Issue with Application ID URI in Azure AD App registration , while using Terraform
I am trying to modify my application identifier URI from the format :
"https://app-contoso.api-qa.contoso.onmicrosoft.com" to the format "api://(app id)"
I am using Terraform to do this.
So if i just use :
application_identifier_uris = [format("api://%s", random_uuid.contoso-api-app.result)]
i get a random id and not the actual app ID. How do i ensure that i get the actual App ID in the format "api://(app ID)" I have to use a random uuid as i get a cyclic error in Terraform if i refer the output of the app ID from my application module.
I am using our own application module to do app registration
i get a random id and not the actual app ID. How do i ensure that i get the actual App ID in the format "api://(app ID)" I have to use a random uuid as i get a cyclic error in Terraform if i refer the output of the app ID from my application module.
You are generating a random GUID and assigning the value there , so for that reason you will be getting random ID and not the actual app ID. As for the Cyclic Error you will be receiving error something like below image if you use a reference to AppID as the application is getting created the same time when you referencing it so after creation only the application id will be usable or identified.
So, the above is not possible from terraform for now ,as you already know there has been a Feature flag or Enhancement raised for the same in this Github Issue.
For solution you can use other management tools like Powershell/Azure-CLI to update the identifier uri's.
After Azure AD application is created from terraform you can use AzureAD Modules or az ad app CLI module to update the application programatically.
For your use case Powershell script will be something like below:
Connect-AzureAD
$app= Get-AzureADApplication -Filter "DisplayName eq 'ansumanterraformtest'"
$appobjectid = $app.ObjectId
$appId = $app.AppId
Set-AzureADApplication -ObjectId $app.ObjectId -IdentifierUris "api://$appId"
Outputs:
