Add-AdfsClient

Add-AdfsClient

Registers an OAuth 2.0 client with AD FS.

Syntax

Parameter Set: Name
Add-AdfsClient [-ClientId] <String> [-Name] <String> [[-RedirectUri] <Uri[]> ] [-Description <String> ] [-PassThru] [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

The Add-AdfsClient cmdlet registers an OAuth client with Active Directory Federation Services (AD FS). In order to allow access from OAuth clients to resources secured by AD FS, you need to register the OAuth client with AD FS by using this cmdlet.

When you register an OAuth 2.0 client with AD FS, you must specify a client identifier and a redirection URI, as well as a friendly name and description, for the OAuth client. When an OAuth client requests access to a resource using the OAuth 2.0 protocol, the client must specify a client identifier and redirection URI to AD FS, in accordance with RFC 6749. AD FS will not allow access to a resource to clients that specify a client identifier or redirection URI that are not registered with AD FS.

Parameters

-ClientId<String>

Specifies a client identifier. The cmdlet adds a client identifier for the OAuth 2.0 client to register with AD FS. You can also use GUIDs to represent client identifiers.

-Description<String>

Specifies a description. The cmdlet adds a description for the OAuth 2.0 client to register with AD FS.

-Name<String>

Specifies a name. The cmdlet adds a name for the OAuth 2.0 client to register with AD FS.

-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

-RedirectUri<Uri[]>

Specifies one or more redirection URIs. The cmdlet adds the redirection URIs for the OAuth 2.0 client to register with AD FS. The OAuth 2.0 client specifies the redirection URI when it requests authorization to access a resource secured byAD FS. You can register more than one redirection URI for a single client identifier. The redirect URI must be a valid URI.

-Confirm

Prompts you for confirmation before running the cmdlet.

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

• string, string, uri[], string

Outputs

The output type is the type of the objects that the cmdlet emits.

• System.Object

Examples

Example 1: Add a client

This command registers an OAuth 2.0 client with AD FS by using a client identifier, redirection URI, name and description.

PS C:\> Add-AdfsClient -Name "Payroll Application" -ClientId "ab762716-544d-4aeb-a526-687b73838a33" -RedirectUri "ms-app://s-1-15-2-2205112887-4282980309-3272664163-2407253042-283898840-27493891-3661245662/" -Description "OAuth 2.0 client for our Payroll application"

Example 2: Add a client with multiple redirection URIs

This command registers an OAuth 2.0 client with a client identifier, two redirection URIs, a name and description with AD FS. The command uses two different redirections URIs to denote multiple forms of the application that may use different redirection URIs,

PS C:\> Add-AdfsClient -Name "Payroll Application" -ClientId "ab762716-544d-4aeb-a526-687b73838a33" -RedirectUri @("ms-app://s-1-15-2-2205112887-4282980309-3272664163-2407253042-283898840-27493891-3661245662/", "https://Contosopayrollapplication/oauthclient/") -Description "OAuth 2.0 client for our Payroll application"

Related topics

Disable-AdfsClient

Enable-AdfsClient

Get-AdfsClient

Remove-AdfsClient

Set-AdfsClient