New-AzureADApplication

Syntax

Default (Default)

New-AzureADApplication
    [-AddIns <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AddIn]>]
    [-AllowGuestsSignIn <Boolean>]
    [-AllowPassthroughUsers <Boolean>]
    [-AppLogoUrl <String>]
    [-AppRoles <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AppRole]>]
    [-AvailableToOtherTenants <Boolean>]
    -DisplayName <String>
    [-ErrorUrl <String>]
    [-GroupMembershipClaims <String>]
    [-Homepage <String>]
    [-IdentifierUris <System.Collections.Generic.List`1[System.String]>]
    [-InformationalUrls <InformationalUrl>]
    [-IsDeviceOnlyAuthSupported <Boolean>]
    [-IsDisabled <Boolean>]
    [-KeyCredentials <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]>]
    [-KnownClientApplications <System.Collections.Generic.List`1[System.String]>]
    [-LogoutUrl <String>]
    [-Oauth2AllowImplicitFlow <Boolean>]
    [-Oauth2AllowUrlPathMatching <Boolean>]
    [-Oauth2Permissions <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.OAuth2Permission]>]
    [-Oauth2RequirePostResponse <Boolean>]
    [-OrgRestrictions <System.Collections.Generic.List`1[System.String]>]
    [-OptionalClaims <OptionalClaims>]
    [-ParentalControlSettings <ParentalControlSettings>]
    [-PasswordCredentials <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]>]
    [-PreAuthorizedApplications <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PreAuthorizedApplication]>]
    [-PublicClient <Boolean>]
    [-PublisherDomain <String>]
    [-RecordConsentConditions <String>]
    [-ReplyUrls <System.Collections.Generic.List`1[System.String]>]
    [-RequiredResourceAccess <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.RequiredResourceAccess]>]
    [-SamlMetadataUrl <String>]
    [-SignInAudience <String>]
    [-WwwHomepage <String>]
    [<CommonParameters>]

Description

Examples

Example 1: Create an application

PS C:\>New-AzureADApplication -DisplayName "My new application"  -IdentifierUris "http://mynewapp.contoso.com"

ObjectId                             AppId                                DisplayName
--------                             -----                                -----------
acd10942-5747-4385-8824-4c5d5fa904f9 b5fecfab-0ea2-4fd1-8570-b2c41b3d5149 My new application

Parameters

-AddIns

Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. This will let services like Office 365 call the application in the context of a document the user is working on.

Parameter properties

Parameter sets

-AllowGuestsSignIn

{{ Fill AllowGuestsSignIn Description }}

Parameter properties

Parameter sets

-AllowPassthroughUsers

{{ Fill AllowPassthroughUsers Description }}

Parameter properties

Parameter sets

-AppLogoUrl

{{ Fill AppLogoUrl Description }}

Parameter properties

Parameter sets

-AppRoles

The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals.

Parameter properties

Parameter sets

-AvailableToOtherTenants

Indicates whether this application is available in other tenants.

Parameter properties

Parameter sets

-DisplayName

Specifies the display name of the application.

Parameter properties

Parameter sets

-ErrorUrl

The Error URL of this application

Parameter properties

Parameter sets

-GroupMembershipClaims

A bitmask that configures the "groups" claim issued in a user or OAuth 2.0 access token that the application expects. The bitmask values are: 0: None, 1: Security groups and Azure AD roles, 2: Reserved, and 4: Reserved. Setting the bitmask to 7 will get all of the security groups, distribution groups, and Azure AD directory roles that the signed-in user is a member of.

Parameter properties

Parameter sets

-Homepage

The URL to the application's homepage.

Parameter properties

Parameter sets

-IdentifierUris

User-defined URI(s) that uniquely identify a Web application within its Azure AD tenant, or within a verified custom domain (see "Domains" tab in the Azure classic portal) if the application is multi-tenant.

The first element is populated from the Web application's "APP ID URI" field if updated via the Azure classic portal (or respective Azure AD PowerShell cmdlet parameter). Additional URIs can be added via the application manifest; see Understanding the Azure AD Application Manifest for details. This collection is also used to populate the Web application's servicePrincipalNames collection.

Parameter properties

Parameter sets

-InformationalUrls

{{ Fill InformationalUrls Description }}

Parameter properties

Parameter sets

-IsDeviceOnlyAuthSupported

{{ Fill IsDeviceOnlyAuthSupported Description }}

Parameter properties

Parameter sets

-IsDisabled

{{ Fill IsDisabled Description }}

Parameter properties

Parameter sets

-KeyCredentials

The collection of key credentials associated with the application

Parameter properties

Parameter sets

-KnownClientApplications

Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource).

Parameter properties

Parameter sets

-LogoutUrl

The logout url for this application

Parameter properties

Parameter sets

-Oauth2AllowImplicitFlow

Specifies whether this web application can request OAuth2.0 implicit flow tokens. The default is false.

Parameter properties

Parameter sets

-Oauth2AllowUrlPathMatching

Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow path matching of the redirect URI against the application's replyUrls. The default is false.

Parameter properties

Parameter sets

-Oauth2Permissions

The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent.

Parameter properties

Parameter sets

-Oauth2RequirePostResponse

Set this to true if an Oauth2 post response is required

Parameter properties

Parameter sets

-OptionalClaims

{{ Fill OptionalClaims Description }}

Parameter properties

Parameter sets

-OrgRestrictions

{{ Fill OrgRestrictions Description }}

Parameter properties

Parameter sets

-ParentalControlSettings

{{ Fill ParentalControlSettings Description }}

Parameter properties

Parameter sets

-PasswordCredentials

The collection of password credentials associated with the application.

Parameter properties

Parameter sets

-PreAuthorizedApplications

{{ Fill PreAuthorizedApplications Description }}

Parameter properties

Parameter sets

-PublicClient

Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.

Parameter properties

Parameter sets

-PublisherDomain

{{ Fill PublisherDomain Description }}

Parameter properties

Parameter sets

-RecordConsentConditions

Do not use. May be removed in future versions

Parameter properties

Parameter sets

-ReplyUrls

Specifies the URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.

Parameter properties

Parameter sets

-RequiredResourceAccess

Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience.

Parameter properties

Parameter sets

-SamlMetadataUrl

The URL to the SAML metadata for the application.

Parameter properties

Parameter sets

-SignInAudience

{{ Fill SignInAudience Description }}

Parameter properties

Parameter sets

-WwwHomepage

{{ Fill WwwHomepage Description }}

Parameter properties

Parameter sets

CommonParameters

Related Links

• Get-AzureADApplication
• Remove-AzureADApplication
• Set-AzureADApplication