Set-Adfs Web Api Application

Modifies configuration settings for a Web API application in AD FS.

Syntax

Set-AdfsWebApiApplication
   [-TargetIdentifier] <String>
   [-AllowedAuthenticationClassReferences <String[]>]
   [-AlwaysRequireAuthentication <Boolean>]
   [-ClaimsProviderName <String[]>]
   [-Name <String>]
   [-NotBeforeSkew <Int32>]
   [-Identifier <String[]>]
   [-IssuanceAuthorizationRules <String>]
   [-IssuanceAuthorizationRulesFile <String>]
   [-DelegationAuthorizationRules <String>]
   [-DelegationAuthorizationRulesFile <String>]
   [-ImpersonationAuthorizationRules <String>]
   [-ImpersonationAuthorizationRulesFile <String>]
   [-IssuanceTransformRules <String>]
   [-IssuanceTransformRulesFile <String>]
   [-AdditionalAuthenticationRules <String>]
   [-AdditionalAuthenticationRulesFile <String>]
   [-AccessControlPolicyName <String>]
   [-AccessControlPolicyParameters <Object>]
   [-Description <String>]
   [-TokenLifetime <Int32>]
   [-AllowedClientTypes <AllowedClientTypes>]
   [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
   [-RefreshTokenProtectionEnabled <Boolean>]
   [-RequestMFAFromClaimsProviders <Boolean>]
   [-PassThru]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-AdfsWebApiApplication
   [-TargetName] <String>
   [-AllowedAuthenticationClassReferences <String[]>]
   [-AlwaysRequireAuthentication <Boolean>]
   [-ClaimsProviderName <String[]>]
   [-Name <String>]
   [-NotBeforeSkew <Int32>]
   [-Identifier <String[]>]
   [-IssuanceAuthorizationRules <String>]
   [-IssuanceAuthorizationRulesFile <String>]
   [-DelegationAuthorizationRules <String>]
   [-DelegationAuthorizationRulesFile <String>]
   [-ImpersonationAuthorizationRules <String>]
   [-ImpersonationAuthorizationRulesFile <String>]
   [-IssuanceTransformRules <String>]
   [-IssuanceTransformRulesFile <String>]
   [-AdditionalAuthenticationRules <String>]
   [-AdditionalAuthenticationRulesFile <String>]
   [-AccessControlPolicyName <String>]
   [-AccessControlPolicyParameters <Object>]
   [-Description <String>]
   [-TokenLifetime <Int32>]
   [-AllowedClientTypes <AllowedClientTypes>]
   [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
   [-RefreshTokenProtectionEnabled <Boolean>]
   [-RequestMFAFromClaimsProviders <Boolean>]
   [-PassThru]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-AdfsWebApiApplication
   [-TargetApplication] <WebApiApplication>
   [-AllowedAuthenticationClassReferences <String[]>]
   [-AlwaysRequireAuthentication <Boolean>]
   [-ClaimsProviderName <String[]>]
   [-Name <String>]
   [-NotBeforeSkew <Int32>]
   [-Identifier <String[]>]
   [-IssuanceAuthorizationRules <String>]
   [-IssuanceAuthorizationRulesFile <String>]
   [-DelegationAuthorizationRules <String>]
   [-DelegationAuthorizationRulesFile <String>]
   [-ImpersonationAuthorizationRules <String>]
   [-ImpersonationAuthorizationRulesFile <String>]
   [-IssuanceTransformRules <String>]
   [-IssuanceTransformRulesFile <String>]
   [-AdditionalAuthenticationRules <String>]
   [-AdditionalAuthenticationRulesFile <String>]
   [-AccessControlPolicyName <String>]
   [-AccessControlPolicyParameters <Object>]
   [-Description <String>]
   [-TokenLifetime <Int32>]
   [-AllowedClientTypes <AllowedClientTypes>]
   [-IssueOAuthRefreshTokensTo <RefreshTokenIssuanceDeviceTypes>]
   [-RefreshTokenProtectionEnabled <Boolean>]
   [-RequestMFAFromClaimsProviders <Boolean>]
   [-PassThru]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-AdfsWebApiApplication cmdlet modifies configuration settings for a Web API application role to an existing application in Active Directory Federation Services (AD FS).

Required Parameters

-TargetApplication

Specifies the Web application for which to modify settings.

Type: WebApiApplication
Position: 0
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
-TargetIdentifier

Specifies the ID of the Web application for which to modify settings.

Type: String
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
-TargetName

Specifies the name of the Web application for which to modify settings.

Type: String
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

Optional Parameters

-AccessControlPolicyName

Specifies the name of an access control policy.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-AccessControlPolicyParameters

Specifies the parameters of an access control policy.

Type: Object
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-AdditionalAuthenticationRules

Specifies additional authentication rules.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-AdditionalAuthenticationRulesFile

Specifies a file that contains all the rules for additional authentication for this relying party.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-AllowedAuthenticationClassReferences

Specifies an array of allow authentication class references.

Type: String[]
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-AllowedClientTypes

Specifies allowed client types. The acceptable values for this parameter are:

  • None
  • Public
  • Confidential
Type: AllowedClientTypes
Parameter Sets: None, Public, Confidential
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-AlwaysRequireAuthentication

Indicates that this Web API application role always requires authentication, even if it previously authenticated credentials for access. Specify this parameter to require users to always supply credentials to access sensitive resources.

Type: Boolean
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-ClaimsProviderName

Specifies an array of claims provider names that you can configure for a relying party trust for Home Realm Discovery (HRD) scenario.

If claims provider names are specified for a relying party, the home realm discovery page shows only those claims providers for this relying party. If only one claims provider name is specified, home realm discovery page is not shown. The user is redirected to this claims provider for authentication.

Type: String[]
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Aliases: cf
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-DelegationAuthorizationRules

Specifies delegation authorization rules.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-DelegationAuthorizationRulesFile

Specifies a file that contains all the rules for delegation authentication for this relying party.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Description

Specifies a description.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-Identifier

Specifies an array of identifiers.

Type: String[]
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-ImpersonationAuthorizationRules

Specifies the impersonation authorization rules.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-ImpersonationAuthorizationRulesFile

Specifies a file that contains all the rules for impersonation authentication for this relying party.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-IssuanceAuthorizationRules

Specifies the issuance authorization rules.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-IssuanceAuthorizationRulesFile

Specifies a file that contains all the rules for issuance authentication for this relying party.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-IssuanceTransformRules

Specifies the issuance transform rules.

Type: String
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-IssuanceTransformRulesFile

Specifies a file that contains all the rules for issuance transform for this relying party.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-IssueOAuthRefreshTokensTo

Specifies the refresh token issuance device types. The acceptable values for this parameter are:

  • NoDevice
  • WorkplaceJoinedDevices
  • AllDevices
Type: RefreshTokenIssuanceDeviceTypes
Parameter Sets: NoDevice, WorkplaceJoinedDevices, AllDevices
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Name

Specifies a name.

Type: String
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-NotBeforeSkew

Specifies the not before skew value.

Type: Int32
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Type: SwitchParameter
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-RefreshTokenProtectionEnabled

Indicates whether refresh token protection is enabled.

Type: Boolean
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-RequestMFAFromClaimsProviders

Indicates that the request MFA from claims providers option is used.

Type: Boolean
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-TokenLifetime

Specifies the token lifetime.

Type: Int32
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Aliases: wi
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False