New-EntraApplication
Creates (registers) a new application object.
New-EntraApplication
-DisplayName <String>
[-AddIns <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]>]
[-PasswordCredentials <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]>]
[-TokenEncryptionKeyId <String>]
[-SignInAudience <String>]
[-KeyCredentials <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]>]
[-ParentalControlSettings <ParentalControlSettings>]
[-IdentifierUris <System.Collections.Generic.List`1[System.String]>]
[-AppRoles <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]>]
[-PublicClient <PublicClientApplication>]
[-InformationalUrl <InformationalUrl>]
[-Tags <System.Collections.Generic.List`1[System.String]>]
[-Api <ApiApplication>]
[-OptionalClaims <OptionalClaims>]
[-GroupMembershipClaims <String>]
[-Web <WebApplication>]
[-IsFallbackPublicClient <Boolean>]
[-IsDeviceOnlyAuthSupported <Boolean>]
[-RequiredResourceAccess <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]>]
[<CommonParameters>]
Creates (registers) a new application object. Specify the DisplayName
parameter to create a new application.
Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
New-EntraApplication -DisplayName 'My new application'
DisplayName Id AppId SignInAudience PublisherDomain
----------- -- ----- -------------- ---------------
My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com
This command creates an application in Microsoft Entra ID.
Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
New-EntraApplication -DisplayName 'My new application' -IdentifierUris 'https://mynewapp.contoso.com'
DisplayName Id AppId SignInAudience PublisherDomain
----------- -- ----- -------------- ---------------
My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com
This command creates an application in Microsoft Entra ID.
Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$addin = New-Object Microsoft.Open.MSGraph.Model.AddIn
$addin.Type = 'testtype'
$addinproperties = New-Object System.collections.Generic.List[Microsoft.Open.MSGraph.Model.KeyValue]
$addinproperties.Add([Microsoft.Open.MSGraph.Model.KeyValue]@{ Key = "key"; Value = "value" })
$addin.Properties = $addinproperties
New-EntraApplication -DisplayName 'My new application' -AddIns $addin
DisplayName Id AppId SignInAudience PublisherDomain
----------- -- ----- -------------- ---------------
My new application dddd3333-ee44-5555-66ff-777777aaaaaa 22223333-cccc-4444-dddd-5555eeee6666 AzureADMyOrg contoso.com
This command creates an application in Microsoft Entra ID.
Defines custom behavior that a consuming service can use to call an app in specific contexts.
For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality.
This will let services like Office 365 call the application in the context of a document the user is working on.
Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies settings for an application that implements a web API.
Type: | ApiApplication |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The collection of application roles that an application might declare. These roles can be assigned to users, groups, or service principals.
Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the display name of the application.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
User-defined URI(s) that uniquely identify a Web application within its Microsoft Entra ID tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant.
The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Microsoft Entra ID PowerShell cmdlet parameter).
Extra URIs can be added via the application manifest; see Understanding the Microsoft Entra ID Application Manifest for details.
This collection is also used to populate the Web application's servicePrincipalNames collection.
Type: | System.Collections.Generic.List`1[System.String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs.
The terms of service and privacy statement are surfaced to users through the user consent experience.
Type: | InformationalUrl |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies if the application supports authentication using a device token.
Type: | System.Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the fallback application type as public client, such as an installed application running on a mobile device.
The default value is false that means the fallback application type is confidential client such as web app.
There are certain scenarios where Microsoft Entra ID can't determine the client application type (for example, ROPC flow where it's configured without specifying a redirect URI).
In those cases Microsoft Entra ID interprets the application type based on the value of this property.
Type: | System.Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The collection of key credentials associated with the application.
Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Application developers can configure optional claims in their Microsoft Entra ID apps to specify which claims they want in tokens sent to their application by the Microsoft security token service.
Type: | OptionalClaims |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies parental control settings for an application.
Type: | ParentalControlSettings |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The collection of password credentials associated with the application.
Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.
Type: | PublicClientApplication |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources.
This pre-configuration of required resource access drives the consent experience.
Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies what Microsoft accounts are supported for the current application.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Custom strings that can be used to categorize and identify the application.
Type: | System.Collections.Generic.List`1[System.String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies the keyId of a public key from the keyCredentials collection.
When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to.
The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Specifies settings for a web application.
Type: | WebApplication |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Boolean
Microsoft.Open.MSGraph.Model.ApiApplication
Microsoft.Open.MSGraph.Model.InformationalUrl
Microsoft.Open.MSGraph.Model.OptionalClaims
Microsoft.Open.MSGraph.Model.ParentalControlSettings
Microsoft.Open.MSGraph.Model.PublicClientApplication
Microsoft.Open.MSGraph.Model.WebApplication
String
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.Add-in]
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]
System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]
System.Collections.Generic.List`1[System.String]
System. Nullable`1[System.Boolean]
Microsoft.Open.MSGraph.Model.MsApplication
- See more details - /graph/api/application-post-applications