Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Directory Structure:

  • Configurations

  • Permissions

  • ResourceAccess

  • Roles

  • app-registration-oauth2permissions.ps1

  • app-registration-reply-urls.ps1

  • app-registration-required-resource-access.ps1

  • app-registration-roles.ps1

  • app-registration.ps1

  • main.ps1

Configurations

...

Name

...

Type

...

Description/Value

...

name

...

STRING

Status
colourRed
titleRequired

...

identifierUris

...

owners

...

requiresAssignedUsers

...

logoutUrl

...

oAuth2PermissionsFile

...

appRolesFile

...

replyUrls

...

requiredResourceAccessFile

...

certificateAndSecrets

...

oauth2AllowImplicitFlow

...

oauth2AllowIdTokenImplicitFlow

...

Configurations

Name

Type

Description/Value

name

STRING

Status
colourRed
titleRequired

The display name for the app registration.

Example

"name": "NCD Workload Management Service API DEV"

identifierUris

[STRING]

The globally unique URI used to identify this web API. It is the prefix for scopes and in access tokens, it is the value of the audience claim. Also referred to as an identifier URI.

Example"identifierUris": [ "https://034gc.onmicrosoft.com/ncd-wms-dev", "api://CBDD9546-2A15-477B-A2BC-14A5702E6797" ]

owners

[STRING]

Users that can view and edit the application registration.

Example

Code Block
languagejson
"owners": [
      "walter.hoban@tc.gc.ca",
      "ivan.neganov@tc.gc.ca"
]

requiresAssignedUsers

BOOLEAN

Only users assigned to this application are allowed to access it.

Functions only with the following application types:

  • Federated Single Sign-on with SAML-based Authentication

  • Application proxy applications that use the Azure Active Directory Pre-Authorization

  • Applications build directly on the Azure AD application platform and use the OAuth 2.0 / OpenID Connect Authentication

Example

"requiresAssignedUsers": false

logoutUrl

STRING

Front-channel logout URL, used as a destination URL to where a user is redirected after logging out to clear the session data.

Example

"logoutUrl": "https://vessel-eregistry-dev.tc.gc.ca/signout-oidc"

oAuth2PermissionsFile

STRING

Example

"oAuth2PermissionsFile": "Permissions\\wms\\ncd-oauth2-permissions.json"

appRolesFile

STRING

replyUrls

[STRING]

requiredResourceAccessFile

STRING

certificateAndSecrets

[OBJECT]

oauth2AllowImplicitFlow

BOOLEAN

oauth2AllowIdTokenImplicitFlow

BOOLEAN

keyVaultEntries

[OBJECT]

Permissions

Name

Type

Description/Value

adminConsentDescription

STRING

Status
colourRed
titleRequired

adminConsentDisplayName

STRING

Status
colourRed
titleRequired

id

GUID

isEnabled

BOOLEAN

Status
colourRed
titleRequired

type

STRING

Status
colourRed
titleRequired

userConsentDescription

STRING

Status
colourRed
titleRequired

userConsentDisplayName

STRING

Status
colourRed
titleRequired

value

STRING

Status
colourRed
titleRequired

Resource Access

Name

Type

Description/Value

appName

STRING

Status
colourRed
titleRequired

type

STRING

Status
colourRed
titleRequired

requiredPermissions

ARRAY

Status
colourRed
titleRequired

Roles

Name

Type

Description/Value

allowedMemberTypes

[STRING]

Status
colourRed
titleRequired

description

STRING

Status
colourRed
titleRequired

displayName

STRING

Status
colourRed
titleRequired

id

GUID

isEnabled

BOOLEAN

Status
colourRed
titleRequired

value

STRING

Status
colourRed
titleRequired

users

[STRING]

groups

[STRING]