No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

It is the only provider for AzureAD. What features are missing and what issues are you having?

I'm missing to set it as a Spa type of application. I can use web as workaround but that requires implicit grant.

I've also seen that when I do set `accessTokenIssuanceEnabled` to true I can't set it back to false afterwards which is annoying.

I thought I missed the features of setting API permissions, but that is named `requiredResourceAccesses` in the provider :upside_down_face:

A consequence of this is that we can use the msal 2.0 library, which is recommended. Is there a work around that can be used to set it an azure ad app to spa?

So the workaround I ended up with was:

1. Create Azure AD app
2. Authenticate using azure/msal-node
3. Patch the resource using Azure graph api

I know have my azure app configured as a spa.

I also think I know what the problem is with the underlying terraform provider, it looks like it is using the v1.0 API and not the beta version which has a section for spa.