Hi Team,
I'm having some issues setting up an AzureAD app and giving it access to another app. (Bas...
i
incalculable-napkin-4298
07/09/2024, 7:36 AMHi Team,
I'm having some issues setting up an AzureAD app and giving it access to another app. (Basically, I want to allow an application client credentials access)
Copy code
var serverApp = new AzureAD.Application("my-app", new AzureAD.ApplicationArgs
{
DisplayName = "my-app",
IdentifierUris =
{
$"<api://my-app>",
},
Owners =
{
current.Apply(current => current.ObjectId),
},
SignInAudience = "AzureADMyOrg",
Tags = Tags.Select(x => x.Value).ToArray(),
Api = new AzureAD.Inputs.ApplicationApiArgs
{
Oauth2PermissionScopes =
{
new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
{
AdminConsentDescription = "give access",
AdminConsentDisplayName = "give-access",
Id = "69550FBB-E70E-4D68-8849-B4C9A62AFEA1",
Enabled = true,
Type = "User",
Value = "access",
},
},
},
}, new CustomResourceOptions()
{
IgnoreChanges = new List<string> { "owner", "owners" }
});
var clientApp = new AzureAD.Application("my-client", new AzureAD.ApplicationArgs
{
DisplayName = "my-client",
Owners =
{
current.Apply(current => current.ObjectId),
},
SignInAudience = "AzureADMyOrg",
Tags = Tags.Select(x => x.Value).ToArray()
}, new CustomResourceOptions()
{
IgnoreChanges = new List<string> { "owner", "owners" }
});
//Give another application access to this API
var apiPermission = new AzureAD.ApplicationApiAccess("api-access", new AzureAD.ApplicationApiAccessArgs
{
ApiClientId = serverApp.ApplicationId,
ApplicationId = clientApp.Id,
ScopeIds = serverApp.Oauth2PermissionScopeIds.Apply(x => x.Select(y => y.Value)),
});2 Views
Pulumi Community
No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.
Powered by