azurepowershellazure-active-directory
Creating an Azure AD app using az powershell
I am trying to write a PowerShell script to create an azure AD app and a client secret for that app. In the end: the code should print App-ID, tenant ID, and value of client secret: here is the code that I have written:
# Function to generate a random password
function Generate-Password {
$validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_+"
$password = ""
For ($i=0; $i -lt 16; $i++) {
$random = Get-Random -Minimum 0 -Maximum $validChars.Length
$password += $validChars[$random]
}
return $password
}
# Authenticate and login to Azure
Connect-AzAccount
# Set the name, home page URL, and identifier URI of the app
$appName = "test-123"
# Generate a random password for the client secret
$clientSecretPassword = Generate-Password | ConvertTo-SecureString -AsPlainText -Force
# Create the Azure AD app
$app = New-AzADApplication -DisplayName $appName
# Create a client secret for the app
$secret = New-AzADAppCredential -ApplicationId $app.ApplicationId -Password $clientSecretPassword
$secret.Secret
# Print the Client ID and Tenant ID of the app
Write-Host "Client ID: " $app.ApplicationId
Write-Host "Tenant ID: " (Get-AzContext).Tenant.Id
# Print the value of the client secret
$clientsecret = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secret.Secret))
Write-Host "Client Secret: " $clientSecret
but I am getting the following error for this:
Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null.
Parameter name: s"
At C:\Users\azure-app.ps1:35 char:1
+ $clientsecret = [System.Runtime.InteropServices.Marshal]::PtrToStrin ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ArgumentNullException
Client Secret:
Can anyone help me debug this issue or re-factor the code? Thank you
Solution
I Tried to reproduce the same in my environment to create an azure AD app and display the client secret & client ID using PowerShell
You can use below PowerShell Script to create Azure AP App with Client Secret.
#Connect to Azure AD
Connect-AzureAD
#Set variables for the app
$appName = "MyApp"
$replyUrls = "http://localhost"
$secret = "MySecret"
#Create the app
$app = New-AzureADApplication -DisplayName $appName -ReplyUrls $replyUrls -PublicClient $false
#Create the client secret
$bytes = [System.Text.Encoding]::Unicode.GetBytes($secret)
$base64 = [System.Convert]::ToBase64String($bytes)
$startDate = Get-Date
$endDate = $startDate.AddYears(1)
$secret = New-AzureADApplicationPasswordCredential -ObjectId $app.ObjectId -CustomKeyIdentifier "MyCustomKeyIdentifier" -Value $base64 -StartDate $startDate -EndDate $endDate
#Retrieve the tenant ID
$tenantId = (Get-AzureADTenantDetail).ObjectId
#Print the App-ID, tenant ID, and client secret
Write-Host "App-ID: $($app.AppId)"
Write-Host "Tenant ID: $tenantId"
Write-Host "Client Secret: $($secret.Value)"
Once ran the above commands Azure App got created successfully with client secret.
When I check Azure App in portal, it got created successfully.
- What is a difference between elastic computing and serverless computing?
- Access Sharepoint Online Files from .NET Worker Service via Microsoft Graph/OAuth - Unauthorized or Access Denied error (401)
- How do I fix SerializationNotSupportedParentType and ThrowNotSupportedException_ConstructorContainsNullParameterNames exception in System.Text.Json?
- Update VCore by database in power shell
- While scanning a simple key, could not find expected ':'. Syntax error in azure-pipeline.yaml
- I'm not able to call the Azure document intelligence api using the latest api version "2024-02-29-preview"
- AzureWebJobsStorage Managed Identity not working
- Get-RemoteDomain in powershell exchange online error : The term 'Get-RemoteDomain' is not recognized as the name of a cmdlet
- How can I Get Started Using Certificates to Authenticate my APIs Using Azure Key Vault?
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How to set up a site-to-site connection between Azure VNet and an on-premises network with a single IP address for traffic selectors?
- Summarization of docx or pdf document
- Unable to use Azure Developer CLI (azd) in vsCode even after extensions installed
- How to configure backend application on Container Apps
- WebJob is stopping due to website shutting down
- Azure SQL trigger for Functions configuration problem
- Does azure blob storage support http2?
- Azure Pronunciation Assessment Could not deserialize speech context error
- Is there a query to run so I can get a list of users who has NOT logged in, in the past 30 days?
- How do I Parse FormData containing a audio file in AZ function app in 2025
- Not able to delete Public IP address in azure
- Azure Devops Apple App Store Release.Missing value for the attribute 'whatsNew'
- Azure Storage accounts container public access level has dissabled
- Issue with adding delegated Graph API permission to Enterprise app with Terraform
- Getting an error when using the Flexible File Destination Task in Visual Studio 2022 SSIS
- Problem with Azure Email Communication Service Custom Domain
- How to refresh client assertion in ConfidentialClientApplication?
- Using Microsoft Graph Explorer (we have code too) we can GET All Subscriptions, but GET one by ID gives access error
- Invalid operands found for operator -eq
- nginx - php-fpm - azure container app returns truncated pages