c# - Edit requiredResourceAccess of Azure AD Application using MVC or C#.NET application

问题描述

I am running PowerShell code from C# app to register an application in Azure AD (create an application in Azure AD).I want to Add and Grant permissions for "Power BI Service" and "Windows Azure Active Directory" on this registered application.

I found that we can also edit the Manifest of Azure AD application and pass requiredResourceAccess array. This will automatically add and grant permission for the application.

Please help me with PowerShell commands which can be run using C# code or C# code to edit Manifest of application so that add grant and permissions to Azure Ad Application programatically.

标签： c#azurepowershellazure-active-directory

Try the powershell command below, in the sample, it grants the some permissions of Windows Azure Active Directory api and Power BI Service api.

$req = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"
$acc1 = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "311a71cc-e848-46a1-bdf8-97ff7156d8e6","Scope"
$acc2 = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "aaff0dfd-0295-48b6-a5cc-9f465bc87928","Role"
$req.ResourceAccess = $acc1,$acc2
$req.ResourceAppId = "00000002-0000-0000-c000-000000000000"

$reqe = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"
$acc1e = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "ddb3ca45-a192-477d-acb2-46bf9dc586de","Scope"
$acc2e = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "28379fa9-8596-4fd9-869e-cb60a93b5d84","Role"
$reqe.ResourceAccess = $acc1e,$acc2e
$reqe.ResourceAppId = "00000009-0000-0000-c000-000000000000"

Set-AzureADApplication -ObjectId <ObjectId> -RequiredResourceAccess @($req,$reqe)

c# - Edit requiredResourceAccess of Azure AD Application using MVC or C#.NET application

问题描述

解决方案

推荐阅读