apiVersion (string)
applications.azuread.gke.cloud.google.com/v1beta1
kind (string)
Application
spec (object)
ApplicationSpec defines the desired state of Application
deletionPolicy (string)
DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated in favor of the ManagementPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223
forProvider (object)
No description provided.
api (array)
An api block as documented below, which configures API related settings for this application.
knownClientApplications (array)
A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app
mappedClaimsEnabled (boolean)
Allows an application to use claims mapping without specifying a custom signing key. Defaults to false. Allows an application to use claims mapping without specifying a custom signing key
oauth2PermissionScope (array)
One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. One or more `oauth2_permission_scope` blocks to describe delegated permissions exposed by the web API represented by this application
adminConsentDescription (string)
Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users. Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users
adminConsentDisplayName (string)
Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users. Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users
enabled (boolean)
Determines if the permission scope is enabled. Defaults to true. Determines if the permission scope is enabled
id (string)
The unique identifier of the delegated permission. Must be a valid UUID. The unique identifier of the delegated permission
type (string)
Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions. Defaults to User. Possible values are User or Admin. Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions
userConsentDescription (string)
Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf. Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf
userConsentDisplayName (string)
Display name for the delegated permission that appears in the end user consent experience. Display name for the delegated permission that appears in the end user consent experience
value (string)
The value that is used for the scp claim in OAuth 2.0 access tokens. The value that is used for the `scp` claim in OAuth 2.0 access tokens
requestedAccessTokenVersion (number)
The access token version expected by this resource. Must be one of 1 or 2, and must be 2 when sign_in_audience is either AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount Defaults to 1. The access token version expected by this resource
appRole (array)
A collection of app_role blocks as documented below. For more information see official documentation on Application Roles.
allowedMemberTypes (array)
Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. Specifies whether this app role definition can be assigned to users and groups by setting to `User`, or to other applications (that are accessing this application in a standalone scenario) by setting to `Application`, or to both
displayName (string)
Display name for the app role that appears during app role assignment and in consent experiences. Display name for the app role that appears during app role assignment and in consent experiences
enabled (boolean)
Determines if the app role is enabled. Defaults to true. Determines if the app role is enabled
id (string)
The unique identifier of the app role. Must be a valid UUID. The unique identifier of the app role
value (string)
The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal. The value that is used for the `roles` claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal
deviceOnlyAuthEnabled (boolean)
Specifies whether this application supports device authentication without a user. Defaults to false. Specifies whether this application supports device authentication without a user.
displayName (string)
The display name for the application. The display name for the application
fallbackPublicClientEnabled (boolean)
Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI. Defaults to false. Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI
groupMembershipClaims (array)
Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures the `groups` claim issued in a user or OAuth 2.0 access token that the app expects
identifierUris (array)
A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant
logoImage (string)
A logo image to upload for the application, as a raw base64-encoded string. The image should be in gif, jpeg or png format. Note that once an image has been uploaded, it is not possible to remove it without replacing it with another image. Base64 encoded logo image in gif, png or jpeg format
marketingUrl (string)
URL of the application's marketing page. URL of the application's marketing page
notes (string)
User-specified notes relevant for the management of the application. User-specified notes relevant for the management of the application
oauth2PostResponseRequired (boolean)
Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests. Defaults to false, which specifies that only GET requests are allowed. Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests.
optionalClaims (array)
An optional_claims block as documented below.
accessToken (array)
One or more access_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
idToken (array)
One or more id_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
saml2Token (array)
One or more saml2_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
owners (array)
A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. A list of object IDs of principals that will be granted ownership of the application
preventDuplicateNames (boolean)
If true, will return an error if an existing application is found with the same name. Defaults to false. If `true`, will return an error if an existing application is found with the same name
privacyStatementUrl (string)
URL of the application's privacy statement. URL of the application's privacy statement
publicClient (array)
A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device.
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
requiredResourceAccess (array)
A collection of required_resource_access blocks as documented below.
resourceAccess (array)
A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource.
id (string)
The unique identifier for an app role or OAuth2 permission scope published by the resource application.
type (string)
Specifies whether the id property references an app role or an OAuth2 permission scope. Possible values are Role or Scope.
resourceAppId (string)
The unique identifier for the resource that the application requires access to. This should be the Application ID of the target application.
signInAudience (string)
The Microsoft account types that are supported for the current application. Must be one of AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount. Defaults to AzureADMyOrg. The Microsoft account types that are supported for the current application
singlePageApplication (array)
A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application.
