CODEWITHSUNDEEP
manifestazure-powershellazure-app-registrationmicrosoft-entra-idpowershell-az-module
Diwakar Reddy
Diwakar Reddy

Reputation: 146

How to Update Update manifest of AAD app via Az module PowerShell script or C# code

I am new to Microsoft Entra id and trying to create App register using Az module powerhsell script and also wants to update its manifest file with below

"trustedCertificateSubjects": [
    {
        "authorityId": "00000000-0000-0000-0000-000000000001",
        "subjectName": "subjectname1",
        "revokedCertificateIdentifiers": []
    },
    {
        "authorityId": "00000000-0000-0000-0000-000000000001",
        "subjectName": "subjectname2",
        "revokedCertificateIdentifiers": []
    }
]

Below Script I am using to create App register and need to modify this powershell script to update manifest file as well.

param(
    [Parameter(Mandatory=$true)]
    [string]$Environment,
    [Parameter(Mandatory=$true)]
    [string]$PartnerName
)
switch ($Environment) {
    'test' {
        $PartnerAppSuffix = '-test'
    }
    'dev' {
        $PartnerAppSuffix = '-dev'
    }
}
# Check if the app already exists
$App = Get-AzADServicePrincipal -Filter "DisplayName eq '$PartnerName$PartnerAppSuffix'"

if ($App -eq $null) {
    # If the app doesn't exist, create a new one
    $appName = $PartnerName+$PartnerAppSuffix
    $redirectUris = @("https://mscloud.onmicrosoft.com/$appName")
    $secretName = "secretKey"

    $App = New-AzADApplication -DisplayName $appName `
        -ReplyUrls $redirectUris `
        -Homepage "https://mscloud.onmicrosoft.com/$appName" `
        -IdentifierUris "https://mscloud.onmicrosoft.com/$appName" `
        -Web @{
            ImplicitGrantSetting = @{
                EnableAccessTokenIssuance = $true
                EnableIdTokenIssuance = $true
            }
        }

    # Create a new service principal for the app
    $ServicePrincipal = New-AzADServicePrincipal -ApplicationId $App.AppId

    Write-Host "New app registration created. AppId: $($App.AppId)"
} else {
    Write-Host "App registration '$PartnerName' already exists. AppId: $($App.AppId)"
}

Upvotes: 2

Views: 568

Answers (1)

Sridevi
Sridevi

Reputation: 22307

AFAIK, there are currently no commands available in the Azure Az PowerShell module that directly allow updating the manifest of an Azure AD application with trustedCertificateSubjects.

Only, predefined manifest parameters can be updated programmatically that are defined in this MS Document.

For now, you can only update it manually via Manifest tab in Azure Portal like this:

"trustedCertificateSubjects": [
    {
        "authorityId": "00000000-0000-0000-0000-000000000001",
        "subjectName": "subjectname1",
        "revokedCertificateIdentifiers": []
    },
    {
        "authorityId": "00000000-0000-0000-0000-000000000001",
        "subjectName": "subjectname2",
        "revokedCertificateIdentifiers": []
    }
]

enter image description here

To update these properties using Az PowerShell, you can post this idea at the Azure Feedback Portal, which is monitored by the product team for feature enhancements.

Upvotes: 1

Related Questions