Forum Discussion

Adam Fowler's avatar
Adam Fowler
Iron Contributor
Oct 13, 2016

PowerShell for App creation and permissions in Azure AD

Hi,
I've been working on scripting ways to create applications on the fly and apply group permisisons, but I'm a bit stuck.

 

What I'm doing is creating an app for a Sharepoint Online site, adding users to a group then trying to add the group to have access to the app.

 

For App creation if I use this command:

New-AzureRmADApplication -DisplayName "ABC -HomePage "https://URLGOESHERE -IdentifierUris "URLGOESHERE"

 

When I do that, the app doesn't have the option via Azure AD GUI to turn "User assignment required to access app" off or on as it's greyed out, and if I try to make a change via the GUI it gives a generic error.

 

So, if I create the app manually.. how do I give a group permission to the app?


I found this: https://social.msdn.microsoft.com/Forums/en-US/de3c56e2-9010-463c-9bbd-faf70069cd26/azure-ad-manage-users-with-powershell?forum=WindowsAzureAD 

 

but when I try that, I get this error:

New-AzureADUserAppRoleAssignment : Error occurred while executing NewUserAppRoleAssignment
StatusCode: BadRequest
ErrorCode: Request_BadRequest
Message: One or more properties are invalid.

 

I'm stuck now, so wondering if anyone has successfully done this, or can point me in the right direction?

Resources