Set-AdfsWebApiApplication.md

description	external help file	Module Name	ms.date	online version	schema	title
Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell.	Microsoft.IdentityServer.Management.dll-Help.xml	ADFS	12/20/2016	https://learn.microsoft.com/powershell/module/adfs/set-adfswebapiapplication?view=windowsserver2022-ps&wt.mc_id=ps-gethelp	2.0.0	Set-AdfsWebApiApplication

Set-AdfsWebApiApplication

SYNOPSIS

Modifies configuration settings for a Web API application in AD FS.

SYNTAX

Identifier (Default)

Set-AdfsWebApiApplication [-TargetIdentifier] <String> [-AllowedAuthenticationClassReferences <String[]>]
 [-AlwaysRequireAuthentication <Boolean>] [-ClaimsProviderName <String[]>] [-Name <String>]
 [-NotBeforeSkew <Int32>] [-Identifier <String[]>] [-IssuanceAuthorizationRules <String>]
 [-IssuanceAuthorizationRulesFile <String>] [-DelegationAuthorizationRules <String>]
 [-DelegationAuthorizationRulesFile <String>] [-ImpersonationAuthorizationRules <String>]
 [-ImpersonationAuthorizationRulesFile <String>] [-IssuanceTransformRules <String>]
 [-IssuanceTransformRulesFile <String>] [-AdditionalAuthenticationRules <String>]
 [-AdditionalAuthenticationRulesFile <String>] [-AccessControlPolicyName <String>]
 [-AccessControlPolicyParameters <Object>] [-Description <String>] [-TokenLifetime <Int32>]
 [-AllowedClientTypes <AllowedClientTypes>] [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
 [-RefreshTokenProtectionEnabled <Boolean>] [-RequestMFAFromClaimsProviders <Boolean>] [-PassThru] [-WhatIf]
 [-Confirm] [<CommonParameters>]

Name

Set-AdfsWebApiApplication [-TargetName] <String> [-AllowedAuthenticationClassReferences <String[]>]
 [-AlwaysRequireAuthentication <Boolean>] [-ClaimsProviderName <String[]>] [-Name <String>]
 [-NotBeforeSkew <Int32>] [-Identifier <String[]>] [-IssuanceAuthorizationRules <String>]
 [-IssuanceAuthorizationRulesFile <String>] [-DelegationAuthorizationRules <String>]
 [-DelegationAuthorizationRulesFile <String>] [-ImpersonationAuthorizationRules <String>]
 [-ImpersonationAuthorizationRulesFile <String>] [-IssuanceTransformRules <String>]
 [-IssuanceTransformRulesFile <String>] [-AdditionalAuthenticationRules <String>]
 [-AdditionalAuthenticationRulesFile <String>] [-AccessControlPolicyName <String>]
 [-AccessControlPolicyParameters <Object>] [-Description <String>] [-TokenLifetime <Int32>]
 [-AllowedClientTypes <AllowedClientTypes>] [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
 [-RefreshTokenProtectionEnabled <Boolean>] [-RequestMFAFromClaimsProviders <Boolean>] [-PassThru] [-WhatIf]
 [-Confirm] [<CommonParameters>]

ApplicationObject

Set-AdfsWebApiApplication [-TargetApplication] <WebApiApplication>
 [-AllowedAuthenticationClassReferences <String[]>] [-AlwaysRequireAuthentication <Boolean>]
 [-ClaimsProviderName <String[]>] [-Name <String>] [-NotBeforeSkew <Int32>] [-Identifier <String[]>]
 [-IssuanceAuthorizationRules <String>] [-IssuanceAuthorizationRulesFile <String>]
 [-DelegationAuthorizationRules <String>] [-DelegationAuthorizationRulesFile <String>]
 [-ImpersonationAuthorizationRules <String>] [-ImpersonationAuthorizationRulesFile <String>]
 [-IssuanceTransformRules <String>] [-IssuanceTransformRulesFile <String>]
 [-AdditionalAuthenticationRules <String>] [-AdditionalAuthenticationRulesFile <String>]
 [-AccessControlPolicyName <String>] [-AccessControlPolicyParameters <Object>] [-Description <String>]
 [-TokenLifetime <Int32>] [-AllowedClientTypes <AllowedClientTypes>]
 [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>] [-RefreshTokenProtectionEnabled <Boolean>]
 [-RequestMFAFromClaimsProviders <Boolean>] [-PassThru] [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

The Set-AdfsWebApiApplication cmdlet modifies configuration settings for a Web API application role to an existing application in Active Directory Federation Services (AD FS).

