你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzContainerAppIdentityProviderObject
Create an in-memory object for IdentityProviders.
Syntax
New-AzContainerAppIdentityProviderObject
[-AllowedPrincipalGroup <String[]>]
[-AllowedPrincipalIdentity <String[]>]
[-AppleEnabled <Boolean>]
[-AppleLoginScope <String[]>]
[-AppleRegistrationClientId <String>]
[-AppleRegistrationClientSecretSettingName <String>]
[-AzureActiveDirectoryEnabled <Boolean>]
[-AzureActiveDirectoryIsAutoProvisioned <Boolean>]
[-AzureActiveDirectoryRegistrationClientId <String>]
[-AzureActiveDirectoryRegistrationClientSecretSettingName <String>]
[-AzureActiveDirectoryValidationAllowedAudience <String[]>]
[-AzureStaticWebAppEnabled <Boolean>]
[-AzureStaticWebAppsRegistrationClientId <String>]
[-CustomOpenIdConnectProvider <IIdentityProvidersCustomOpenIdConnectProviders>]
[-DefaultAuthorizationPolicyAllowedApplication <String[]>]
[-FacebookEnabled <Boolean>]
[-FacebookGraphApiVersion <String>]
[-FacebookLoginScope <String[]>]
[-GitHubEnabled <Boolean>]
[-GitHubLoginScope <String[]>]
[-GitHubRegistrationClientId <String>]
[-GitHubRegistrationClientSecretSettingName <String>]
[-GoogleEnabled <Boolean>]
[-GoogleLoginScope <String[]>]
[-GoogleRegistrationClientId <String>]
[-GoogleRegistrationClientSecretSettingName <String>]
[-GoogleValidationAllowedAudience <String[]>]
[-JwtClaimCheckAllowedClientApplication <String[]>]
[-JwtClaimCheckAllowedGroup <String[]>]
[-LoginDisableWwwAuthenticate <Boolean>]
[-LoginParameter <String[]>]
[-RegistrationAppId <String>]
[-RegistrationAppSecretSettingName <String>]
[-RegistrationClientSecretCertificateIssuer <String>]
[-RegistrationClientSecretCertificateSubjectAlternativeName <String>]
[-RegistrationClientSecretCertificateThumbprint <String>]
[-RegistrationConsumerKey <String>]
[-RegistrationConsumerSecretSettingName <String>]
[-RegistrationOpenIdIssuer <String>]
[-TwitterEnabled <Boolean>]
[<CommonParameters>]
Description
Create an in-memory object for IdentityProviders.
Examples
Example 1: Create an IdentityProviders object for AuthConfig.
New-AzContainerAppIdentityProviderObject -RegistrationAppId xxxxxx@xxx.com -RegistrationAppSecretSettingName redis-secret
... : ...
RegistrationAppId : xxxxxx@xxx.com
RegistrationAppSecretSettingName : redis-secret
... : ...
Create an IdentityProviders object for AuthConfig.
Parameters
-AllowedPrincipalGroup
The list of the allowed groups.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedPrincipalIdentity
The list of the allowed identities.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppleEnabled
<code>false</code> if the Apple provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppleLoginScope
A list of the scopes that should be requested while authenticating.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppleRegistrationClientId
The Client ID of the app used for login.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppleRegistrationClientSecretSettingName
The app setting name that contains the client secret.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureActiveDirectoryEnabled
<code>false</code> if the Azure Active Directory provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureActiveDirectoryIsAutoProvisioned
Gets a value indicating whether the Azure AD configuration was auto-provisioned using 1st party tooling. This is an internal flag primarily intended to support the Azure Management Portal. Users should not read or write to this property.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureActiveDirectoryRegistrationClientId
The Client ID of this relying party application, known as the client_id. This setting is required for enabling OpenID Connection authentication with Azure Active Directory or other 3rd party OpenID Connect providers. More information on OpenID Connect: http://openid.net/specs/openid-connect-core-1_0.html.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureActiveDirectoryRegistrationClientSecretSettingName
The app setting name that contains the client secret of the relying party application.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureActiveDirectoryValidationAllowedAudience
The list of audiences that can make successful authentication/authorization requests.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureStaticWebAppEnabled
<code>false</code> if the Azure Static Web Apps provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AzureStaticWebAppsRegistrationClientId
The Client ID of the app used for login.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomOpenIdConnectProvider
The map of the name of the alias of each custom Open ID Connect provider to the configuration settings of the custom Open ID Connect provider.
Type: | IIdentityProvidersCustomOpenIdConnectProviders |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultAuthorizationPolicyAllowedApplication
The configuration settings of the Azure Active Directory allowed applications.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FacebookEnabled
<code>false</code> if the Facebook provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FacebookGraphApiVersion
The version of the Facebook api to be used while logging in.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FacebookLoginScope
A list of the scopes that should be requested while authenticating.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GitHubEnabled
<code>false</code> if the GitHub provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GitHubLoginScope
A list of the scopes that should be requested while authenticating.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GitHubRegistrationClientId
The Client ID of the app used for login.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GitHubRegistrationClientSecretSettingName
The app setting name that contains the client secret.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GoogleEnabled
<code>false</code> if the Google provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GoogleLoginScope
A list of the scopes that should be requested while authenticating.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GoogleRegistrationClientId
The Client ID of the app used for login.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GoogleRegistrationClientSecretSettingName
The app setting name that contains the client secret.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GoogleValidationAllowedAudience
The configuration settings of the allowed list of audiences from which to validate the JWT token.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-JwtClaimCheckAllowedClientApplication
The list of the allowed client applications.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-JwtClaimCheckAllowedGroup
The list of the allowed groups.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LoginDisableWwwAuthenticate
<code>true</code> if the www-authenticate provider should be omitted from the request; otherwise, <code>false</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LoginParameter
Login parameters to send to the OpenID Connect authorization endpoint when a user logs in. Each parameter must be in the form "key=value".
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationAppId
The App ID of the app used for login.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationAppSecretSettingName
The app setting name that contains the app secret.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationClientSecretCertificateIssuer
An alternative to the client secret thumbprint, that is the issuer of a certificate used for signing purposes. This property acts as a replacement for the Client Secret Certificate Thumbprint. It is also optional.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationClientSecretCertificateSubjectAlternativeName
An alternative to the client secret thumbprint, that is the subject alternative name of a certificate used for signing purposes. This property acts as a replacement for the Client Secret Certificate Thumbprint. It is also optional.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationClientSecretCertificateThumbprint
An alternative to the client secret, that is the thumbprint of a certificate used for signing purposes. This property acts as a replacement for the Client Secret. It is also optional.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationConsumerKey
The OAuth 1.0a consumer key of the Twitter application used for sign-in. This setting is required for enabling Twitter Sign-In. Twitter Sign-In documentation: https://dev.twitter.com/web/sign-in.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationConsumerSecretSettingName
The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegistrationOpenIdIssuer
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.
When using Azure Active Directory, this value is the URI of the directory tenant, e.g.
https://login.microsoftonline.com/v2.0/{tenant-guid}/
.
This URI is a case-sensitive identifier for the token issuer.
More information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TwitterEnabled
<code>false</code> if the Twitter provider should not be enabled despite the set registration; otherwise, <code>true</code>.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |