» azuread_application
Manages an Application within Azure Active Directory.
NOTE: If you're authenticating using a Service Principal then it must have permissions to both Read and write all applications
and Sign in and read user profile
within the Windows Azure Active Directory
API.
» Example Usage
resource "azuread_application" "test" {
name = "example"
homepage = "https://homepage"
identifier_uris = ["https://uri"]
reply_urls = ["https://replyurl"]
available_to_other_tenants = false
oauth2_allow_implicit_flow = true
required_resource_access {
resource_app_id = "00000003-0000-0000-c000-000000000000"
resource_access {
id = "..."
type = "Role"
}
resource_access {
id = "..."
type = "Scope"
}
resource_access {
id = "..."
type = "Scope"
}
}
required_resource_access {
resource_app_id = "00000002-0000-0000-c000-000000000000"
resource_access {
id = "..."
type = "Scope"
}
}
}
» Argument Reference
The following arguments are supported:
-
name
- (Required) The display name for the application. -
homepage
- (optional) The URL to the application's home page. If no homepage is specified this defaults tohttps://{name}
. -
identifier_uris
- (Optional) A list of user-defined URI(s) that uniquely identify a Web application within it's Azure AD tenant, or within a verified custom domain if the application is multi-tenant. -
reply_urls
- (Optional) A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to. -
available_to_other_tenants
- (Optional) Is this Azure AD Application available to other tenants? Defaults tofalse
. -
oauth2_allow_implicit_flow
- (Optional) Does this Azure AD Application allow OAuth2.0 implicit flow tokens? Defaults tofalse
. -
required_resource_access
- (Optional) A collection ofrequired_resource_access
blocks as documented below.
required_resource_access
supports the following:
-
resource_app_id
- (Required) The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. -
resource_access
- (Required) A collection ofresource_access
blocks as documented below
resource_access
supports the following:
-
id
- (Required) The unique identifier for one of theOAuth2Permission
orAppRole
instances that the resource application exposes. -
type
- (Required) Specifies whether the id property references anOAuth2Permission
or anAppRole
. Possible values areScope
orRole
.
» Attributes Reference
The following attributes are exported:
-
application_id
- The Application ID.
» Import
Azure Active Directory Applications can be imported using the object id
, e.g.
terraform import azuread_application.test 00000000-0000-0000-0000-000000000000