Add-AdfsClient
Add-AdfsClient
Registers an OAuth 2.0 client with AD FS.
Syntax
Parameter Set: Name
Add-AdfsClient [-ClientId] <String> [-Name] <String> [[-RedirectUri] <Uri[]> ] [-Description <String> ] [-PassThru] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Add-AdfsClient cmdlet registers an OAuth client with Active Directory Federation Services (AD FS). In order to allow access from OAuth clients to resources secured by AD FS, you need to register the OAuth client with AD FS by using this cmdlet.
When you register an OAuth 2.0 client with AD FS, you must specify a client identifier and a redirection URI, as well as a friendly name and description, for the OAuth client. When an OAuth client requests access to a resource using the OAuth 2.0 protocol, the client must specify a client identifier and redirection URI to AD FS, in accordance with RFC 6749. AD FS will not allow access to a resource to clients that specify a client identifier or redirection URI that are not registered with AD FS.
Parameters
-ClientId<String>
Specifies a client identifier. The cmdlet adds a client identifier for the OAuth 2.0 client to register with AD FS. You can also use GUIDs to represent client identifiers.
Aliases |
none |
Required? |
true |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Description<String>
Specifies a description. The cmdlet adds a description for the OAuth 2.0 client to register with AD FS.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Name<String>
Specifies a name. The cmdlet adds a name for the OAuth 2.0 client to register with AD FS.
Aliases |
none |
Required? |
true |
Position? |
2 |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-RedirectUri<Uri[]>
Specifies one or more redirection URIs. The cmdlet adds the redirection URIs for the OAuth 2.0 client to register with AD FS. The OAuth 2.0 client specifies the redirection URI when it requests authorization to access a resource secured byAD FS. You can register more than one redirection URI for a single client identifier. The redirect URI must be a valid URI.
Aliases |
none |
Required? |
false |
Position? |
3 |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
- string, string, uri[], string
Outputs
The output type is the type of the objects that the cmdlet emits.
- System.Object
Examples
Example 1: Add a client
This command registers an OAuth 2.0 client with AD FS by using a client identifier, redirection URI, name and description.
PS C:\> Add-AdfsClient -Name "Payroll Application" -ClientId "ab762716-544d-4aeb-a526-687b73838a33" -RedirectUri "ms-app://s-1-15-2-2205112887-4282980309-3272664163-2407253042-283898840-27493891-3661245662/" -Description "OAuth 2.0 client for our Payroll application"
Example 2: Add a client with multiple redirection URIs
This command registers an OAuth 2.0 client with a client identifier, two redirection URIs, a name and description with AD FS. The command uses two different redirections URIs to denote multiple forms of the application that may use different redirection URIs,
PS C:\> Add-AdfsClient -Name "Payroll Application" -ClientId "ab762716-544d-4aeb-a526-687b73838a33" -RedirectUri @("ms-app://s-1-15-2-2205112887-4282980309-3272664163-2407253042-283898840-27493891-3661245662/", "https://Contosopayrollapplication/oauthclient/") -Description "OAuth 2.0 client for our Payroll application"