Azure AD - App Registration - Creating a new scope

Question

I'm looking for a way to create a new Azure Active Directory application registration via a PowerShell script. I can create the application using the following script:

$appName = "CliApp"

az ad app create --display-name "$appName" --oauth2-allow-implicit-flow true
$appJson = az ad app list --query "[?displayName=='$appName']"
$app = $appJson | ConvertFrom-Json
az ad app update --id $app.appId --identifier-uris api://$($app.appId) api://$($appName.ToLower())

But as I understand it, in order to create a new scope, I need to call Graph API. Is that correct? Are there any examples on how to do that via Powershell? If so, how do I get an auth token using my credentials from Powershell?

score 0 · Answer 1 · answered Dec 28 '21 at 22:46

You can use portal.azure.com > Azure Active Directory > App registration Manually create using web browser, and then see / export whole manifest.json with all details and configuration, including scopes to Microsoft Graph API or whatever you need.

Then you can use script using Azure CLI:

az ad app create --display-name "$appName" --required-resource-accesses @manifest.json

more info here: https://docs.microsoft.com/en-us/cli/azure/ad/app?view=azure-cli-latest#az_ad_app_create

Azure AD - App Registration - Creating a new scope

1 Answers1