New-AzureADApplication
Creates an application.
Syntax
New-AzureADApplication
[-AddIns <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AddIn]>]
[-AllowGuestsSignIn <Boolean>]
[-AllowPassthroughUsers <Boolean>]
[-AppLogoUrl <String>]
[-AppRoles <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AppRole]>]
[-AvailableToOtherTenants <Boolean>]
-DisplayName <String>
[-ErrorUrl <String>]
[-GroupMembershipClaims <String>]
[-Homepage <String>]
[-IdentifierUris <System.Collections.Generic.List`1[System.String]>]
[-InformationalUrls <InformationalUrl>]
[-IsDeviceOnlyAuthSupported <Boolean>]
[-IsDisabled <Boolean>]
[-KeyCredentials <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]>]
[-KnownClientApplications <System.Collections.Generic.List`1[System.String]>]
[-LogoutUrl <String>]
[-Oauth2AllowImplicitFlow <Boolean>]
[-Oauth2AllowUrlPathMatching <Boolean>]
[-Oauth2Permissions <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.OAuth2Permission]>]
[-Oauth2RequirePostResponse <Boolean>]
[-OrgRestrictions <System.Collections.Generic.List`1[System.String]>]
[-OptionalClaims <OptionalClaims>]
[-ParentalControlSettings <ParentalControlSettings>]
[-PasswordCredentials <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]>]
[-PreAuthorizedApplications <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PreAuthorizedApplication]>]
[-PublicClient <Boolean>]
[-PublisherDomain <String>]
[-RecordConsentConditions <String>]
[-ReplyUrls <System.Collections.Generic.List`1[System.String]>]
[-RequiredResourceAccess <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.RequiredResourceAccess]>]
[-SamlMetadataUrl <String>]
[-SignInAudience <String>]
[-WwwHomepage <String>]
[<CommonParameters>]
Description
The New-AzureADApplication cmdlet creates an application in Azure Active Directory (AD).
Examples
Example 1: Create an application
PS C:\>New-AzureADApplication -DisplayName "My new application" -IdentifierUris "http://mynewapp.contoso.com"
ObjectId AppId DisplayName
-------- ----- -----------
acd10942-5747-4385-8824-4c5d5fa904f9 b5fecfab-0ea2-4fd1-8570-b2c41b3d5149 My new application
This command creates an application in Azure AD.
Parameters
-AddIns
Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. This will let services like Office 365 call the application in the context of a document the user is working on.
Type: | List<T>[Microsoft.Open.AzureAD.Model.AddIn] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowGuestsSignIn
{{ Fill AllowGuestsSignIn Description }}
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowPassthroughUsers
{{ Fill AllowPassthroughUsers Description }}
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppLogoUrl
{{ Fill AppLogoUrl Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppRoles
The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals.
Type: | List<T>[Microsoft.Open.AzureAD.Model.AppRole] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AvailableToOtherTenants
Indicates whether this application is available in other tenants.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
Specifies the display name of the application.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ErrorUrl
The Error URL of this application
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GroupMembershipClaims
A bitmask that configures the "groups" claim issued in a user or OAuth 2.0 access token that the application expects. The bitmask values are: 0: None, 1: Security groups and Azure AD roles, 2: Reserved, and 4: Reserved. Setting the bitmask to 7 will get all of the security groups, distribution groups, and Azure AD directory roles that the signed-in user is a member of.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Homepage
The URL to the application's homepage.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IdentifierUris
User-defined URI(s) that uniquely identify a Web application within its Azure AD tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant.
The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Azure AD PowerShell cmdlet parameter). Additional URIs can be added via the application manifest; see Understanding the Azure AD Application Manifest for details. This collection is also used to populate the Web application's servicePrincipalNames collection.
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-InformationalUrls
{{ Fill InformationalUrls Description }}
Type: | InformationalUrl |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsDeviceOnlyAuthSupported
{{ Fill IsDeviceOnlyAuthSupported Description }}
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsDisabled
{{ Fill IsDisabled Description }}
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KeyCredentials
The collection of key credentials associated with the application
Type: | List<T>[Microsoft.Open.AzureAD.Model.KeyCredential] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KnownClientApplications
Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource).
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LogoutUrl
The logout url for this application
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Oauth2AllowImplicitFlow
Specifies whether this web application can request OAuth2.0 implicit flow tokens. The default is false.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Oauth2AllowUrlPathMatching
Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow path matching of the redirect URI against the application's replyUrls. The default is false.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Oauth2Permissions
The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent.
Type: | List<T>[Microsoft.Open.AzureAD.Model.OAuth2Permission] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Oauth2RequirePostResponse
Set this to true if an Oauth2 psot response is required
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OptionalClaims
{{ Fill OptionalClaims Description }}
Type: | OptionalClaims |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OrgRestrictions
{{ Fill OrgRestrictions Description }}
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ParentalControlSettings
{{ Fill ParentalControlSettings Description }}
Type: | ParentalControlSettings |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PasswordCredentials
The collection of password credentials associated with the application.
Type: | List<T>[Microsoft.Open.AzureAD.Model.PasswordCredential] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreAuthorizedApplications
{{ Fill PreAuthorizedApplications Description }}
Type: | List<T>[Microsoft.Open.AzureAD.Model.PreAuthorizedApplication] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PublicClient
Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PublisherDomain
{{ Fill PublisherDomain Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RecordConsentConditions
Do not use. May be removed in future versions
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ReplyUrls
Specifies the URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequiredResourceAccess
Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience.
Type: | List<T>[Microsoft.Open.AzureAD.Model.RequiredResourceAccess] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SamlMetadataUrl
The URL to the SAML metadata for the application.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SignInAudience
{{ Fill SignInAudience Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WwwHomepage
{{ Fill WwwHomepage Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |