en-US/AzAuth.PS.dll-Help.xml
<?xml version="1.0" encoding="utf-8"?> <helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Clear-AzTokenCache</command:name> <command:verb>Clear</command:verb> <command:noun>AzTokenCache</command:noun> <maml:description> <maml:para>Clear all tokens from a specified token cache.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Clear all tokens from a specified token cache. The file may remain on disk, but without any tokens.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Clear-AzTokenCache</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to clear.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to clear.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Clear-AzTokenCache -TokenCache 'MyCache'</dev:code> <dev:remarks> <maml:para>Clears all tokens from the cache named "MyCache".</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-AzToken</command:name> <command:verb>Get</command:verb> <command:noun>AzToken</command:noun> <maml:description> <maml:para>Gets a new Azure access token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Gets a new Azure access token.</maml:para> <maml:para>The token can be retrieved from an existing named cache, interactively from a browser, or non-interactively with specific token sources. If the command is used non-interactively, an attempt will be made to get a token using the following sources in order:</maml:para> <maml:para>- Saved interactive credential if the command was used interactively in the same session (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.interactivebrowsercredential)</maml:para> <maml:para>- Environment variables (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.environmentcredential)</maml:para> <maml:para>- Azure PowerShell (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.azurepowershellcredential)</maml:para> <maml:para>- Azure CLI (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.azureclicredential)</maml:para> <maml:para>- Visual Studio Code (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.visualstudiocodecredential)</maml:para> <maml:para>- Visual Studio (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.visualstudiocredential)</maml:para> <maml:para>- Shared token cache (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.sharedtokencachecredential)</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Broker</maml:name> <maml:description> <maml:para>Get a token using the Web Account Manager (WAM) broker authentication flow for Windows devices.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificate</maml:name> <maml:description> <maml:para>The certificate to be used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue> <dev:type> <maml:name>X509Certificate2</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificatePath</maml:name> <maml:description> <maml:para>The path to a file containing both the certificate and private key, used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>CredentialPrecedence</maml:name> <maml:description> <maml:para>The order of precedence for the credentials to be used for getting a token non-interactively.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">ManagedIdentity</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Environment</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">AzurePowerShell</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">AzureCLI</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">VisualStudioCode</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">VisualStudio</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">SharedTokenCache</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Username</maml:name> <maml:description> <maml:para>The username to get the token for in the named cache.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Interactive</maml:name> <maml:description> <maml:para>Get a token using an interactive browser.</maml:para> <maml:para>The authentication record will be saved during the session and used as the first option for a token if the command is used again but non-interactively.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DeviceCode</maml:name> <maml:description> <maml:para>Get a token using a device code login interactively, for example on a different device.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedIdentity</maml:name> <maml:description> <maml:para>Get a token using a managed identity assigned to the environment, such as Azure VMs, App Service or Azure Functions applications.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ExternalToken</maml:name> <maml:description> <maml:para>The external token used for the federated credential of the workload identity, used together with parameter -WorkloadIdentity for the client assertion flow. For more details, see blog post in related links of this command.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>WorkloadIdentity</maml:name> <maml:description> <maml:para>Get a token using a federated credential, or "workload identity federation". For an example of how to use this in a pipeline, see related links of this command.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientSecret</maml:name> <maml:description> <maml:para>The client secret to use for getting a token with the client credentials flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Broker</maml:name> <maml:description> <maml:para>Get a token using the Web Account Manager (WAM) broker authentication flow for Windows devices.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificate</maml:name> <maml:description> <maml:para>The certificate to be used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue> <dev:type> <maml:name>X509Certificate2</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificatePath</maml:name> <maml:description> <maml:para>The path to a file containing both the certificate and private key, used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientSecret</maml:name> <maml:description> <maml:para>The client secret to use for getting a token with the client credentials flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>CredentialPrecedence</maml:name> <maml:description> <maml:para>The order of precedence for the credentials to be used for getting a token non-interactively.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DeviceCode</maml:name> <maml:description> <maml:para>Get a token using a device code login interactively, for example on a different device.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ExternalToken</maml:name> <maml:description> <maml:para>The external token used for the federated credential of the workload identity, used together with parameter -WorkloadIdentity for the client assertion flow. For more details, see blog post in related links of this command.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Interactive</maml:name> <maml:description> <maml:para>Get a token using an interactive browser.</maml:para> <maml:para>The authentication record will be saved during the session and used as the first option for a token if the command is used again but non-interactively.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedIdentity</maml:name> <maml:description> <maml:para>Get a token using a managed identity assigned to the environment, such as Azure VMs, App Service or Azure Functions applications.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Username</maml:name> <maml:description> <maml:para>The username to get the token for in the named cache.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>WorkloadIdentity</maml:name> <maml:description> <maml:para>Get a token using a federated credential, or "workload identity federation". For an example of how to use this in a pipeline, see related links of this command.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token non-interactively for the `.default` scope of Microsoft Graph.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Resource 'https://graph.microsoft.com/' -Scope 'User.Read','LearningContent.Read.All' -ClientId 'a4d5d049-a35c-49a1-ad6e-0a3a94138d32' -Interactive</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively for Microsoft Graph with the scopes `User.Read` and `LearningContent.Read.All`, also specifying a client id.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 3 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Interactive -TokenCache 'AzAuthCache'</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively and stores the token in a new (or existing) token cache named "AzAuthCache".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 4 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -TokenCache 'AzAuthCache'</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively from an existing token cache named "AzAuthCache".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 5 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Scope 'Directory.Read.All' -ClientId $ClientId -ManagedIdentity</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a managed identity, valid for Microsoft Graph with the scope `Directory.Read.All`, also specifying a client id.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 6 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientId $ClientId -ClientSecret $ClientSecret -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client credentials flow by specifying a client secret, valid for the default Microsoft Graph scope, also specifying the tenant as a mandatory parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 7 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientCertificate (Get-Item "Cert:\CurrentUser\My\$Thumbprint") -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client certificate flow by getting and providing an installed certificate from the user certificate store.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 8 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientCertificatePath ".\certAndPrivateKey.pem" -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client certificate flow by specifying a path to a file containing both the certificate and the private key.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 9 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -WorkloadIdentity -ExternalToken $OidcToken -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the workload identity federation pattern by specifying a valid id token. For more details, see blog post in related links of this command.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Blog Post "OAuth 2.0 Fundamentals for Azure APIs"</maml:linkText> <maml:uri>https://pipe.how/connect-azure/</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Blog Post "Azure Workload Identity Federation"</maml:linkText> <maml:uri>https://pipe.how/get-oidctoken/</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |