azure-ad-powershell-v2 | 易学教程

Connecting With Service Principal Using Connect-MSOLservice

阅读更多关于 Connecting With Service Principal Using Connect-MSOLservice

问题 I am trying to use a service principal I have created in AzureAD to connect via a PowerShell script. I created the SP successfully, created the key, and also created a self signed cert and associated it with the account. I know how to use Connect-AzureAD but Connect-MSOLservice doesn't seem to allow me to enter the values needed. I have tried using the standard connection string as you would with Connect-AzureAD but it doesn't seem to take the same input. Connect-MsolService -TenantId "xxxx"

Deleting an Application's AppRole in Azure Active Directory

阅读更多关于 Deleting an Application's AppRole in Azure Active Directory

问题 Removing an AppRole from an Application’s manifest produces a 400 Bad Request with the error Property value cannot be deleted unless it is disabled first. When I set the isEnabled property to false and then hit save, I get a successful saven with a 200 OK looking at the browsers developer tools: After reloading the Edit manifest screen the isEnabled property is still true and if you look at the PUT response in the browsers developer tools, it's coming back as true there too. How can I remove

How to 'Grant Permissions' Using Azure Active Directory PowerShell V2

阅读更多关于 How to 'Grant Permissions' Using Azure Active Directory PowerShell V2

问题 I've scripted the creation of my Azure Active Directory Application using Azure Active Directory PowerShell V2 and am trying to use Delegated Permissions in my Single Page Application (SPA) using implicit flow to call an API with Application Roles defined. What PowerShell command do I need to use to replicate the 'Grant Permissions' button in the Azure Portal under the Applications Settings: According to the Docs: Granting explicit consent using the Grant Permissions button is currently

How can I read the mobile value from a B2C user record and transform it to a strongAuthenticationPhoneNumber?

阅读更多关于 How can I read the mobile value from a B2C user record and transform it to a strongAuthenticationPhoneNumber?

问题 I have the need to create Azure B2C user accounts programmatically. In a separate user data store I hold pertinent information about the users I need to set up in B2C including their mobile phone number, which we've already been communicating with them on. My business requirement is that this mobile phone number is used as a secondary factor during the user's first-time login/password reset experience. I have an initial login experience which uses an externally-created JWT token to take the

Azure Graph 403 Authorization_RequestDenied using service principal from VSTS

阅读更多关于 Azure Graph 403 Authorization_RequestDenied using service principal from VSTS

问题 I have a service principal that is used by VSTS to run an Azure Powershell script. The command i'm trying to call is Get-AzureRmRoleAssignment . I'm getting the following error message "Exception": { "Request": { "Method": "POST", "RequestUri": "https://graph.windows.net/********/getObjectsByObjectIds?api-version=1.6", "Properties": "System.Collections.Generic.Dictionary`2[System.String,System.Object]", "Headers": "System.Collections.Generic.Dictionary`2[System.String,System.Collections

Deleting an Application's AppRole in Azure Active Directory

阅读更多关于 Deleting an Application's AppRole in Azure Active Directory

Removing an AppRole from an Application’s manifest produces a 400 Bad Request with the error Property value cannot be deleted unless it is disabled first. When I set the isEnabled property to false and then hit save, I get a successful saven with a 200 OK looking at the browsers developer tools: After reloading the Edit manifest screen the isEnabled property is still true and if you look at the PUT response in the browsers developer tools, it's coming back as true there too. How can I remove an appRole without having to delete and recreate the entire application? Update I've raised the

How to 'Grant Permissions' Using Azure Active Directory PowerShell V2

阅读更多关于 How to 'Grant Permissions' Using Azure Active Directory PowerShell V2

I've scripted the creation of my Azure Active Directory Application using Azure Active Directory PowerShell V2 and am trying to use Delegated Permissions in my Single Page Application (SPA) using implicit flow to call an API with Application Roles defined. What PowerShell command do I need to use to replicate the 'Grant Permissions' button in the Azure Portal under the Applications Settings: According to the Docs : Granting explicit consent using the Grant Permissions button is currently required for single page applications (SPA) using ADAL.js, as the access token is requested without a

Azure ad app - Updating manifest programmatically

阅读更多关于 Azure ad app - Updating manifest programmatically

问题 I am trying to find a way to update an Azure Ad registered app's manifest via powershell, utilizing a json file. The Json file contains all of the app roles, and i would like to simple inject the App Roles: [] right into the App Role Brackets Is there a way to achieve this via power shell or CLI? 回答1: Yes you can update the Azure AD Application's manifest through PowerShell. Specifically to add App Roles, here's a PowerShell script. In case you're trying to do this while creating a new