Update-AzContainerAppAuthConfig

update the AuthConfig for a Container App.

Syntax

Update-AzContainerAppAuthConfig
      -ContainerAppName <String>
      -Name <String>
      -ResourceGroupName <String>
      [-SubscriptionId <String>]
      [-CookieExpirationConvention <String>]
      [-CookieExpirationTimeToExpiration <String>]
      [-ForwardProxyConvention <String>]
      [-ForwardProxyCustomHostHeaderName <String>]
      [-ForwardProxyCustomProtoHeaderName <String>]
      [-GlobalValidationExcludedPath <String[]>]
      [-GlobalValidationRedirectToProvider <String>]
      [-GlobalValidationUnauthenticatedClientAction <String>]
      [-HttpSettingRequireHttps]
      [-IdentityProvider <IIdentityProviders>]
      [-LoginAllowedExternalRedirectUrl <String[]>]
      [-LoginPreserveUrlFragmentsForLogin]
      [-NonceExpirationInterval <String>]
      [-NonceValidateNonce]
      [-PlatformEnabled]
      [-PlatformRuntimeVersion <String>]
      [-RouteApiPrefix <String>]
      [-RouteLogoutEndpoint <String>]
      [-DefaultProfile <PSObject>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzContainerAppAuthConfig
      -Name <String>
      -ContainerAppInputObject <IAppIdentity>
      [-CookieExpirationConvention <String>]
      [-CookieExpirationTimeToExpiration <String>]
      [-ForwardProxyConvention <String>]
      [-ForwardProxyCustomHostHeaderName <String>]
      [-ForwardProxyCustomProtoHeaderName <String>]
      [-GlobalValidationExcludedPath <String[]>]
      [-GlobalValidationRedirectToProvider <String>]
      [-GlobalValidationUnauthenticatedClientAction <String>]
      [-HttpSettingRequireHttps]
      [-IdentityProvider <IIdentityProviders>]
      [-LoginAllowedExternalRedirectUrl <String[]>]
      [-LoginPreserveUrlFragmentsForLogin]
      [-NonceExpirationInterval <String>]
      [-NonceValidateNonce]
      [-PlatformEnabled]
      [-PlatformRuntimeVersion <String>]
      [-RouteApiPrefix <String>]
      [-RouteLogoutEndpoint <String>]
      [-DefaultProfile <PSObject>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzContainerAppAuthConfig
      -InputObject <IAppIdentity>
      [-CookieExpirationConvention <String>]
      [-CookieExpirationTimeToExpiration <String>]
      [-ForwardProxyConvention <String>]
      [-ForwardProxyCustomHostHeaderName <String>]
      [-ForwardProxyCustomProtoHeaderName <String>]
      [-GlobalValidationExcludedPath <String[]>]
      [-GlobalValidationRedirectToProvider <String>]
      [-GlobalValidationUnauthenticatedClientAction <String>]
      [-HttpSettingRequireHttps]
      [-IdentityProvider <IIdentityProviders>]
      [-LoginAllowedExternalRedirectUrl <String[]>]
      [-LoginPreserveUrlFragmentsForLogin]
      [-NonceExpirationInterval <String>]
      [-NonceValidateNonce]
      [-PlatformEnabled]
      [-PlatformRuntimeVersion <String>]
      [-RouteApiPrefix <String>]
      [-RouteLogoutEndpoint <String>]
      [-DefaultProfile <PSObject>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

update the AuthConfig for a Container App.

Examples

Example 1: Create the AuthConfig for a Container App.

Update-AzContainerAppAuthConfig -Name current -ContainerAppName azps-containerapp-2 -ResourceGroupName azps_test_group_app -PlatformEnabled -GlobalValidationUnauthenticatedClientAction RedirectToLoginPage -IdentityProvider $identity

Name    PlatformEnabled ResourceGroupName
----    --------------- -----------------
current True            azps_test_group_app

Create the AuthConfig for a Container App.

