Create Azure Active Directory App Registration with Azure CLI

Picture: Microsoft

Create Azure Active Directory App Registration with Azure CLI

There are now an insane number of ways to register applications in Azure Active Directory - but many ways are no longer supported or have been discontinued, for example the old Azure PowerShell tools.

However, new tools - for example PowerShell Az - do not support all features, are not well documented or do not behave as expected. In addition, for months there has been a bug in PowerShell that makes the tooling installation take up to 60 minutes! Powershell Gallery slowness: Install-Module -Name Az takes 60 minutes instead of 3

However, one way is still stable and working: the Azure CLI.

Install Azure CLI

Using WinGet:

winget install -e --id Microsoft.AzureCLI

Using Chocolatey:

choco install azure-cli

Manual Install: Azure CLI Docs

Login

Login into your Azure Account from CLI:

az login

or use device code login to use a custom browser window (e.g. multi account feature of your browser):

az login --use-device-code

Select a subscription

az account set --subscription $subscriptionId

Create Azure App Registration

When creating the app, it is important to consider what type of app is desired. By default, certain parameters always refer to a web app, e.g. Reply URLs. If a SPA is desired, an update must also take place after the creation!

Create WebApp

$uri = "https://ba-sample-webapp.azurewebsites.net/"
$appName = "Benjamin Abt Sample WebApp"
$appHomepage = "https://ba-sample-webapp.azurewebsites.net/"
$appReplyUrls = @("https://ba-sample-webapp.azurewebsites.net/",
            "https://ba-sample-webapp.azurewebsites.net/logout/")

Write-Host "Web App Creating.."
$app = az ad app create --display-name $appName  `
    --homepage $appHomepage                      `
    --reply-urls $appReplyUrls                   `
    | ConvertFrom-Json
Write-Host "Web App $($app.appId) Created."

Create SPA App

$uri = "https://ba-sample-webapp.azurewebsites.net/"
$appName = "Benjamin Abt Sample WebApp"
$appHomepage = "https://ba-sample-webapp.azurewebsites.net/"
$appReplyUrls = @("https://ba-sample-webapp.azurewebsites.net/",
            "https://ba-sample-webapp.azurewebsites.net/logout/")

Write-Host "SPA App Creating.."
$app = az ad app create --display-name $appName   `
    --homepage $appHomepage                       `
    | ConvertFrom-Json
Write-Host "SPA App $($app.appId) Created."

Write-Host "SPA App Updating.."
# there is no CLI support to add reply urls to a SPA, so we have to patch manually via az rest
$appPatchUri = "https://graph.microsoft.com/v1.0/applications/{0}" -f $app.objectId
$appReplyUrlsString = "'{0}'" -f ($appReplyUrls -join "','")
$appPatchBody = "{spa:{redirectUris:[$appReplyUrlsString]}}"
az rest --method PATCH --uri $appPatchUri --headers 'Content-Type=application/json'    `
    --body $appPatchBody
Write-Host "SPA App Updated."

Docs

Conclusion:

It is still very simple and fast to create Azure AD App Registrations, however it is just not well documented.