EXAMPLES

PARAMETERS

-AccessControlPolicyName

Specifies the name of an access control policy.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-AccessControlPolicyParameters

Specifies the parameters of an access control policy.

Type: Object
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-AdditionalAuthenticationRules

Specifies additional authentication rules.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-AdditionalAuthenticationRulesFile

Specifies a file that contains all the rules for additional authentication for this relying party.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-AllowedAuthenticationClassReferences

Specifies an array of allow authentication class references.

Type: String[]
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-AllowedClientTypes

Specifies allowed client types. The acceptable values for this parameter are:

• None
• Public
• Confidential

Type: AllowedClientTypes
Parameter Sets: (All)
Aliases: 
Accepted values: None, Public, Confidential

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-AlwaysRequireAuthentication

Indicates that this Web API application role always requires authentication, even if it previously authenticated credentials for access. Specify this parameter to require users to always supply credentials to access sensitive resources.

Type: Boolean
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ClaimsProviderName

Specifies an array of claims provider names that you can configure for a relying party trust for Home Realm Discovery (HRD) scenario.

If claims provider names are specified for a relying party, the home realm discovery page shows only those claims providers for this relying party. If only one claims provider name is specified, home realm discovery page is not shown. The user is redirected to this claims provider for authentication.

Type: String[]
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-DelegationAuthorizationRules

Specifies delegation authorization rules.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-DelegationAuthorizationRulesFile

Specifies a file that contains all the rules for delegation authentication for this relying party.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Description

Specifies a description.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Identifier

Specifies an array of identifiers.

Type: String[]
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ImpersonationAuthorizationRules

Specifies the impersonation authorization rules.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-ImpersonationAuthorizationRulesFile

Specifies a file that contains all the rules for impersonation authentication for this relying party.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IssuanceAuthorizationRules

Specifies the issuance authorization rules.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-IssuanceAuthorizationRulesFile

Specifies a file that contains all the rules for issuance authentication for this relying party.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IssuanceTransformRules

Specifies the issuance transform rules.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-IssuanceTransformRulesFile

Specifies a file that contains all the rules for issuance transform for this relying party.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-IssueOAuthRefreshTokensTo

Specifies the refresh token issuance device types. The acceptable values for this parameter are:

• NoDevice
• WorkplaceJoinedDevices
• AllDevices

Type: RefreshTokenIssuanceDeviceTypes
Parameter Sets: (All)
Aliases: 
Accepted values: NoDevice, WorkplaceJoinedDevices, AllDevices

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Name

Specifies a name.

Type: String
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-NotBeforeSkew

Specifies the not before skew value.

Type: Int32
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-RefreshTokenProtectionEnabled

Indicates whether refresh token protection is enabled.

Type: Boolean
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-RequestMFAFromClaimsProviders

Indicates that the request MFA from claims providers option is used.

Type: Boolean
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TargetApplication

Specifies the Web application for which to modify settings.

Type: WebApiApplication
Parameter Sets: ApplicationObject
Aliases: 

Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

-TargetIdentifier

Specifies the ID of the Web application for which to modify settings.

Type: String
Parameter Sets: Identifier
Aliases: 

Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False

-TargetName

Specifies the name of the Web application for which to modify settings.

Type: String
Parameter Sets: Name
Aliases: 

Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-TokenLifetime

Specifies the token lifetime.

Type: Int32
Parameter Sets: (All)
Aliases: 

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

System.String

String objects are received by the AccessControlPolicyName, AdditionalAuthenticationRules, DelegationAuthorizationRules, Description, ImpersonationAuthorizationRules, IssuanceAuthorizationRules, IssuanceTransformRules, TargetIdentifier, and TargetName parameters.

System.Object

Objects are received by the AccessControlPolicyParameters parameter.

Microsoft.IdentityServer.Management.Resources.WebApiApplication

WebApiApplication objects are received by the TargetApplication parameter.

OUTPUTS

Microsoft.IdentityServer.Management.Resources.WebApiApplication

Returns the updated WebApiApplication object when the PassThru parameter is specified. By default, this cmdlet does not generate any output.

NOTES

RELATED LINKS

Add-AdfsWebApiApplication

Get-AdfsWebApiApplication

Remove-AdfsWebApiApplication