关于创建 AAD 应用程序的 InvalidIdentifierUri
InvalidIdentifierUri on creating AAD application
我正在尝试使用 powershell 脚本创建 azure 广告应用程序:
$appIdGuid = New-Guid
$graphApp = New-AzureADApplication -DisplayName $graphAppDisplayName `
-IdentifierUris "api://$appIDGuid" `
-ReplyUrls $replyUrls `
-RequiredResourceAccess $requiredResourceAccess `
-AvailableToOtherTenants $false `
-Oauth2AllowImplicitFlow $false `
-PublicClient $false
在 运行 上面的脚本中,我得到错误:
New-AzureADApplication : Error occurred while executing NewApplication
Code: Request_BadRequest
Message: The application identifier uri '[api://b0129570-1d70-4c1a-8eb8-6301c0f4dc2f]' is invalid.
RequestId: aaaccbaa-bab2-4ff0-bb4b-aeacfa3863c5
DateTimeStamp: Tue, 04 Jan 2022 01:11:57 GMT
Details: PropertyName - identifierUris, PropertyErrorCode - InvalidIdentifierUri
HttpStatusCode: BadRequest
HttpStatusDescription: Bad Request
HttpResponseStatus: Completed
At C:\Scripts\Set-GraphCredentialsAzureADApplication.ps1:142 char:21
+ ... $graphApp = New-AzureADApplication -DisplayName $graphAppDisplayNa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureADApplication], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.NewApplication
我错过了什么?
因为AdminOfThings已经在评论中提到,你只能把clientId新应用程序注册或 tenantid 作为 AAD 中的 identifierUri with Premium License .
所以,作为解决方案,您可以使用如下内容:
$graphAppDisplayName = "testapp"
$App=New-AzureADApplication -DisplayName $graphAppDisplayName -AvailableToOtherTenants $false -Oauth2AllowImplicitFlow $false -PublicClient $false
$id=$App.AppId
Set-AzureADApplication -ObjectId $App.objectId -IdentifierUris "api://$id"
输出:
我正在尝试使用 powershell 脚本创建 azure 广告应用程序:
$appIdGuid = New-Guid
$graphApp = New-AzureADApplication -DisplayName $graphAppDisplayName `
-IdentifierUris "api://$appIDGuid" `
-ReplyUrls $replyUrls `
-RequiredResourceAccess $requiredResourceAccess `
-AvailableToOtherTenants $false `
-Oauth2AllowImplicitFlow $false `
-PublicClient $false
在 运行 上面的脚本中,我得到错误:
New-AzureADApplication : Error occurred while executing NewApplication
Code: Request_BadRequest
Message: The application identifier uri '[api://b0129570-1d70-4c1a-8eb8-6301c0f4dc2f]' is invalid.
RequestId: aaaccbaa-bab2-4ff0-bb4b-aeacfa3863c5
DateTimeStamp: Tue, 04 Jan 2022 01:11:57 GMT
Details: PropertyName - identifierUris, PropertyErrorCode - InvalidIdentifierUri
HttpStatusCode: BadRequest
HttpStatusDescription: Bad Request
HttpResponseStatus: Completed
At C:\Scripts\Set-GraphCredentialsAzureADApplication.ps1:142 char:21
+ ... $graphApp = New-AzureADApplication -DisplayName $graphAppDisplayNa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureADApplication], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.NewApplication
我错过了什么?
因为AdminOfThings已经在评论中提到,你只能把clientId新应用程序注册或 tenantid 作为 AAD 中的 identifierUri with Premium License .
所以,作为解决方案,您可以使用如下内容:
$graphAppDisplayName = "testapp"
$App=New-AzureADApplication -DisplayName $graphAppDisplayName -AvailableToOtherTenants $false -Oauth2AllowImplicitFlow $false -PublicClient $false
$id=$App.AppId
Set-AzureADApplication -ObjectId $App.objectId -IdentifierUris "api://$id"
输出: