Edit

Share via

New-AzureADApplicationKeyCredential

Module:
AzureAD Module

Creates a key credential for an application.

Syntax

Default (Default) 

New-AzureADApplicationKeyCredential
    -ObjectId <String>
    [-CustomKeyIdentifier <String>]
    [-StartDate <DateTime>]
    [-EndDate <DateTime>]
    [-Type <KeyType>]
    [-Usage <KeyUsage>]
    [-Value <String>]
    [-InformationAction <ActionPreference>]
    [-InformationVariable <String>]
    [<CommonParameters>]

Description

The New-AzureADApplicationKeyCredential cmdlet creates a key credential for an application.

Examples

Example 1: Create a new application key credential

PS C:\> $AppID = (Get-AzureADApplication -Top 1).Objectid
PS C:\> New-AzureADApplicationKeyCredential -ObjectId $AppId -CustomKeyIdentifier "Test" -StartDate "11/7/2016" -Type "Symmetric" -Usage "Sign" -Value "123"

CustomKeyIdentifier : {84, 101, 115, 116}
EndDate             : 11/7/2017 12:00:00 AM
KeyId               : aaaaaaaa-0b0b-1c1c-2d2d-333333333333
StartDate           : 11/7/2016 12:00:00 AM
Type                : Symmetric
Usage               : Sign
Value               : {49, 50, 51}

The first command gets the ID of an application by using the Get-AzureADApplication (./Get-AzureADApplication.md)cmdlet. The command stores it in the $AppId variable.

The second command creates the application key credential for the application identified by $AppId.

Example 2: Use a certificate to add an application key credential

PS C:\> $cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 #create a new certificate object
PS C:\> $cer.Import("C:\Users\PFuller\Desktop\abc.cer")
PS C:\> $bin = $cer.GetRawCertData()
PS C:\> $base64Value = [System.Convert]::ToBase64String($bin)
PS C:\> $bin = $cer.GetCertHash()
PS C:\> $base64Thumbprint = [System.Convert]::ToBase64String($bin)

PS C:\> New-AzureADApplicationKeyCredential -ObjectId $AppID -CustomKeyIdentifier $base64Thumbprint -Type AsymmetricX509Cert -Usage Verify -Value $base64Value -StartDate $cer.GetEffectiveDateString() -EndDate $cer.GetExpirationDateString()

The first seven commands create values for the application key credential and stores them in variables.

The final command adds the key credential to the application.

Parameters

-CustomKeyIdentifier

Specifies a custom key ID.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-EndDate

Specifies the time when the key becomes invalid as a DateTime object.

Parameter properties

Type:DateTime
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-InformationAction

Specifies how this cmdlet responds to an information event.

The acceptable values for this parameter are:

  • Continue
  • Ignore
  • Inquire
  • SilentlyContinue
  • Stop
  • Suspend

Parameter properties

Type:ActionPreference
Default value:None
Supports wildcards:False
DontShow:False
Aliases:infa

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-InformationVariable

Specifies an information variable.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:iv

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ObjectId

Specifies a unique ID of an application in Azure Active Directory.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-StartDate

Specifies the time when the key becomes valid as a DateTime object.

Parameter properties

Type:DateTime
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-Type

Specifies the type of the key.

Parameter properties

Type:KeyType
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-Usage

Specifies the key usage.

Parameter properties

Type:KeyUsage
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-Value

Specifies the value for the key.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.