Example 2: Create the AuthConfig for a Container App.

$containerapp = Get-AzContainerApp -ResourceGroupName azps_test_group_app -Name azps-containerapp-2

Update-AzContainerAppAuthConfig -Name current -ContainerAppInputObject $containerapp -PlatformEnabled -GlobalValidationUnauthenticatedClientAction RedirectToLoginPage -IdentityProvider $identity

Name    PlatformEnabled ResourceGroupName
----    --------------- -----------------
current True            azps_test_group_app

Create the AuthConfig for a Container App.

Example 3: Create the AuthConfig for a Container App.

$authconfig = Get-AzContainerAppAuthConfig -Name current -ContainerAppName azps-containerapp-2 -ResourceGroupName azps_test_group_app

Update-AzContainerAppAuthConfig -InputObject $authconfig -PlatformEnabled -GlobalValidationUnauthenticatedClientAction RedirectToLoginPage -IdentityProvider $identity

Name    PlatformEnabled ResourceGroupName
----    --------------- -----------------
current True            azps_test_group_app

Create the AuthConfig for a Container App.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ContainerAppInputObject

Identity Parameter

Type:IAppIdentity
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ContainerAppName

Name of the Container App.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-CookieExpirationConvention

The convention used when determining the session cookie's expiration.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CookieExpirationTimeToExpiration

The time after the request is made when the session cookie should expire.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.

Type:PSObject
Aliases:AzureRMContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ForwardProxyConvention

The convention used to determine the url of the request made.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ForwardProxyCustomHostHeaderName

The name of the header containing the host of the request.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ForwardProxyCustomProtoHeaderName

The name of the header containing the scheme of the request.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-GlobalValidationExcludedPath

The paths for which unauthenticated flow would not be redirected to the login page.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-GlobalValidationRedirectToProvider

The default authentication provider to use when multiple providers are configured.This setting is only needed if multiple providers are configured and the unauthenticated clientaction is set to "RedirectToLoginPage".

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-GlobalValidationUnauthenticatedClientAction

The action to take when an unauthenticated client attempts to access the app.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-HttpSettingRequireHttps

<code>false</code> if the authentication/authorization responses not having the HTTPS scheme are permissible; otherwise, <code>true</code>.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IdentityProvider

The configuration settings of each of the identity providers used to configure ContainerApp Service Authentication/Authorization.

Type:IIdentityProviders
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Identity Parameter

Type:IAppIdentity
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-LoginAllowedExternalRedirectUrl

External URLs that can be redirected to as part of logging in or logging out of the app. Note that the query string part of the URL is ignored.This is an advanced setting typically only needed by Windows Store application backends.Note that URLs within the current domain are always implicitly allowed.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LoginPreserveUrlFragmentsForLogin

<code>true</code> if the fragments from the request are preserved after the login request is made; otherwise, <code>false</code>.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

Name of the Container App AuthConfig.

Type:String
Aliases:AuthConfigName
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-NonceExpirationInterval

The time after the request is made when the nonce should expire.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-NonceValidateNonce

<code>false</code> if the nonce should not be validated while completing the login flow; otherwise, <code>true</code>.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PlatformEnabled

<code>true</code> if the Authentication / Authorization feature is enabled for the current app; otherwise, <code>false</code>.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PlatformRuntimeVersion

The RuntimeVersion of the Authentication / Authorization feature in use for the current app.The setting in this value can control the behavior of certain features in the Authentication / Authorization module.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

The name of the resource group. The name is case insensitive.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RouteApiPrefix

The prefix that should precede all the authentication/authorization paths.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-RouteLogoutEndpoint

The endpoint at which a logout request should be made.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SubscriptionId

The ID of the target subscription.

Type:String
Position:Named
Default value:(Get-AzContext).Subscription.Id
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

IAppIdentity

Outputs

IAuthConfig