Add redirectUris for Azure application from PowerShell

This answer describes how to set a redirectUri to an Azure application using the Azure CLI:

az rest `
    --method PATCH `
    --uri 'https://graph.microsoft.com/v1.0/applications/{id}' `
    --headers 'Content-Type=application/json' `
    --body "{spa:{redirectUris:['http://localhost:3000']}}"

That request will overwrite the current list of redirect URIs. How can I add an item to the list instead?

2 answers

  • answered 2022-01-20 10:19 AjayKumarGhose-MT

    We can use this below Powershell script to do the same using App Registration object id, client id and secrets .

     $url = "http://localhost:4000"
         $objectId = "<objectid>"
         $clientId = "<clientID>"
         $tenantValue ="<tenantID>"
         $clientSecret ="<client secret value>"
         $serviceAccountEmail = "yourusername.onmicrosoft.com"
         $serviceAccountPassword = "your password"
    
    
    $webServiceURL = $url
    Write-Host "$webServiceURL"
    Write-Host "Done creating the webServiceURL"
    
    Write-Host "Convert password to Secure string"
    $SecurePassword = ConvertTo-SecureString $serviceAccountPassword -AsPlainText -Force
    Write-Host "Done converting password to Secure string"
    
    $Credential = New-Object System.Management.Automation.PSCredential($serviceAccountEmail, $SecurePassword)
    
    Write-Host "Logging in"
    Login-AzAccount -Credential $Credential
    
    $tid = (Get-AzTenant).Id
    
    Write-Host "Getting token"
    $tokenBody = @{
        'tenant' = $tid
        'client_id' = $clientId
        'scope' = 'https://graph.microsoft.com/.default'
        'client_secret' = $clientSecret
        'grant_type' = 'client_credentials'
    }
    
    $Params = @{
        'Uri' = "https://login.microsoftonline.com/$tid/oauth2/v2.0/token"
        'Method' = 'Post'
        'Body' = $tokenBody
        'ContentType' = 'application/x-www-form-urlencoded'
    }
    
    $AuthResponse = Invoke-RestMethod @Params
    
    $AuthResponse
    
    
    $header = @{
        'Content-Type' = 'application/json'
        'Authorization' = "Bearer $($AuthResponse.access_token)"
    }
    
    $header
    
    $redirectUris = (Invoke-RestMethod -Method Get -Uri "https://graph.microsoft.com/beta/applications/$objectId" -Headers $header).spa.redirectUris
    
    if ($redirectUris -notcontains "$webServiceURL") {
        $redirectUris += "$webServiceURL"
        Write-Host "Adding $webServiceURL to redirect URIs";
    }
    
    
    $body = @{
        'spa' = @{
            'redirectUris' = $redirectUris
        }
    } | ConvertTo-Json
    
    Invoke-RestMethod -Method Patch -Uri "https://graph.microsoft.com/beta/applications/$objectId" -Headers $header -Body $body
    

    Here is the OUTPUT for Reference:- enter image description here

    enter image description here

  • answered 2022-01-20 12:36 Kristofer

    You can fetch the current values with --method get, convert it to an ArrayList and then add your new value:

    $appdata = az rest --method get --uri 'https://graph.microsoft.com/v1.0/applications/{id}' | ConvertFrom-Json
    $uris = [System.Collections.ArrayList]$appdata.web.redirectUris
    $uris.Add('abc')
    

How many English words
do you know?
Test your English vocabulary size, and measure
how many words do you know
Online Test
Powered by Examplum