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
supportUrl (string)
URL of the application's support page. URL of the application's support page
templateId (string)
Unique ID for a templated application in the Azure AD App Gallery, from which to create the application. Changing this forces a new resource to be created. Unique ID of the application template from which this application is created
termsOfServiceUrl (string)
URL of the application's terms of service statement. URL of the application's terms of service statement
web (array)
A web block as documented below, which configures web related settings for this application.
homepageUrl (string)
Home page or landing page of the application. Home page or landing page of the application
implicitGrant (array)
An implicit_grant block as documented above.
accessTokenIssuanceEnabled (boolean)
Whether this web application can request an access token using OAuth 2.0 implicit flow. Whether this web application can request an access token using OAuth 2.0 implicit flow
idTokenIssuanceEnabled (boolean)
Whether this web application can request an ID token using OAuth 2.0 implicit flow. Whether this web application can request an ID token using OAuth 2.0 implicit flow
logoutUrl (string)
The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
managementPolicy (string)
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicy specifies the level of control Crossplane has over the managed external resource. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223
providerConfigRef (object)
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
name (string)
Name of the referenced object.
policy (object)
Policies for referencing.
resolution (string)
Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.
resolve (string)
Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.
providerRef (object)
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`
name (string)
Name of the referenced object.
policy (object)
Policies for referencing.
resolution (string)
Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.
resolve (string)
Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.
publishConnectionDetailsTo (object)
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
configRef (object)
SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret.
name (string)
Name of the referenced object.
policy (object)
Policies for referencing.
resolution (string)
Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.
resolve (string)
Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.
name (string)
Name is the name of the connection secret.
writeConnectionSecretToRef (object)
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
name (string)
Name of the secret.
namespace (string)
Namespace of the secret.
status (object)
ApplicationStatus defines the observed state of Application.
atProvider (object)
No description provided.
api (array)
An api block as documented below, which configures API related settings for this application.
knownClientApplications (array)
A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app
mappedClaimsEnabled (boolean)
Allows an application to use claims mapping without specifying a custom signing key. Defaults to false. Allows an application to use claims mapping without specifying a custom signing key
oauth2PermissionScope (array)
One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. One or more `oauth2_permission_scope` blocks to describe delegated permissions exposed by the web API represented by this application
adminConsentDescription (string)
Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users. Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users
adminConsentDisplayName (string)
Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users. Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users
enabled (boolean)
Determines if the permission scope is enabled. Defaults to true. Determines if the permission scope is enabled
id (string)
The unique identifier of the delegated permission. Must be a valid UUID. The unique identifier of the delegated permission
type (string)
Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions. Defaults to User. Possible values are User or Admin. Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions
userConsentDescription (string)
Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf. Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf
userConsentDisplayName (string)
Display name for the delegated permission that appears in the end user consent experience. Display name for the delegated permission that appears in the end user consent experience
value (string)
The value that is used for the scp claim in OAuth 2.0 access tokens. The value that is used for the `scp` claim in OAuth 2.0 access tokens
requestedAccessTokenVersion (number)
The access token version expected by this resource. Must be one of 1 or 2, and must be 2 when sign_in_audience is either AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount Defaults to 1. The access token version expected by this resource
appRole (array)
A collection of app_role blocks as documented below. For more information see official documentation on Application Roles.
allowedMemberTypes (array)
Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. Specifies whether this app role definition can be assigned to users and groups by setting to `User`, or to other applications (that are accessing this application in a standalone scenario) by setting to `Application`, or to both
displayName (string)
Display name for the app role that appears during app role assignment and in consent experiences. Display name for the app role that appears during app role assignment and in consent experiences
enabled (boolean)
Determines if the app role is enabled. Defaults to true. Determines if the app role is enabled
id (string)
The unique identifier of the app role. Must be a valid UUID. The unique identifier of the app role
value (string)
The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal. The value that is used for the `roles` claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal
appRoleIds (object)
A mapping of app role values to app role IDs, intended to be useful when referencing app roles in other resources in your configuration. Mapping of app role names to UUIDs
additionalProperties (string)
No description provided.
applicationId (string)
The Application ID (also called Client ID). The Application ID (also called Client ID)
deviceOnlyAuthEnabled (boolean)
Specifies whether this application supports device authentication without a user. Defaults to false. Specifies whether this application supports device authentication without a user.
disabledByMicrosoft (string)
Whether Microsoft has disabled the registered application. If the application is disabled, this will be a string indicating the status/reason, e.g. DisabledDueToViolationOfServicesAgreement Whether Microsoft has disabled the registered application
displayName (string)
The display name for the application. The display name for the application
fallbackPublicClientEnabled (boolean)
Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI. Defaults to false. Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI
groupMembershipClaims (array)
Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures the `groups` claim issued in a user or OAuth 2.0 access token that the app expects
id (string)
The unique identifier for an app role or OAuth2 permission scope published by the resource application.
identifierUris (array)
A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant
logoImage (string)
A logo image to upload for the application, as a raw base64-encoded string. The image should be in gif, jpeg or png format. Note that once an image has been uploaded, it is not possible to remove it without replacing it with another image. Base64 encoded logo image in gif, png or jpeg format
logoUrl (string)
CDN URL to the application's logo, as uploaded with the logo_image property. CDN URL to the application's logo
marketingUrl (string)
URL of the application's marketing page. URL of the application's marketing page
notes (string)
User-specified notes relevant for the management of the application. User-specified notes relevant for the management of the application
oauth2PermissionScopeIds (object)
A mapping of OAuth2.0 permission scope values to scope IDs, intended to be useful when referencing permission scopes in other resources in your configuration. Mapping of OAuth2.0 permission scope names to UUIDs
additionalProperties (string)
No description provided.
oauth2PostResponseRequired (boolean)
Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests. Defaults to false, which specifies that only GET requests are allowed. Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests.
objectId (string)
The application's object ID. The application's object ID
optionalClaims (array)
An optional_claims block as documented below.
accessToken (array)
One or more access_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
idToken (array)
One or more id_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
saml2Token (array)
One or more saml2_token blocks as documented below.
additionalProperties (array)
List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim
essential (boolean)
Whether the claim specified by the client is necessary to ensure a smooth authorization experience. Whether the claim specified by the client is necessary to ensure a smooth authorization experience
name (string)
The name of the optional claim. The name of the optional claim
source (string)
The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object
owners (array)
A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. A list of object IDs of principals that will be granted ownership of the application
preventDuplicateNames (boolean)
If true, will return an error if an existing application is found with the same name. Defaults to false. If `true`, will return an error if an existing application is found with the same name
privacyStatementUrl (string)
URL of the application's privacy statement. URL of the application's privacy statement
publicClient (array)
A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device.
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
publisherDomain (string)
The verified publisher domain for the application. The verified publisher domain for the application
requiredResourceAccess (array)
A collection of required_resource_access blocks as documented below.
resourceAccess (array)
A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource.
id (string)
The unique identifier for an app role or OAuth2 permission scope published by the resource application.
type (string)
Specifies whether the id property references an app role or an OAuth2 permission scope. Possible values are Role or Scope.
resourceAppId (string)
The unique identifier for the resource that the application requires access to. This should be the Application ID of the target application.
signInAudience (string)
The Microsoft account types that are supported for the current application. Must be one of AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount. Defaults to AzureADMyOrg. The Microsoft account types that are supported for the current application
singlePageApplication (array)
A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application.
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
supportUrl (string)
URL of the application's support page. URL of the application's support page
templateId (string)
Unique ID for a templated application in the Azure AD App Gallery, from which to create the application. Changing this forces a new resource to be created. Unique ID of the application template from which this application is created
termsOfServiceUrl (string)
URL of the application's terms of service statement. URL of the application's terms of service statement
web (array)
A web block as documented below, which configures web related settings for this application.
homepageUrl (string)
Home page or landing page of the application. Home page or landing page of the application
implicitGrant (array)
An implicit_grant block as documented above.
accessTokenIssuanceEnabled (boolean)
Whether this web application can request an access token using OAuth 2.0 implicit flow. Whether this web application can request an access token using OAuth 2.0 implicit flow
idTokenIssuanceEnabled (boolean)
Whether this web application can request an ID token using OAuth 2.0 implicit flow. Whether this web application can request an ID token using OAuth 2.0 implicit flow
logoutUrl (string)
The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols
redirectUris (array)
A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent
conditions (array)
Conditions of the resource.
lastTransitionTime (string)
LastTransitionTime is the last time this condition transitioned from one status to another.
message (string)
A Message containing details about this condition's last transition from one status to another, if any.
reason (string)
A Reason for this condition's last transition from one status to another.
status (string)
Status of this condition; is it currently True, False, or Unknown?
type (string)
Type of this condition. At most one of each condition type may apply to a resource at any point in time.
|
