是的,您可以通过PowerShell更新Azure AD应用程序的清单。
特别是为了添加应用程序角色,这是一个PowerShell脚本。
如果您在创建新应用程序时尝试执行此操作,请使用
New-AzureADApplication代替
Set-AzureADApplication。
Connect-AzureAD -TenantId <Tenant GUID># Create an application role of given name and descriptionFunction CreateAppRole([string] $Name, [string] $Description){ $appRole = New-Object Microsoft.Open.AzureAD.Model.AppRole $appRole.AllowedMemberTypes = New-Object System.Collections.Generic.List[string] $appRole.AllowedMemberTypes.Add("User"); $appRole.DisplayName = $Name $appRole.Id = New-Guid $appRole.IsEnabled = $true $appRole.Description = $Description $appRole.Value = $Name; return $appRole}# ObjectId for application from App Registrations in your AzureAD$appObjectId = "<Your Application Object Id>"$app = Get-AzureADApplication -ObjectId $appObjectId$appRoles = $app.AppRolesWrite-Host "App Roles before addition of new role.."Write-Host $appRoles$newRole = CreateAppRole -Name "MyNewApplicationRole" -Description "This is my new Application Role"$appRoles.Add($newRole)Set-AzureADApplication -ObjectId $app.ObjectId -AppRoles $appRoles
