Partilhar via


Authorization Provider - Create Or Update

Creates or updates authorization provider.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/authorizationProviders/{authorizationProviderId}?api-version=2024-05-01

URI Parameters

Name In Required Type Description
authorizationProviderId
path True

string

Identifier of the authorization provider.

Regex pattern: ^[^*#&+:<>?]+$

resourceGroupName
path True

string

The name of the resource group. The name is case insensitive.

serviceName
path True

string

The name of the API Management service.

Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$

subscriptionId
path True

string

uuid

The ID of the target subscription. The value must be an UUID.

api-version
query True

string

The API version to use for this operation.

Request Header

Name Required Type Description
If-Match

string

ETag of the Entity. Not required when creating an entity, but required when updating an entity.

Request Body

Name Type Description
properties.displayName

string

Authorization Provider name. Must be 1 to 300 characters long.

properties.identityProvider

string

Identity provider name. Must be 1 to 300 characters long.

properties.oauth2

AuthorizationProviderOAuth2Settings

OAuth2 settings

Responses

Name Type Description
200 OK

AuthorizationProviderContract

The existing Authorization provider was successfully updated.

Headers

ETag: string

201 Created

AuthorizationProviderContract

Authorization provider was successfully created.

Headers

ETag: string

Other Status Codes

ErrorResponse

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

ApiManagementCreateAuthorizationProviderAADAuthCode
ApiManagementCreateAuthorizationProviderAADClientCred
ApiManagementCreateAuthorizationProviderGenericOAuth2
ApiManagementCreateAuthorizationProviderOOBGoogle

ApiManagementCreateAuthorizationProviderAADAuthCode

Sample request

PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithauthcode?api-version=2024-05-01

{
  "properties": {
    "displayName": "aadwithauthcode",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "clientsecretid",
          "clientSecret": "clientsecretvalue",
          "scopes": "User.Read.All Group.Read.All",
          "resourceUri": "https://graph.microsoft.com"
        }
      }
    }
  }
}

Sample response

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithauthcode",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "aadwithauthcode",
  "properties": {
    "displayName": "aadwithauthcode",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "53790825-fdd3-4b80-bc7a-4c3aaf25801d",
          "scopes": "User.Read.All Group.Read.All",
          "loginUri": "https://login.windows.net",
          "resourceUri": "https://graph.microsoft.com",
          "tenantId": "common"
        }
      }
    }
  }
}
{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithauthcode",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "aadwithauthcode",
  "properties": {
    "displayName": "aadwithauthcode",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "53790825-fdd3-4b80-bc7a-4c3aaf25801d",
          "scopes": "User.Read.All Group.Read.All",
          "loginUri": "https://login.windows.net",
          "resourceUri": "https://graph.microsoft.com",
          "tenantId": "common"
        }
      }
    }
  }
}

ApiManagementCreateAuthorizationProviderAADClientCred

Sample request

PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithclientcred?api-version=2024-05-01

{
  "properties": {
    "displayName": "aadwithclientcred",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "scopes": "User.Read.All Group.Read.All",
          "resourceUri": "https://graph.microsoft.com"
        }
      }
    }
  }
}

Sample response

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithclientcred",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "aadwithclientcred",
  "properties": {
    "displayName": "aadwithclientcred",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "clientCredentials": {
          "scopes": "User.Read.All Group.Read.All",
          "loginUri": "https://login.windows.net",
          "resourceUri": "https://graph.microsoft.com",
          "tenantId": "common"
        }
      }
    }
  }
}
{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/aadwithclientcred",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "aadwithclientcred",
  "properties": {
    "displayName": "aadwithclientcred",
    "identityProvider": "aad",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "clientCredentials": {
          "scopes": "User.Read.All Group.Read.All",
          "loginUri": "https://login.windows.net",
          "resourceUri": "https://graph.microsoft.com",
          "tenantId": "common"
        }
      }
    }
  }
}

ApiManagementCreateAuthorizationProviderGenericOAuth2

Sample request

PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/eventbrite?api-version=2024-05-01

{
  "properties": {
    "displayName": "eventbrite",
    "identityProvider": "oauth2",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "clientid",
          "clientSecret": "clientsecretvalue",
          "scopes": null,
          "authorizationUrl": "https://www.eventbrite.com/oauth/authorize",
          "refreshUrl": "https://www.eventbrite.com/oauth/token",
          "tokenUrl": "https://www.eventbrite.com/oauth/token"
        }
      }
    }
  }
}

Sample response

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/eventbrite",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "eventbrite",
  "properties": {
    "displayName": "eventbrite",
    "identityProvider": "oauth2",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "clientid",
          "scopes": null,
          "authorizationUrl": "https://www.eventbrite.com/oauth/authorize",
          "refreshUrl": "https://www.eventbrite.com/oauth/token",
          "tokenUrl": "https://www.eventbrite.com/oauth/token"
        }
      }
    }
  }
}
{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/eventbrite",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "eventbrite",
  "properties": {
    "displayName": "eventbrite",
    "identityProvider": "oauth2",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "clientid",
          "scopes": null,
          "authorizationUrl": "https://www.eventbrite.com/oauth/authorize",
          "refreshUrl": "https://www.eventbrite.com/oauth/token",
          "tokenUrl": "https://www.eventbrite.com/oauth/token"
        }
      }
    }
  }
}

ApiManagementCreateAuthorizationProviderOOBGoogle

Sample request

PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/google?api-version=2024-05-01

{
  "properties": {
    "displayName": "google",
    "identityProvider": "google",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "99999999-xxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
          "clientSecret": "clientsecretvalue",
          "scopes": "openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email"
        }
      }
    }
  }
}

Sample response

{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/google",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "google",
  "properties": {
    "displayName": "google",
    "identityProvider": "google",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "99999999-xxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
          "scopes": "openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email"
        }
      }
    }
  }
}
{
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/authorizationProviders/google",
  "type": "Microsoft.ApiManagement/service/authorizationProviders",
  "name": "google",
  "properties": {
    "displayName": "google",
    "identityProvider": "google",
    "oauth2": {
      "redirectUrl": "https://authorization-manager.consent.azure-apim.net/redirect/apim/apimService1",
      "grantTypes": {
        "authorizationCode": {
          "clientId": "99999999-xxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
          "scopes": "openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email"
        }
      }
    }
  }
}

Definitions

Name Description
AuthorizationProviderContract

Authorization Provider contract.

AuthorizationProviderOAuth2GrantTypes

Authorization Provider oauth2 grant types settings

AuthorizationProviderOAuth2Settings

OAuth2 settings details

ErrorAdditionalInfo

The resource management error additional info.

ErrorDetail

The error detail.

ErrorResponse

Error response

AuthorizationProviderContract

Authorization Provider contract.

Name Type Description
id

string

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

name

string

The name of the resource

properties.displayName

string

Authorization Provider name. Must be 1 to 300 characters long.

properties.identityProvider

string

Identity provider name. Must be 1 to 300 characters long.

properties.oauth2

AuthorizationProviderOAuth2Settings

OAuth2 settings

type

string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

AuthorizationProviderOAuth2GrantTypes

Authorization Provider oauth2 grant types settings

Name Type Description
authorizationCode

object

OAuth2 authorization code grant parameters

clientCredentials

object

OAuth2 client credential grant parameters

AuthorizationProviderOAuth2Settings

OAuth2 settings details

Name Type Description
grantTypes

AuthorizationProviderOAuth2GrantTypes

OAuth2 settings

redirectUrl

string

Redirect URL to be set in the OAuth application.

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.

type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.

code

string

The error code.

details

ErrorDetail[]

The error details.

message

string

The error message.

target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.