az webapp auth microsoft
Note
This reference is part of the authV2 extension for the Azure CLI (version 2.23.0 or higher). The extension will automatically install the first time you run an az webapp auth microsoft command. Learn more about extensions.
Manage webapp authentication and authorization of the Microsoft identity provider.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az webapp auth microsoft show |
Show the authentication settings for the Azure Active Directory identity provider. |
Extension | GA |
| az webapp auth microsoft update |
Update the client id and client secret for the Azure Active Directory identity provider. |
Extension | GA |
az webapp auth microsoft show
Show the authentication settings for the Azure Active Directory identity provider.
az webapp auth microsoft show [--ids]
[--name]
[--resource-group]
[--slot]
[--subscription]Examples
Show the authentication settings for the Azure Active Directory identity provider. (autogenerated)
az webapp auth microsoft show --name MyWebApp --resource-group MyResourceGroupOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the web app.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the slot. Default to the productions slot if not specified.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az webapp auth microsoft update
Update the client id and client secret for the Azure Active Directory identity provider.
az webapp auth microsoft update [--allowed-audiences --allowed-token-audiences]
[--certificate-issuer --client-secret-certificate-issuer]
[--client-id]
[--client-secret]
[--client-secret-certificate-san --san]
[--client-secret-certificate-thumbprint --thumbprint]
[--client-secret-setting-name --secret-setting]
[--ids]
[--issuer]
[--name]
[--resource-group]
[--slot]
[--subscription]
[--tenant-id]
[--yes]Examples
Update the open id issuer, client id and client secret for the Azure Active Directory identity provider.
az webapp auth microsoft update -g myResourceGroup --name MyWebApp \
--client-id my-client-id --client-secret very_secret_password \
--issuer https://sts.windows.net/54826b22-38d6-4fb2-bad9-b7983a3e9c5a/Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The configuration settings of the allowed list of audiences from which to validate the JWT token.
Alternative to AAD Client Secret and thumbprint, issuer of a certificate used for signing purposes.
The Client ID of this relying party application, known as the client_id.
AAD application secret.
Alternative to AAD Client Secret and thumbprint, subject alternative name of a certificate used for signing purposes.
Alternative to AAD Client Secret, thumbprint of a certificate used for signing purposes.
The app setting name that contains the client secret of the relying party application.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.
Name of the web app.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the slot. Default to the productions slot if not specified.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The tenant id of the application.
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
