1. Packages
  2. Azure Active Directory (Azure AD)
  3. API Docs
  4. ApplicationPreAuthorized
Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi

azuread.ApplicationPreAuthorized

Explore with Pulumi AI

azuread logo
Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi

    Import

    Pre-authorized applications can be imported using the object ID of the authorizing application and the application ID of the application being authorized, e.g.

     $ pulumi import azuread:index/applicationPreAuthorized:ApplicationPreAuthorized example 00000000-0000-0000-0000-000000000000/preAuthorizedApplication/11111111-1111-1111-1111-111111111111
    

    -> This ID format is unique to Terraform and is composed of the authorizing application’s object ID, the string “preAuthorizedApplication” and the authorized application’s application ID (client ID) in the format {ObjectId}/preAuthorizedApplication/{ApplicationId}.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureAD = Pulumi.AzureAD;
    
    return await Deployment.RunAsync(() => 
    {
        var authorized = new AzureAD.Application("authorized", new()
        {
            DisplayName = "example-authorized-app",
        });
    
        var authorizer = new AzureAD.Application("authorizer", new()
        {
            DisplayName = "example-authorizing-app",
            Api = new AzureAD.Inputs.ApplicationApiArgs
            {
                Oauth2PermissionScopes = new[]
                {
                    new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
                    {
                        AdminConsentDescription = "Administer the application",
                        AdminConsentDisplayName = "Administer",
                        Enabled = true,
                        Id = "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                        Type = "Admin",
                        Value = "administer",
                    },
                    new AzureAD.Inputs.ApplicationApiOauth2PermissionScopeArgs
                    {
                        AdminConsentDescription = "Access the application",
                        AdminConsentDisplayName = "Access",
                        Enabled = true,
                        Id = "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                        Type = "User",
                        UserConsentDescription = "Access the application",
                        UserConsentDisplayName = "Access",
                        Value = "user_impersonation",
                    },
                },
            },
        });
    
        var example = new AzureAD.ApplicationPreAuthorized("example", new()
        {
            ApplicationObjectId = authorizer.ObjectId,
            AuthorizedAppId = authorized.ApplicationId,
            PermissionIds = new[]
            {
                "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		authorized, err := azuread.NewApplication(ctx, "authorized", &azuread.ApplicationArgs{
    			DisplayName: pulumi.String("example-authorized-app"),
    		})
    		if err != nil {
    			return err
    		}
    		authorizer, err := azuread.NewApplication(ctx, "authorizer", &azuread.ApplicationArgs{
    			DisplayName: pulumi.String("example-authorizing-app"),
    			Api: &azuread.ApplicationApiArgs{
    				Oauth2PermissionScopes: azuread.ApplicationApiOauth2PermissionScopeArray{
    					&azuread.ApplicationApiOauth2PermissionScopeArgs{
    						AdminConsentDescription: pulumi.String("Administer the application"),
    						AdminConsentDisplayName: pulumi.String("Administer"),
    						Enabled:                 pulumi.Bool(true),
    						Id:                      pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
    						Type:                    pulumi.String("Admin"),
    						Value:                   pulumi.String("administer"),
    					},
    					&azuread.ApplicationApiOauth2PermissionScopeArgs{
    						AdminConsentDescription: pulumi.String("Access the application"),
    						AdminConsentDisplayName: pulumi.String("Access"),
    						Enabled:                 pulumi.Bool(true),
    						Id:                      pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
    						Type:                    pulumi.String("User"),
    						UserConsentDescription:  pulumi.String("Access the application"),
    						UserConsentDisplayName:  pulumi.String("Access"),
    						Value:                   pulumi.String("user_impersonation"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = azuread.NewApplicationPreAuthorized(ctx, "example", &azuread.ApplicationPreAuthorizedArgs{
    			ApplicationObjectId: authorizer.ObjectId,
    			AuthorizedAppId:     authorized.ApplicationId,
    			PermissionIds: pulumi.StringArray{
    				pulumi.String("ced9c4c3-c273-4f0f-ac71-a20377b90f9c"),
    				pulumi.String("2d5e07ca-664d-4d9b-ad61-ec07fd215213"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azuread.Application;
    import com.pulumi.azuread.ApplicationArgs;
    import com.pulumi.azuread.inputs.ApplicationApiArgs;
    import com.pulumi.azuread.ApplicationPreAuthorized;
    import com.pulumi.azuread.ApplicationPreAuthorizedArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var authorized = new Application("authorized", ApplicationArgs.builder()        
                .displayName("example-authorized-app")
                .build());
    
