{"id":3285,"date":"2022-08-12T13:47:52","date_gmt":"2022-08-12T18:47:52","guid":{"rendered":"https:\/\/microsoftgeek.com\/?p=3285"},"modified":"2022-08-12T13:47:52","modified_gmt":"2022-08-12T18:47:52","slug":"create-an-azure-app-registration-with-powershell-and-ms-graph-api","status":"publish","type":"post","link":"https:\/\/microsoftgeek.com\/?p=3285","title":{"rendered":"Create an Azure App Registration with PowerShell and MS GRAPH API"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">API Reference and Permissions<\/h2>\n\n\n\n<p>Read the following DOCS for more Details<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/docs.microsoft.com\/en-us\/graph\/api\/application-post-applications?view=graph-rest-1.0&amp;tabs=http\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/docs.microsoft.com\/en-us\/graph\/api\/application-post-applications?view=graph-rest-1.0&amp;tabs=http<\/a><\/li><\/ul>\n\n\n\n<p>Create an Azure App Reg with the following GRAPH API Application Permissions<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Application.ReadWrite.OwnedBy<\/li><li>Application.ReadWrite.All<\/li><\/ul>\n\n\n\n<p>All done, then let\u2019s see the Script<\/p>\n\n\n\n<p><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#Graph API Details\n$GRAPHAPI_clientID = 'yourClientID'\n$GRAPHAPI_tenantId = 'yourTenantID'\n$GRAPHAPI_Clientsecret = 'yourSecret'\n\n$GRAPHAPI_BaseURL = \"https:\/\/graph.microsoft.com\/v1.0\"\n\n\n\n\n#Enter Azure App Details\n$AzureAppName = \"TestApp1\"\n$AzureAppAccountType = \"AzureADMyOrg\" #https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/reference-app-manifest#signinaudience-attribute\n\n\n\n\n#Auth MS Graph API and Get Header\n$GRAPHAPI_tokenBody = @{  \n    Grant_Type    = \"client_credentials\"  \n    Scope         = \"https:\/\/graph.microsoft.com\/.default\"  \n    Client_Id     = $GRAPHAPI_clientID  \n    Client_Secret = $GRAPHAPI_Clientsecret  \n}   \n$GRAPHAPI_tokenResponse = Invoke-RestMethod -Uri \"https:\/\/login.microsoftonline.com\/$GRAPHAPI_tenantId\/oauth2\/v2.0\/token\" -Method POST -Body $GRAPHAPI_tokenBody  \n$GRAPHAPI_headers = @{\n    \"Authorization\" = \"Bearer $($GRAPHAPI_tokenResponse.access_token)\"\n    \"Content-type\"  = \"application\/json\"\n}\n\n\n\n#Create Azure App Reg\n$CreateAzureAppReg_Body = @\"\n    {\n        \"displayName\":\"$AzureAppName\",\n        \"signInAudience\": \"$AzureAppAccountType\",\n        \"web\": {\n            \"redirectUris\": &#91;],\n            \"homePageUrl\": null,\n            \"logoutUrl\": null,\n            \"implicitGrantSettings\": {\n                \"enableIdTokenIssuance\": false,\n                \"enableAccessTokenIssuance\": false\n            }\n        }\n    }\n\"@\n\n$CreateAzureAppReg_Params = @{\n    Method = \"POST\"\n    Uri    = \"$GRAPHAPI_BaseURL\/applications\"\n    header = $GRAPHAPI_headers\n    Body   = $CreateAzureAppReg_Body\n}\n\n\n$Result = Invoke-RestMethod @CreateAzureAppReg_Params\n\n$Result.appId #ClientID<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">The Result<\/h2>\n\n\n\n<p>We get an empty Azure App Registration without a Secret, Cert, or Permissions.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.techguy.at\/wp-content\/uploads\/2022\/07\/image.png\" alt=\"\" class=\"wp-image-5931\"\/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>API Reference and Permissions Read the following DOCS for more Details https:\/\/docs.microsoft.com\/en-us\/graph\/api\/application-post-applications?view=graph-rest-1.0&amp;tabs=http Create an Azure App Reg with the following GRAPH API Application Permissions Application.ReadWrite.OwnedBy Application.ReadWrite.All All done, then let\u2019s see the Script The Result We get an empty Azure App Registration without a Secret, Cert, or Permissions.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69,35,59],"tags":[],"class_list":["post-3285","post","type-post","status-publish","format-standard","hentry","category-azure","category-cloud-computing","category-powershell"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3285","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3285"}],"version-history":[{"count":1,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3285\/revisions"}],"predecessor-version":[{"id":3286,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/3285\/revisions\/3286"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}