Search code examples
azurepowershell

How to create a non-expiring client secret for an Azure app registration using PowerShell?


I'm kind of new in the web development. I developed an ASP .NET Core Web application that is registered in the Azure portal of my organization. This web application is using Microsoft Graph API, so it needs the client secret to work.

Well, my problem is that the UI in azure portal don't let me create a client secret that never expires. I read that you can create the client secret using the PowerShell. How does it work? Once created, will this secret be visible in the "app registration" of the azure portal? Do I need to execute the code in a specific repository in PowerShell? Never used this tool, so I'm kind of lost.

Feel free to redirect me in the good direction!


Solution

  • You can create the client secret from the Remote PowerShell or from the PowerShell in azure cli.

    • You need to install Azure AD modules if you want to connect to azure ad from remote PowerShell.

    • Run the below Install command in PowerShell in Admin mode.

    Install-Module -Name AzureAD
    
    • Here is the reference document to install Azure AD modules
    • Here are the list of commands to create an New App registration in the Azure active directory & followed by client secrets.
    connect-AzureAD
        $azureADAppReg = New-AzureADApplication -DisplayName NewStackTest -AvailableToOtherTenants $false -IdentifierUris 'https://local host'
        New-AzureADApplicationPasswordCredential -CustomKeyIdentifier PrimarySecret -ObjectId $azureADAppReg.ObjectId -EndDate ((Get-Date).AddMonths(6))
    
    • Once you create the Client Secret from the PowerShell, it will automatically reflect in the Azure portal & it will be visible under client & secrets in App registrations.