Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
Welcome To Ask or Share your Answers For Others

Categories

We use PowerShell to set up an Azure deployment, which, among other Azure resources, creates an app registration.

The simplified code is as follows:

$appRegistration = New-AzADApplication `
    -DisplayName $applicationName `
    -HomePage "$webAppUrl" `
    -IdentifierUris "api://$webAppName";

To it, we add redirect uris, like this:

if ($redirectUris -notcontains "$webAppUrl") {
    $redirectUris.Add("$webAppUrl");    
    Write-Host "Adding $webAppUrl to redirect URIs";
}

if ($redirectUris -notcontains "$webAppUrl/aad-auth") {
    $redirectUris.Add("$webAppUrl/aad-auth");
    Write-Host "Adding $webAppUrl/aad-auth to redirect URIs";
}

Update-AzADApplication `
    -ApplicationId $applicationId `
    -IdentifierUris "api://$applicationId" `
    -ReplyUrl $redirectUris | Out-Null

This works great, and an app registration with the "web" platform is created. It looks like this:

App registration showing Web platform

My question is how can we get these redirect uris to be under the "SPA" platform, using PowerShell? Like in the image below, which was done manually on the Portal.

App registration showing SPA platform


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
4.5k views
Welcome To Ask or Share your Answers For Others

1 Answer

Looks there is no feature in the built-in command to do that, you could call the MS Graph - Update application in the powershell directly.

You could refer to the sample below work for me, make sure your service principal/user acount logged in Az via Connect-AzAccount has the permission to call the API.

$objectId = "xxxxxxxxxxxxxxxx"
$redirectUris = @()
$webAppUrl = "https://joyweb.azurewebsites.net"
if ($redirectUris -notcontains "$webAppUrl") {
    $redirectUris += "$webAppUrl"   
    Write-Host "Adding $webAppUrl to redirect URIs";
}

if ($redirectUris -notcontains "$webAppUrl/aad-auth") {
    $redirectUris += "$webAppUrl/aad-auth"
    Write-Host "Adding $webAppUrl/aad-auth to redirect URIs";
}

$accesstoken = (Get-AzAccessToken -Resource "https://graph.microsoft.com/").Token
$header = @{
    'Content-Type' = 'application/json'
    'Authorization' = 'Bearer ' + $accesstoken
}
$body = @{
    'spa' = @{
        'redirectUris' = $redirectUris
    }
} | ConvertTo-Json

Invoke-RestMethod -Method Patch -Uri "https://graph.microsoft.com/v1.0/applications/$objectId" -Headers $header -Body $body

Check the result in the portal:

enter image description here


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share

548k questions

547k answers

4 comments

86.3k users

...