New-AzApiManagementAuthorizationServer

Creates an authorization server.

Syntax

New-AzApiManagementAuthorizationServer
   -Context <PsApiManagementContext>
   [-ServerId <String>]
   -Name <String>
   [-Description <String>]
   -ClientRegistrationPageUrl <String>
   -AuthorizationEndpointUrl <String>
   -TokenEndpointUrl <String>
   -ClientId <String>
   [-ClientSecret <String>]
   [-AuthorizationRequestMethods <PsApiManagementAuthorizationRequestMethod[]>]
   -GrantTypes <PsApiManagementGrantType[]>
   -ClientAuthenticationMethods <PsApiManagementClientAuthenticationMethod[]>
   [-TokenBodyParameters <Hashtable>]
   [-SupportState <Boolean>]
   [-DefaultScope <String>]
   -AccessTokenSendingMethods <PsApiManagementAccessTokenSendingMethod[]>
   [-ResourceOwnerUsername <String>]
   [-ResourceOwnerPassword <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzApiManagementAuthorizationServer cmdlet creates an Azure API Management authorization server.

Examples

Example 1: Create an authorization server

$ApiMgmtContext = New-AzApiManagementContext -ResourceGroupName "Api-Default-WestUS" -ServiceName "contoso"
New-AzApiManagementAuthorizationServer -Context $ApiMgmtContext -Name "Contoso OAuth2 server" -ClientRegistrationPageUrl "https://contoso/signup" -AuthorizationEndpointUrl "https://contoso/auth" -TokenEndpointUrl "https://contoso/token" -ClientId "clientid" -ClientSecret "e041ed1b660b4eadbad5a29d066e6e88" -AuthorizationRequestMethods @('Get', 'Post') -GrantTypes @( 'AuthorizationCode', 'Implicit', 'ResourceOwnerPassword', 'ClientCredentials') -ClientAuthenticationMethods @('Basic') -TokenBodyParameters @{'par1'='val1'; 'par2'='val2'} -AccessTokenSendingMethods @('AuthorizationHeader', 'Query') -ResourceOwnerUsername "ivan" -ResourceOwnerPassword "qwerty"

This command creates an authorization server.

Example 2

Creates an authorization server. (autogenerated)

New-AzApiManagementAuthorizationServer -AccessTokenSendingMethods AuthorizationHeader -AuthorizationEndpointUrl 'https://contoso/auth' -AuthorizationRequestMethods Get -ClientAuthenticationMethods Basic -ClientId 'clientid' -ClientRegistrationPageUrl 'https://contoso/signup' -ClientSecret '0000000000000000000000000000000000000' -Context <PsApiManagementContext> -GrantTypes AuthorizationCode -Name 'Contoso OAuth2 server' -ServerId '0123456789' -TokenBodyParameters @{'par1'='val1'} -TokenEndpointUrl 'https://contoso/token'

Parameters

-AccessTokenSendingMethods

Specifies an array of methods to send an access token. psdx_paramvalues AuthorizationHeader and Query.

Type:PsApiManagementAccessTokenSendingMethod[]
Accepted values:AuthorizationHeader, Query
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-AuthorizationEndpointUrl

Specifies the authorization endpoint to authenticate resource owners and obtain authorization grants.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-AuthorizationRequestMethods

Specifies an array of authorization request methods. Valid values are: GET, POST. The default value is GET.

Type:PsApiManagementAuthorizationRequestMethod[]
Accepted values:Get, Post, Head, Options, Trace, Put, Patch, Delete
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ClientAuthenticationMethods

Specifies an array of client authentication methods. psdx_paramvalues Basic and Body.

Type:PsApiManagementClientAuthenticationMethod[]
Accepted values:Basic, Body
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ClientId

Specifies the client ID of the developer console that is the client application.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ClientRegistrationPageUrl

Specifies the client registration endpoint to register clients with the authorization server and obtain client credentials.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ClientSecret

Specifies the client secret of developer console that is the client application.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Context

Specifies a PsApiManagementContext object.

Type:PsApiManagementContext
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultScope

Specifies the default scope for the authorization server.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Description

Specifies a description for an authorization server.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-GrantTypes

Specifies an array of grant types. psdx_paramvalues

  • AuthorizationCode
  • ClientCredentials
  • Implicit
  • ResourceOwnerPassword
Type:PsApiManagementGrantType[]
Accepted values:AuthorizationCode, Implicit, ResourceOwnerPassword, ClientCredentials
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

Specifies the name of the authorization server to create.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ResourceOwnerPassword

Specifies the resource owner password. You must specify this parameter is required if ResourceOwnerPassword is specified by the GrantTypes parameter.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceOwnerUsername

Specifies the resource owner user name. You must specify this parameter if ResourceOwnerPassword is specified by the GrantTypes parameter.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ServerId

Specifies the ID of the authorization server to create.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SupportState

Indicates whether to support the State parameter.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TokenBodyParameters

Specifies additional body parameters using application/x-www-form-urlencoded format.

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TokenEndpointUrl

Specifies the token endpoint URL that is used by clients to obtain access tokens in exchange for presenting authorization grants or refresh tokens.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

Inputs

PsApiManagementContext

String

PsApiManagementAuthorizationRequestMethod[]

PsApiManagementGrantType[]

PsApiManagementClientAuthenticationMethod[]

Hashtable

Nullable<T>[[System.Boolean, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]

PsApiManagementAccessTokenSendingMethod[]

Outputs

PsApiManagementOAuth2AuthorizationServer