https://pulumi.com logo
Title
w

wet-noon-14291

06/08/2021, 11:15 AM
Is azuread the only provider for azure active directory at the moment? I do find that it is missing some features and is buggy as well, like setting a property to true and the false only make the switch to true but not back (even with
deleteBeforeReplace
set to true). I also can't configure azure ad app in "spa mode".
b

brave-planet-10645

06/08/2021, 12:49 PM
It is the only provider for AzureAD. What features are missing and what issues are you having?
w

wet-noon-14291

06/08/2021, 2:37 PM
I'm missing to set it as a Spa type of application. I can use web as workaround but that requires implicit grant. I've also seen that when I do set
accessTokenIssuanceEnabled
to true I can't set it back to false afterwards which is annoying.
I thought I missed the features of setting API permissions, but that is named
requiredResourceAccesses
in the provider 🙃
A consequence of this is that we can use the msal 2.0 library, which is recommended. Is there a work around that can be used to set it an azure ad app to spa?
So the workaround I ended up with was: 1. Create Azure AD app 2. Authenticate using azure/msal-node 3. Patch the resource using Azure graph api I know have my azure app configured as a spa. I also think I know what the problem is with the underlying terraform provider, it looks like it is using the v1.0 API and not the beta version which has a section for spa.