AzureAD powershell New Service Principal

1
votes

How do you set the Reply URL for a service principal with powershell. The following doesn't commands don't add anything to that field when I check on the management portal.

  • $aa = new-AzureADApplication -DisplayName "Name" -HomePage "addr" -IdentifierUris "addr"
  • new-AzureADServicePrincipal -ApplicationId $aa.ApplicationId
  • ..... setting up the roles and etc.

The IdentifierUris seem to only fill the APP ID URI. It takes an array but when I do something like this, azure responds with an internal error: Either

$arr = @("addr1","addr2") 
New-AzureAdApplication -IdentifierUris $arr

or 

New-AzureAdApplication -IdentifierUris (,$arr)

or

New-AzureAdApplication -IdentifierUris @("addr1","addr2")

Is it possible to set this field through powershell?

1
powershellazureazure-active-directoryservice-principal

1 Answers

1
votes

I don't know of a way to do it with the Azure PowerShell modules, but you can do it with the Set-MsolServicePrincipal cmdlet in the Azure AD (aka MSOnline) module. Reply URLs can be managed via the Addresses collection.

Example (from https://gist.github.com/rytmis/4178996):

$addresses = $principal.Addresses
$addresses.Add((New-MsolServicePrincipalAddresses -Address http://localhost:81))
$addresses.Add((New-MsolServicePrincipalAddresses -Address http://my-deployment-endpoint.cloudapp.net))
Set-MsolServicePrincipal -AppPrincipalId $appPrincipalId -Addresses $addresses

Edit (some background info)

Applications and Service Principals are separate but related entities. (This article explains the relationship between the two).
When you create an application via the Azure AD portal, it creates both the application and the service principal. To get the same result from PowerShell, you have to create both objects.

# Create the application object
$azureAdApplication = New-AzureRmADApplication -DisplayName "<Your Application Display Name>" `
                                             -HomePage "<https://YourApplicationHomePage>" `
                                             -IdentifierUris "<https://YouApplicationUri>"

# Create the corresponding service principal
New-AzureRmADServicePrincipal -ApplicationId $azureAdApplication.ApplicationId

Application/Service Principal combinations created this way should show up in the portal, and can be used the same way as those created in the portal.