New-AzApiManagementIdentityProvider

Creates a new Identity Provider configuration.

Syntax

New-AzApiManagementIdentityProvider
   -Context <PsApiManagementContext>
   -Type <PsApiManagementIdentityProviderType>
   -ClientId <String>
   -ClientSecret <String>
   [-AllowedTenants <String[]>]
   [-Authority <String>]
   [-SignupPolicyName <String>]
   [-SigninPolicyName <String>]
   [-ProfileEditingPolicyName <String>]
   [-PasswordResetPolicyName <String>]
   [-SigninTenant <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Creates a new Identity Provider configuration.

Examples

Example 1: Configures Facebook as an identity Provider for Developer Portal Logins

$apimContext = New-AzApiManagementContext -ResourceGroupName "Api-Default-WestUS" -ServiceName "contoso"
New-AzApiManagementIdentityProvider -Context $apimContext -Type 'Facebook' -ClientId 'sdfsfwerwerw' -ClientSecret 'sdgsdfgfst43tewfewrf'

This command configures Facebook Identity as a accepted Identity Provider on the Developer Portal of the ApiManagement service. This takes as input the ClientId and ClientSecret of the Facebook app.

Example 2: Configures adB2C as an identity Provider for Developer Portal Logins

$apimContext = New-AzApiManagementContext -ResourceGroupName "Api-Default-WestUS" -ServiceName "contoso"
New-AzApiManagementIdentityProvider -Context $context -Type AadB2C -ClientId 00001111-aaaa-2222-bbbb-3333cccc4444 -ClientSecret "foobar" -AllowedTenants 'samirtestbc.onmicrosoft.com' -SignupPolicyName B2C_1_signup-policy

Type                     : AadB2C
ClientId                 : 00001111-aaaa-2222-bbbb-3333cccc4444
ClientSecret             : foobar
AllowedTenants           : {samirtestbc.onmicrosoft.com}
Authority                : login.microsoftonline.com
SignupPolicyName         : B2C_1_signup-policy
SigninPolicyName         :
ProfileEditingPolicyName :
PasswordResetPolicyName  :
Id                       : /subscriptions/subid/resourceGroups/Api-Default-WestUS/providers/Microsoft.ApiManagement/service/contoso/identityProviders/AadB2C
ResourceGroupName        : Api-Default-WestUS
ServiceName              : contoso

This command configures Facebook Identity as a accepted Identity Provider on the Developer Portal of the ApiManagement service. This takes as input the ClientId and ClientSecret of the Facebook app.

Parameters

-AllowedTenants

List of allowed Azure Active Directory Tenants

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Authority

OpenID Connect discovery endpoint hostname for AAD or AAD B2C. This parameter is optional.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ClientId

Client Id of the Application in the external Identity Provider. It is App ID for Facebook login, Client ID for Google login, App ID for Microsoft.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ClientSecret

Client secret of the Application in external Identity Provider, used to authenticate login request. For example, it is App Secret for Facebook login, API Key for Google login, Public Key for Microsoft.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Context

Instance of PsApiManagementContext. This parameter is required.

Type:PsApiManagementContext
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PasswordResetPolicyName

Password Reset Policy Name. Only applies to AAD B2C Identity Provider. This parameter is optional.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ProfileEditingPolicyName

Profile Editing Policy Name. Only applies to AAD B2C Identity Provider. This parameter is optional.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SigninPolicyName

Signin Policy Name. Only applies to AAD B2C Identity Provider. This parameter is optional.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SigninTenant

Signin Tenant to override in AAD B2C instead of the common Tenant

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SignupPolicyName

Signup Policy Name. Only applies to AAD B2C Identity Provider. This parameter is optional.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Type

Identifier of a Identity Provider. If specified will try to find identity provider configuration by the identifier. This parameter is optional.

Type:PsApiManagementIdentityProviderType
Accepted values:Facebook, Google, Microsoft, Twitter, Aad, AadB2C
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PsApiManagementContext

PsApiManagementIdentityProviderType

String

String[]

Outputs

PsApiManagementIdentityProvider