            var authorizer = new Application("authorizer", ApplicationArgs.builder()        
                .displayName("example-authorizing-app")
                .api(ApplicationApiArgs.builder()
                    .oauth2PermissionScopes(                
                        ApplicationApiOauth2PermissionScopeArgs.builder()
                            .adminConsentDescription("Administer the application")
                            .adminConsentDisplayName("Administer")
                            .enabled(true)
                            .id("ced9c4c3-c273-4f0f-ac71-a20377b90f9c")
                            .type("Admin")
                            .value("administer")
                            .build(),
                        ApplicationApiOauth2PermissionScopeArgs.builder()
                            .adminConsentDescription("Access the application")
                            .adminConsentDisplayName("Access")
                            .enabled(true)
                            .id("2d5e07ca-664d-4d9b-ad61-ec07fd215213")
                            .type("User")
                            .userConsentDescription("Access the application")
                            .userConsentDisplayName("Access")
                            .value("user_impersonation")
                            .build())
                    .build())
                .build());
    
            var example = new ApplicationPreAuthorized("example", ApplicationPreAuthorizedArgs.builder()        
                .applicationObjectId(authorizer.objectId())
                .authorizedAppId(authorized.applicationId())
                .permissionIds(            
                    "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                    "2d5e07ca-664d-4d9b-ad61-ec07fd215213")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azuread as azuread
    
    authorized = azuread.Application("authorized", display_name="example-authorized-app")
    authorizer = azuread.Application("authorizer",
        display_name="example-authorizing-app",
        api=azuread.ApplicationApiArgs(
            oauth2_permission_scopes=[
                azuread.ApplicationApiOauth2PermissionScopeArgs(
                    admin_consent_description="Administer the application",
                    admin_consent_display_name="Administer",
                    enabled=True,
                    id="ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                    type="Admin",
                    value="administer",
                ),
                azuread.ApplicationApiOauth2PermissionScopeArgs(
                    admin_consent_description="Access the application",
                    admin_consent_display_name="Access",
                    enabled=True,
                    id="2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                    type="User",
                    user_consent_description="Access the application",
                    user_consent_display_name="Access",
                    value="user_impersonation",
                ),
            ],
        ))
    example = azuread.ApplicationPreAuthorized("example",
        application_object_id=authorizer.object_id,
        authorized_app_id=authorized.application_id,
        permission_ids=[
            "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
            "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
        ])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azuread from "@pulumi/azuread";
    
    const authorized = new azuread.Application("authorized", {displayName: "example-authorized-app"});
    const authorizer = new azuread.Application("authorizer", {
        displayName: "example-authorizing-app",
        api: {
            oauth2PermissionScopes: [
                {
                    adminConsentDescription: "Administer the application",
                    adminConsentDisplayName: "Administer",
                    enabled: true,
                    id: "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
                    type: "Admin",
                    value: "administer",
                },
                {
                    adminConsentDescription: "Access the application",
                    adminConsentDisplayName: "Access",
                    enabled: true,
                    id: "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
                    type: "User",
                    userConsentDescription: "Access the application",
                    userConsentDisplayName: "Access",
                    value: "user_impersonation",
                },
            ],
        },
    });
    const example = new azuread.ApplicationPreAuthorized("example", {
        applicationObjectId: authorizer.objectId,
        authorizedAppId: authorized.applicationId,
        permissionIds: [
            "ced9c4c3-c273-4f0f-ac71-a20377b90f9c",
            "2d5e07ca-664d-4d9b-ad61-ec07fd215213",
        ],
    });
    
    resources:
      authorized:
        type: azuread:Application
        properties:
          displayName: example-authorized-app
      authorizer:
        type: azuread:Application
        properties:
          displayName: example-authorizing-app
          api:
            oauth2PermissionScopes:
              - adminConsentDescription: Administer the application
                adminConsentDisplayName: Administer
                enabled: true
                id: ced9c4c3-c273-4f0f-ac71-a20377b90f9c
                type: Admin
                value: administer
              - adminConsentDescription: Access the application
                adminConsentDisplayName: Access
                enabled: true
                id: 2d5e07ca-664d-4d9b-ad61-ec07fd215213
                type: User
                userConsentDescription: Access the application
                userConsentDisplayName: Access
                value: user_impersonation
      example:
        type: azuread:ApplicationPreAuthorized
        properties:
          applicationObjectId: ${authorizer.objectId}
          authorizedAppId: ${authorized.applicationId}
          permissionIds:
            - ced9c4c3-c273-4f0f-ac71-a20377b90f9c
            - 2d5e07ca-664d-4d9b-ad61-ec07fd215213
    

