0

I am trying to create an app registration in Azure AD B2C. I need to add a scope using Azure CLI (which can be added by going to Expose a API blade in portal)

I can retrieve my app using

az rest --method GET --uri https://graph.microsoft.com/v1.0/applications/id

enter image description here

But when I run the following command

az ad app update --id 'id' --set api.oauth2PermissionScopes=@scopes.json

I get this error Couldn't find 'api' in ''. Available options: []

Here is the scopes.json file

{
    "api": {
      "oauth2PermissionScopes": [
        {
          "type": "User",
          "isEnabled": true,
          "adminConsentDisplayName": "deafult",
          "adminConsentDescription": "deafult",
          "id": "73a43c0e-9a5e-4646-9d1e-c56a43279f99",
          "value": "deafult",
          "userConsentDisplayName": "deafult",
          "userConsentDescription": "deafult"
        }
      ]
    }
}

Any suggestions would be much appreciated

Dilpreet
  • 37
  • 1
  • 6

1 Answers1

0

I tried in my environment and got below results:

The latest Azure CLI command "az ad app update" does not include the oauth2permissions anymore.

I tried with below scripts and added scope successfully.

$AppId ="your application id"
$scopeGUID = [guid]::NewGuid()
$permission = @{
    adminConsentDescription="admin only"
    adminConsentDisplayName="readwrite" 
    id="$scopeGUID"
    isEnabled=$true
    type="User"
    userConsentDescription="null"
    userConsentDisplayName="null"
    value="readwrite"
}
$azAppObjId = (az ad app show --id $AppId | ConvertFrom-JSON).id
$accesstoken = (Get-AzAccessToken -Resource "https://graph.microsoft.com/").Token
$header = @{
    'Content-Type' = 'application/json'
    'Authorization' = 'Bearer ' + $accesstoken
}
$bodyaccess = @{
    'api' = @{
        'oauth2PermissionScopes' = @($permission)
    }
}|ConvertTo-Json -d 3
Invoke-RestMethod -Method Patch -Headers $header -Uri "https://graph.microsoft.com/v1.0/applications/$azAppObjId" -Body $bodyaccess

Powershell: enter image description here

Portal: enter image description here

Also checked with commands:

 az ad app show --id < application id >

Output: enter image description here

Reference: Please refer the similar kind of SO-Thread which is resolved by A2AdminGuy.

Venkatesan
  • 3,748
  • 1
  • 3
  • 15