New-PartnerAccessToken

Acquires an access token from Azure Active Directory.

Syntax

New-PartnerAccessToken
   -AccessToken <String>
   -ApplicationId <String>
   [-Credential <PSCredential>]
   [-Environment <EnvironmentName>]
   [-RefreshToken <String>]
   -Scopes <String[]>
   [-Tenant <String>]
   [-UseAuthorizationCode]
   [<CommonParameters>]
New-PartnerAccessToken
   -ApplicationId <String>
   -CertificateThumbprint <String>
   [-Environment <EnvironmentName>]
   [-RefreshToken <String>]
   -Scopes <String[]>
   [-ServicePrincipal]
   -Tenant <String>
   [-UseAuthorizationCode]
   [<CommonParameters>]
New-PartnerAccessToken
   -ApplicationId <String>
   -Credential <PSCredential>
   [-Environment <EnvironmentName>]
   [-RefreshToken <String>]
   -Scopes <String[]>
   [-ServicePrincipal]
   -Tenant <String>
   [-UseAuthorizationCode]
   [<CommonParameters>]
New-PartnerAccessToken
   -ApplicationId <String>
   [-Environment <EnvironmentName>]
   [-RefreshToken <String>]
   -Scopes <String[]>
   [-Tenant <String>]
   [-UseAuthorizationCode]
   [-UseDeviceAuthentication]
   [<CommonParameters>]

Description

Acquires an access token from Azure Active Directory.

Examples

Example 1: Generating a new access token

PS C:\> $credential = Get-Credential
PS C:\> New-PartnerAccessToken -ApplicationId 'xxxx-xxxx-xxxx-xxxx' -Scopes 'https://api.partnercenter.microsoft.com/user_impersonation' -ServicePrincipal -Credential $credential -Tenant 'xxxx-xxxx-xxxx-xxxx' -UseAuthorizationCode

The first command gets the service principal credentials (application identifier and service principal secret), and then stores them in the $credential variable. The second command will request a new access token from Azure Active Directory. When using the UseAuthorizationCode parameter you will be prompted to authentication interactively using the authorization code flow. The redirect URI value will generated dynamically. This generation process will attempt to find a port between 8400 and 8999 that is not in use. Once an available port has been found, the redirect URL value will be constructed (e.g. http://localhost:8400). So, it is important that you have configured the redirect URI value for your Azure Active Directory application accordingly.

Example 2: Generating an access token using a refresh token

PS C:\> $credential = Get-Credential
PS C:\> $refreshToken = '<refreshToken>'
PS C:\> New-PartnerAccessToken -ApplicationId 'xxxx-xxxx-xxxx-xxxx' -Credential $credential -RefreshToken $refreshToken -Scopes 'https://api.partnercenter.microsoft.com/user_impersonation' -ServicePrincipal -Tenant 'xxxx-xxxx-xxxx-xxxx'

The first command gets the service principal credentials (application identifier and service principal secret), and then stores them in the $credential variable. The third command will generate a new access token using the service principal credentials stored in the $credential variable and the refresh token stored in the $refreshToken variable for authentication.

Parameters

-AccessToken

The access token for Partner Center.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ApplicationId

The application identifier to be used during authentication.

Type:String
Aliases:ClientId
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CertificateThumbprint

Certificate Hash (Thumbprint)

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Credential

Credentials that represents the service principal.

Type:PSCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Environment

The environment use for authentication.

Type:EnvironmentName
Aliases:EnvironmentName
Accepted values:AzureCloud, AzureChinaCloud, AzureGermanCloud, AzurePPE, AzureUSGovernment
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RefreshToken

The refresh token to use during authentication.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Scopes

Scopes requested to access a protected API.

Type:String[]
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ServicePrincipal

{{ Fill ServicePrincipal Description }}

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Tenant

The identifier of the Azure AD tenant.

Type:String
Aliases:Domain, TenantId
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-UseAuthorizationCode

Use the authorization code flow during authentication.

Type:SwitchParameter
Aliases:AuthCode
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-UseDeviceAuthentication

Use device code authentication instead of a browser control

Type:SwitchParameter
Aliases:DeviceCode, DeviceAuth, Device
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

Microsoft.Store.PartnerCenter.PowerShell.Models.Authentication.AuthResult