ea2-4fd1-8570-b2c41b3d5149 My new application
This command creates an application in Azure AD.
PS C:\>New-AzureADMSApplication `
-DisplayName "my name" `
-AddIns @{ Type = "mytype"; Properties = [PSCustomObject]@{ Key = "key"; Value = "value" } } `
-Api @{ AcceptMappedClaims = $true } `
-AppRoles @{ Id = "21111111-1111-1111-1111-111111111111"; DisplayName = "role"; AllowedMemberTypes = "User"; Description = "mydescription"; Value = "myvalue" } `
-InformationalUrl @{ SupportUrl = "https://mynewapp.contoso.com/support.html" } `
-IsDeviceOnlyAuthSupported $false `
-IsFallbackPublicClient $false `
-KeyCredentials @{ KeyId = "11111111-1111-1111-1111-111111111111"; Usage = "Encrypt"; Key = {cert}; Type = "AsymmetricX509Cert" } `
-OptionalClaims @{ IdToken = [PSCustomObject]@{ Name = "claimName"; Source = "claimSource" } } `
-ParentalControlSettings @{ LegalAgeGroupRule = "Block" } `
-PublicClient @{ RedirectUris = "https://mynewapp.contoso.com/" } `
-RequiredResourceAccess @{ ResourceAppId = "31111111-1111-1111-1111-111111111111"; ResourceAccess = [PSCustomObject]@{ Type = "Scope" } } `
-SignInAudience AzureADandPersonalMicrosoftAccount `
-Tags "mytag" `
-TokenEncryptionKeyId "11111111-1111-1111-1111-111111111111" `
-Web @{ LogoutUrl = "https://mynewapp.contoso.com/logout.html" } `
-GroupMembershipClaims "SecurityGroup" `
-OrgRestrictions {orgrestrictions}
-PasswordCredentials {passwordcredentials}
-PreAuthorizedApplications {preauthorizedapplications}
Id : 6a32197d-6f56-4980-b127-8f0bff362245
OdataType :
AddIns : {class AddIn {
Id: 4bd3715c-f089-4e88-9619-c34af1fb9519
Type: mytype
Properties: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyValue]
}
}
Api : class ApiApplication {
AcceptMappedClaims:
KnownClientApplications:
PreAuthorizedApplications:
RequestedAccessTokenVersion: 2
Oauth2PermissionScopes:
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PermissionScope]
ResourceSpecificApplicationPermissions:
}
AppId : 4095dbc0-2095-42d3-b631-7a48eeede86c
ApplicationTemplateId :
AppRoles : {class AppRole {
AllowedMemberTypes: System.Collections.Generic.List`1[System.String]
Description: mydescription
DisplayName: role
Id: 21111111-1111-1111-1111-111111111111
IsEnabled: True
Origin: Application
Value: myvalue
}
}
GroupMembershipClaims : SecurityGroup
IsDeviceOnlyAuthSupported : False
IsFallbackPublicClient : False
IdentifierUris : {}
CreatedDateTime :
DeletedDateTime :
DisplayName : my name
Info : class InformationalUrl {
TermsOfServiceUrl:
MarketingUrl:
PrivacyStatementUrl:
SupportUrl: https://mynewapp.contoso.com/support.html
LogoUrl:
}
KeyCredentials : {class KeyCredential {
CustomKeyIdentifier: System.Byte[]
DisplayName:
EndDateTime:
KeyId: 11111111-1111-1111-1111-111111111111
StartDateTime:
Type: AsymmetricX509Cert
Usage: Encrypt
Key:
}
}
OptionalClaims : class OptionalClaims {
IdToken: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.OptionalClaim]
AccessToken:
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.OptionalClaim]
Saml2Token: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.OptionalClaim]
}
ParentalControlSettings : class ParentalControlSettings {
CountriesBlockedForMinors: System.Collections.Generic.List`1[System.String]
LegalAgeGroupRule: BlockMinors
}
PasswordCredentials : {}
PublicClient : class PublicClientApplication {
RedirectUris: System.Collections.Generic.List`1[System.String]
}
PublisherDomain :
RequiredResourceAccess : {class RequiredResourceAccess {
ResourceAppId: 31111111-1111-1111-1111-111111111111
ResourceAccess:
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.ResourceAccess]
}
}
SignInAudience : AzureADandPersonalMicrosoftAccount
Tags : {mytag}
TokenEncryptionKeyId : 11111111-1111-1111-1111-111111111111
Web : class WebApplication {
HomePageUrl:
LogoutUrl: https://mynewapp.contoso.com/logout.html
RedirectUris: System.Collections.Generic.List`1[System.String]
ImplicitGrantSettings: class ImplicitGrantSettings {
EnableIdTokenIssuance: False
EnableAccessTokenIssuance: False
}
}
This command creates an application in Azure AD.
Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. This will let services like Office 365 call the application in the context of a document the user is working on.
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies settings for an application that implements a web API.
Type: ApiApplication
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals.
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the display name of the application.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
User-defined URI(s) that uniquely identify a Web application within its Azure AD tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant.
The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Azure AD PowerShell cmdlet parameter). Additional URIs can be added via the application manifest; see Understanding the Azure AD Application Manifest for details. This collection is also used to populate the Web application's servicePrincipalNames collection.
Type: System.Collections.Generic.List`1[System.String]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience.
Type: InformationalUrl
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies if the application supports authentication using a device token.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the fallback application type as public client, such as an installed application running on a mobile device. The default value is false which means the fallback application type is confidential client such as web app. There are certain scenarios where Azure AD cannot determine the client application type (e.g. ROPC flow where it is configured without specifying a redirect URI). In those cases Azure AD will interpret the application type based on the value of this property.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The collection of key credentials associated with the application
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Application developers can configure optional claims in their Azure AD apps to specify which claims they want in tokens sent to their application by the Microsoft security token service.
Type: OptionalClaims
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Reserved for future use.
Type: System.Collections.Generic.List`1[System.String]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies parental control settings for an application.
Type: ParentalControlSettings
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The collection of password credentials associated with the application
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Lists applications and requested permissions for implicit consent. Requires an admin to have provided consent to the application. preAuthorizedApplications do not require the user to consent to the requested permissions. Permissions listed in preAuthorizedApplications do not require user consent. However, any additional requested permissions not listed in preAuthorizedApplications require user consent.
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PreAuthorizedApplication]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.
Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.
Type: PublicClientApplication
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience.
Type: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies what Microsoft accounts are supported for the current application.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Custom strings that can be used to categorize and identify the application.
Type: System.Collections.Generic.List`1[System.String]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies settings for a web application.
Type: WebApplication
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.