Welcome toVigges Developer Community-Open, Learning,Share
Ask a Question
Welcome To Ask or Share your Answers For Others

Categories

How to make an Azure app registration with platform SPA via Powershell

0 votes
4.0k views
in Technique[技术] by (71.8m points)

How to make an Azure app registration with platform SPA via Powershell

We use PowerShell to set up an Azure deployment, which, among other Azure resources, creates an app registration.

The simplified code is as follows:

$appRegistration = New-AzADApplication `
    -DisplayName $applicationName `
    -HomePage "$webAppUrl" `
    -IdentifierUris "api://$webAppName";

To it, we add redirect uris, like this:

if ($redirectUris -notcontains "$webAppUrl") {
    $redirectUris.Add("$webAppUrl");    
    Write-Host "Adding $webAppUrl to redirect URIs";
}

if ($redirectUris -notcontains "$webAppUrl/aad-auth") {
    $redirectUris.Add("$webAppUrl/aad-auth");
    Write-Host "Adding $webAppUrl/aad-auth to redirect URIs";
}

Update-AzADApplication `
    -ApplicationId $applicationId `
    -IdentifierUris "api://$applicationId" `
    -ReplyUrl $redirectUris | Out-Null

This works great, and an app registration with the "web" platform is created. It looks like this:

App registration showing Web platform

My question is how can we get these redirect uris to be under the "SPA" platform, using PowerShell? Like in the image below, which was done manually on the Portal.

App registration showing SPA platform


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Looks there is no feature in the built-in command to do that, you could call the MS Graph - Update application in the powershell directly.

You could refer to the sample below work for me, make sure your service principal/user acount logged in Az via Connect-AzAccount has the permission to call the API.

$objectId = "xxxxxxxxxxxxxxxx"
$redirectUris = @()
$webAppUrl = "https://joyweb.azurewebsites.net"
if ($redirectUris -notcontains "$webAppUrl") {
    $redirectUris += "$webAppUrl"   
    Write-Host "Adding $webAppUrl to redirect URIs";
}

if ($redirectUris -notcontains "$webAppUrl/aad-auth") {
    $redirectUris += "$webAppUrl/aad-auth"
    Write-Host "Adding $webAppUrl/aad-auth to redirect URIs";
}

$accesstoken = (Get-AzAccessToken -Resource "https://graph.microsoft.com/").Token
$header = @{
    'Content-Type' = 'application/json'
    'Authorization' = 'Bearer ' + $accesstoken
}
$body = @{
    'spa' = @{
        'redirectUris' = $redirectUris
    }
} | ConvertTo-Json

Invoke-RestMethod -Method Patch -Uri "https://graph.microsoft.com/v1.0/applications/$objectId" -Headers $header -Body $body

Check the result in the portal:

enter image description here


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to Vigges Developer Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

2.1m questions

2.1m answers

63 comments

56.5k users

Most popular tags

Snow Theme by Q2A Market
Powered by Question2Answer
...