Search code examples
azureazure-active-directoryazure-authenticationmicrosoft-entra-idpowershell-az-module

Unable to activate Implicit Grant & Hybrid Flows using the Az module cmds in PowerShell because the `oauth2AllowImplicitFlow` param is not supported

I am in the process of transitioning from the Azure module to Az module commands to create an App registration and enable Implicit Grant. However, I have encountered a few parameters that are not available in the Az module.

Azure Module Script:

 
Connect-AzureAD -TenantId <<TenantId>>
 
$appName = "<<AppName>>"
$redirectUris = @("https://mspmecloud.onmicrosoft.com/$appName")
$secretName = "secretKey"

$App = (New-AzureADApplication -DisplayName $appName `
-ReplyUrls $redirectUris `
-Homepage "https://mspmecloud.onmicrosoft.com/$appName" `
-IdentifierUris "https://mspmecloud.onmicrosoft.com/$appName"`
-Oauth2AllowImplicitFlow $true -PublicClient $false
)
 
New-AzureADServicePrincipal -AccountEnabled $true -AppId $App.AppId -DisplayName $appName

Below is Az module Script:

$appName = "<<AppName>>"
$redirectUris = @("https://mspmecloud.onmicrosoft.com/$appName")
$secretName = "secretKey"
$App = (New-AzADApplication -DisplayName $appName `
-ReplyUrls $redirectUris `
-Homepage "https://mspmecloud.onmicrosoft.com/$appName" `
-IdentifierUris "https://mspmecloud.onmicrosoft.com/$appName"`
)
New-AzADServicePrincipal -ApplicationId $App.AppId

The documentation I am referring to for Az module commands is as follows: https://learn.microsoft.com/en-us/powershell/module/az.resources/new-azadapplication?view=azps-11.1.0 https://learn.microsoft.com/en-us/powershell/module/az.resources/new-azadserviceprincipal?view=azps-0.10.0

Is there an alternative method in the Az module PowerShell to enable "oauth2AllowImplicitFlow"?

I need to choose the options highlighted below using an Az module script.

enter image description here

enter image description here

Expected for Expose an API option is like below enter image description here

Solution

  • To activate Implicit Grant & Hybrid Flows using the Az module commands, you can make use of below updated script:

    $appName = "<<AppName>>"
$redirectUris = @("https://mspmecloud.onmicrosoft.com/$appName")
$secretName = "secretKey"
$App = (New-AzADApplication -DisplayName $appName `
-ReplyUrls $redirectUris `
-Homepage "https://mspmecloud.onmicrosoft.com/$appName" `
-IdentifierUris "https://mspmecloud.onmicrosoft.com/$appName"`
-Web @{
    ImplicitGrantSetting = @{
        EnableAccessTokenIssuance = $true
        EnableIdTokenIssuance = $true
    }
}
)
New-AzADServicePrincipal -ApplicationId $App.AppId

    Response:

    enter image description here

    When I checked the same in Portal, application created successfully with Implicit Grant & Hybrid Flows enabled like this:

    enter image description here

    Reference: New-AzADApplication (Az.Resources) | Microsoft