Add-AdfsWebApiApplication
Adds a Web API application role to an application in AD FS.
Syntax
Add-AdfsWebApiApplication
[-ApplicationGroupIdentifier] <String>
-Name <String>
-Identifier <String[]>
[-AllowedAuthenticationClassReferences <String[]>]
[-ClaimsProviderName <String[]>]
[-IssuanceAuthorizationRules <String>]
[-IssuanceAuthorizationRulesFile <String>]
[-DelegationAuthorizationRules <String>]
[-DelegationAuthorizationRulesFile <String>]
[-ImpersonationAuthorizationRules <String>]
[-ImpersonationAuthorizationRulesFile <String>]
[-IssuanceTransformRules <String>]
[-IssuanceTransformRulesFile <String>]
[-AdditionalAuthenticationRules <String>]
[-AdditionalAuthenticationRulesFile <String>]
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-NotBeforeSkew <Int32>]
[-Description <String>]
[-TokenLifetime <Int32>]
[-AlwaysRequireAuthentication]
[-AllowedClientTypes <AllowedClientTypes>]
[-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
[-RefreshTokenProtectionEnabled <Boolean>]
[-RequestMFAFromClaimsProviders]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Add-AdfsWebApiApplication
[-ApplicationGroup] <ApplicationGroup>
-Name <String>
-Identifier <String[]>
[-AllowedAuthenticationClassReferences <String[]>]
[-ClaimsProviderName <String[]>]
[-IssuanceAuthorizationRules <String>]
[-IssuanceAuthorizationRulesFile <String>]
[-DelegationAuthorizationRules <String>]
[-DelegationAuthorizationRulesFile <String>]
[-ImpersonationAuthorizationRules <String>]
[-ImpersonationAuthorizationRulesFile <String>]
[-IssuanceTransformRules <String>]
[-IssuanceTransformRulesFile <String>]
[-AdditionalAuthenticationRules <String>]
[-AdditionalAuthenticationRulesFile <String>]
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-NotBeforeSkew <Int32>]
[-Description <String>]
[-TokenLifetime <Int32>]
[-AlwaysRequireAuthentication]
[-AllowedClientTypes <AllowedClientTypes>]
[-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
[-RefreshTokenProtectionEnabled <Boolean>]
[-RequestMFAFromClaimsProviders]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Add-AdfsWebApiApplication cmdlet adds a Web API application role to an application in Active Directory Federation Services (AD FS).
Parameters
-AccessControlPolicyName
Specifies the name of an access control policy.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AccessControlPolicyParameters
Specifies the parameters of an access control policy.
Type: | Object |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AdditionalAuthenticationRules
Specifies additional authentication rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AdditionalAuthenticationRulesFile
Specifies a file that contains all the rules for additional authentication for this relying party.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedAuthenticationClassReferences
Specifies an array of allow authentication class references.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedClientTypes
Specifies allowed client types. The acceptable values for this parameter are:
- None
- Public
- Confidential
Type: | AllowedClientTypes |
Accepted values: | None, Public, Confidential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AlwaysRequireAuthentication
Indicates that this Web API application role always requires authentication, even if it previously authenticated credentials for access. Specify this parameter to require users to always supply credentials to access sensitive resources.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ApplicationGroup
Specifies an application group.
Type: | ApplicationGroup |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ApplicationGroupIdentifier
Specifies the ID of an application group.
Type: | String |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ClaimsProviderName
Specifies an array of claims provider names that you can configure for a relying party trust for Home Realm Discovery (HRD) scenario.
If claims provider names are specified for a relying party, the home realm discovery page shows only those claims providers for this relying party. If only one claims provider name is specified, home realm discovery page is not shown. The user is redirected to this claims provider for authentication.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DelegationAuthorizationRules
Specifies delegation authorization rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DelegationAuthorizationRulesFile
Specifies a file that contains all the rules for delegation authentication for this relying party.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
Specifies a description.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Identifier
Specifies an array of identifiers.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ImpersonationAuthorizationRules
Specifies the impersonation authorization rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ImpersonationAuthorizationRulesFile
Specifies a file that contains all the rules for impersonation authentication for this relying party.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IssuanceAuthorizationRules
Specifies the issuance authorization rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IssuanceAuthorizationRulesFile
Specifies a file that contains all the rules for issuance authentication for this relying party.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IssuanceTransformRules
Specifies the issuance transform rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IssuanceTransformRulesFile
Specifies a file that contains all the rules for issuance transform for this relying party.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IssueOAuthRefreshTokensTo
Specifies the refresh token issuance device types. The acceptable values for this parameter are:
- NoDevice
- WorkplaceJoinedDevices
- AllDevices
Type: | RefreshTokenIssuanceDeviceTypes |
Accepted values: | NoDevice, WorkplaceJoinedDevices, AllDevices |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Specifies a name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-NotBeforeSkew
Specifies the not before skew value.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RefreshTokenProtectionEnabled
Indicates whether refresh token protection is enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequestMFAFromClaimsProviders
Indicates that the request MFA from claims providers option is used.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-TokenLifetime
Specifies the token lifetime.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
String objects are received by the AccessControlPolicyName, AdditionalAuthenticationRules, ApplicationGroupIdentifier, DelegationAuthorizationRules, ImpersonationAuthorizationRules, IssuanceAuthorizationRules, and IssuanceTransformRules parameters.
Objects are received by the AccessControlPolicyParameters parameter.
SwitchParameter objects are received by the AlwaysRequireAuthentication and RequestMFAFromClaimsProviders parameters.
ApplicationGroup objects are received by the ApplicationGroup parameter.
Outputs
Returns the new WebApiApplication object when the PassThru parameter is specified. By default, this cmdlet does not generate any output.