Reputation: 33
How to specify replyUrlsWithType programmatically
I want to set the replyUrlsWithType programmatically on an app manifest within Azure AD. However, the REST API for updating the manifest only seems to support setting the replyUrls property, which does not enable the type property to be set. Is there a supported way to set the replyUrlsWithType programmatically?
The team I'm working with has used Fiddler to take a look at how the Azure portal sets the type property and have hacked the following to get it to work, but we are looking for a supported method if there is one:
$UpdateAppResponse = Invoke-WebRequest -Uri "https://graph.windows.net/myorganization/applications/$appId?api-version=2.0" `
-Method "PATCH" `
-Headers @{"Authorization"="$($Response.token_type) $($Response.access_token)"; "Accept"="*/*"; } `
-ContentType "application/json" `
-Body "{`"id`":`"$appId`",`"replyUrlsWithType`":[{`"url`":`"https://$HostName`",`"type`":`"Web`"},{`"url`":`"msauth://$ReversedHostName`",`"type`":`"InstalledClient`"}, {`"url`":`"msauth.$ReversedHostName://auth`",`"type`":`"InstalledClient`"}]}"
Upvotes: 3
Views: 4703
Answers (2)
Reputation: 11
For anybody who is looking to configure similarly as a SPA, you can set the property to "spa" instead of "web". This was a headache for me so hopefully helpful for others:
Instead of:
"web": {
"redirectUris": [
use
"spa": {
"redirectUris": [
A one liner for the Azure Cloud Shell (bash):
az rest --method PATCH --uri 'https://graph.microsoft.com/v1.0/applications/<APP REG OBJECT GUID (object ID not the App ID)>' --headers 'Content-Type=application/json' --body '{"spa":{"redirectUris":["https:<APP DOMAIN (and port if needed)>"]}}'
Upvotes: 1
Reputation: 5559
In the past, the application registered in Azure portal could only be one type. So, the Azure AD Graph API was able to set replyUrls.
However, new application registered in Azure portal could support both type at the same time. Based on the fiddler traces, the Azure AD Graph seems to updated to support that.
The url https://graph.windows.net/myorganization/applications/$appId?api-version=2.0 is a typical url of AAD Graph API. Maybe just the document has not been updated.
However, we suggest you use Microsoft Graph API. It is an unified center for managing lots of Microsoft Cloud Resources.
You can Get application and Update application with Microsoft Graph API.
For example, you can make a PATCH request with the following body:
{
"publicClient": {
"redirectUris": [
"myapp://auth"
]
},
"web": {
"redirectUris": [
"https://devchat.com/",
"http://localhost/",
"https://mytest.com/"
],
"implicitGrantSettings": {
"enableAccessTokenIssuance": false,
"enableIdTokenIssuance": false
}
}
}
Then all the platforms will be added:
Upvotes: 8
Related Questions
- How to add reply URI with parameters in Azure AD Redirect URIs?
- Azure - Create App Registration with replyUrlsWithType
- Azure AD prevents adding HTTP reply URLs
- Add variables to reply URLs in Azure B2C
- Add reply URL to Azure Active Directory register app via command line
- AAD implementation reply url
- Azure AD reply url: how to add several urls when using openid connect auth
- Change Azure Active Directory "Reply URL" via Powershell command
- Azure AD App Requires Full Path for Reply Url?
- Azure Active Directory Reply URL not working as expected