New-EntraApplicationKey
Adds a new key to an application.
Syntax
Default (Default)
New-EntraApplicationKey
-ApplicationId <String>
-KeyCredential <KeyCredential>
-PasswordCredential <PasswordCredential>
-Proof <String>
[<CommonParameters>]
Description
Adds a new key to an application.
Examples
Example 1: Add a key credential to an application
Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$application = Get-EntraApplication -Filter "DisplayName eq '<application-display-name>'"
$params = @{
ApplicationId = $application.Id
KeyCredential = @{ key=[System.Convert]::FromBase64String('{base64cert}') }
PasswordCredential = @{ DisplayName = 'mypassword' }
Proof = '{token}'
}
New-EntraApplicationKey @params
This command adds a key credential to an specified application.
-ApplicationIdparameter specifies the unique identifier of an application.-KeyCredentialparameter specifies the application key credential to add.-PasswordCredentialparameter specifies the application password credential to add.-Proofparameter specifies the signed JWT token used as a proof of possession of the existing keys.
Parameters
-ApplicationId
The unique identifier of the application object.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | ObjectId |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-KeyCredential
The application key credential to add.
NOTES: keyId value should be null.
Parameter properties
| Type: | KeyCredential |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PasswordCredential
The application password credential to add.
NOTES: keyId value should be null.
Parameter properties
| Type: | PasswordCredential |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Proof
A signed JWT token used as a proof of possession of the existing keys.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.