    Create ApplicationPreAuthorized Resource

    new ApplicationPreAuthorized(name: string, args: ApplicationPreAuthorizedArgs, opts?: CustomResourceOptions);
    @overload
    def ApplicationPreAuthorized(resource_name: str,
                                 opts: Optional[ResourceOptions] = None,
                                 application_object_id: Optional[str] = None,
                                 authorized_app_id: Optional[str] = None,
                                 permission_ids: Optional[Sequence[str]] = None)
    @overload
    def ApplicationPreAuthorized(resource_name: str,
                                 args: ApplicationPreAuthorizedArgs,
                                 opts: Optional[ResourceOptions] = None)
    func NewApplicationPreAuthorized(ctx *Context, name string, args ApplicationPreAuthorizedArgs, opts ...ResourceOption) (*ApplicationPreAuthorized, error)
    public ApplicationPreAuthorized(string name, ApplicationPreAuthorizedArgs args, CustomResourceOptions? opts = null)
    public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args)
    public ApplicationPreAuthorized(String name, ApplicationPreAuthorizedArgs args, CustomResourceOptions options)
    
    type: azuread:ApplicationPreAuthorized
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args ApplicationPreAuthorizedArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ApplicationPreAuthorizedArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ApplicationPreAuthorizedArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ApplicationPreAuthorizedArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ApplicationPreAuthorizedArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    ApplicationPreAuthorized Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ApplicationPreAuthorized resource accepts the following input properties:

    ApplicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    AuthorizedAppId string

    The application ID of the pre-authorized application

    PermissionIds List<string>

    A set of permission scope IDs required by the authorized application.

    ApplicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    AuthorizedAppId string

    The application ID of the pre-authorized application

    PermissionIds []string

    A set of permission scope IDs required by the authorized application.

    applicationObjectId String

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId String

    The application ID of the pre-authorized application

    permissionIds List<String>

    A set of permission scope IDs required by the authorized application.

    applicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId string

    The application ID of the pre-authorized application

    permissionIds string[]

    A set of permission scope IDs required by the authorized application.

    application_object_id str

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorized_app_id str

    The application ID of the pre-authorized application

    permission_ids Sequence[str]

    A set of permission scope IDs required by the authorized application.

    applicationObjectId String

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId String

    The application ID of the pre-authorized application

    permissionIds List<String>

    A set of permission scope IDs required by the authorized application.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ApplicationPreAuthorized resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Look up Existing ApplicationPreAuthorized Resource

    Get an existing ApplicationPreAuthorized resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ApplicationPreAuthorizedState, opts?: CustomResourceOptions): ApplicationPreAuthorized
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            application_object_id: Optional[str] = None,
            authorized_app_id: Optional[str] = None,
            permission_ids: Optional[Sequence[str]] = None) -> ApplicationPreAuthorized
    func GetApplicationPreAuthorized(ctx *Context, name string, id IDInput, state *ApplicationPreAuthorizedState, opts ...ResourceOption) (*ApplicationPreAuthorized, error)
    public static ApplicationPreAuthorized Get(string name, Input<string> id, ApplicationPreAuthorizedState? state, CustomResourceOptions? opts = null)
    public static ApplicationPreAuthorized get(String name, Output<String> id, ApplicationPreAuthorizedState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApplicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    AuthorizedAppId string

    The application ID of the pre-authorized application

    PermissionIds List<string>

    A set of permission scope IDs required by the authorized application.

    ApplicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    AuthorizedAppId string

    The application ID of the pre-authorized application

    PermissionIds []string

    A set of permission scope IDs required by the authorized application.

    applicationObjectId String

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId String

    The application ID of the pre-authorized application

    permissionIds List<String>

    A set of permission scope IDs required by the authorized application.

    applicationObjectId string

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId string

    The application ID of the pre-authorized application

    permissionIds string[]

    A set of permission scope IDs required by the authorized application.

    application_object_id str

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorized_app_id str

    The application ID of the pre-authorized application

    permission_ids Sequence[str]

    A set of permission scope IDs required by the authorized application.

    applicationObjectId String

    The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created.

    authorizedAppId String

    The application ID of the pre-authorized application

    permissionIds List<String>

    A set of permission scope IDs required by the authorized application.

    Package Details

    Repository
    Azure Active Directory (Azure AD) pulumi/pulumi-azuread
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the azuread Terraform Provider.

    azuread logo
    Azure Active Directory (Azure AD) v5.38.0 published on Wednesday, May 17, 2023 by Pulumi