Microsoft.App (stable:2024-03-01)

2025/02/27 • 3 updated methods

ContainerAppsAuthConfigs_ListByContainerApp (updated)
Description Get the Container App AuthConfigs in a given resource group.
Reference Link ¶

⚶ Changes

{
  "#id": "ContainerAppsAuthConfigs_ListByContainerApp",
  "$responses": {
    "200": {
      "$properties": {
        "value": {
          "$properties": {
            "properties": [
              {
                "identityProviders": [
                  {
                    "azureActiveDirectory": [
                      {
                        "registration": [
                          {
                            "#name": "openIdIssuer",
                            "Description": {
                              "new": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html",
                              "old": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html"
                            }
                          }
                        ]
                      }
                    ]
                  }
                ]
              }
            ]
          }
        }
      }
    }
  }
}

⚼ Request

GET:  /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.App/containerApps/{containerAppName}/authConfigs
{
subscriptionId: string ,
resourceGroupName: string ,
containerAppName: string ,
api-version: string ,
}

⚐ Response (200)

{
value:
[
{
properties:
{
platform:
{
enabled: boolean ,
runtimeVersion: string ,
}
,
globalValidation:
{
unauthenticatedClientAction: enum ,
redirectToProvider: string ,
excludedPaths:
[
string ,
]
,
}
,
identityProviders:
{
azureActiveDirectory:
{
enabled: boolean ,
registration:
{
openIdIssuer: string ,
clientId: string ,
clientSecretSettingName: string ,
clientSecretCertificateThumbprint: string ,
clientSecretCertificateSubjectAlternativeName: string ,
clientSecretCertificateIssuer: string ,
}
,
login:
{
loginParameters:
[
string ,
]
,
disableWWWAuthenticate: boolean ,
}
,
validation:
{
jwtClaimChecks:
{
allowedGroups:
[
string ,
]
,
allowedClientApplications:
[
string ,
]
,
}
,
allowedAudiences:
[
string ,
]
,
defaultAuthorizationPolicy:
{
allowedPrincipals:
{
groups:
[
string ,
]
,
identities:
[
string ,
]
,
}
,
allowedApplications:
[
string ,
]
,
}
,
}
,
isAutoProvisioned: boolean ,
}
,
facebook:
{
enabled: boolean ,
registration:
{
appId: string ,
appSecretSettingName: string ,
}
,
graphApiVersion: string ,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
gitHub:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
google:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
validation:
{
allowedAudiences:
[
string ,
]
,
}
,
}
,
twitter:
{
enabled: boolean ,
registration:
{
consumerKey: string ,
consumerSecretSettingName: string ,
}
,
}
,
apple:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
azureStaticWebApps:
{
enabled: boolean ,
registration:
{
clientId: string ,
}
,
}
,
customOpenIdConnectProviders: object ,
}
,
login:
{
routes:
{
logoutEndpoint: string ,
}
,
tokenStore:
{
enabled: boolean ,
tokenRefreshExtensionHours: number ,
azureBlobStorage:
{
sasUrlSettingName: string ,
}
,
}
,
preserveUrlFragmentsForLogins: boolean ,
allowedExternalRedirectUrls:
[
string ,
]
,
cookieExpiration:
{
convention: enum ,
timeToExpiration: string ,
}
,
nonce:
{
validateNonce: boolean ,
nonceExpirationInterval: string ,
}
,
}
,
httpSettings:
{
requireHttps: boolean ,
routes:
{
apiPrefix: string ,
}
,
forwardProxy:
{
convention: enum ,
customHostHeaderName: string ,
customProtoHeaderName: string ,
}
,
}
,
encryptionSettings:
{
containerAppAuthEncryptionSecretName: string ,
containerAppAuthSigningSecretName: string ,
}
,
}
,
}
,
]
,
nextLink: string ,
}

⚐ Response (default)

{
error:
{
code: string ,
message: string ,
target: string ,
details:
[
{
code: string ,
message: string ,
target: string ,
}
,
]
,
innererror: string ,
}
,
}
ContainerAppsAuthConfigs_Get (updated)
Description Get a AuthConfig of a Container App.
Reference Link ¶

⚶ Changes

{
  "#id": "ContainerAppsAuthConfigs_Get",
  "$responses": {
    "200": {
      "$properties": {
        "properties": [
          {
            "identityProviders": [
              {
                "azureActiveDirectory": [
                  {
                    "registration": [
                      {
                        "#name": "openIdIssuer",
                        "Description": {
                          "new": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html",
                          "old": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html"
                        }
                      }
                    ]
                  }
                ]
              }
            ]
          }
        ]
      }
    }
  }
}

⚼ Request

GET:  /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.App/containerApps/{containerAppName}/authConfigs/{authConfigName}
{
subscriptionId: string ,
resourceGroupName: string ,
containerAppName: string ,
authConfigName: string ,
api-version: string ,
}

⚐ Response (200)

{
properties:
{
platform:
{
enabled: boolean ,
runtimeVersion: string ,
}
,
globalValidation:
{
unauthenticatedClientAction: enum ,
redirectToProvider: string ,
excludedPaths:
[
string ,
]
,
}
,
identityProviders:
{
azureActiveDirectory:
{
enabled: boolean ,
registration:
{
openIdIssuer: string ,
clientId: string ,
clientSecretSettingName: string ,
clientSecretCertificateThumbprint: string ,
clientSecretCertificateSubjectAlternativeName: string ,
clientSecretCertificateIssuer: string ,
}
,
login:
{
loginParameters:
[
string ,
]
,
disableWWWAuthenticate: boolean ,
}
,
validation:
{
jwtClaimChecks:
{
allowedGroups:
[
string ,
]
,
allowedClientApplications:
[
string ,
]
,
}
,
allowedAudiences:
[
string ,
]
,
defaultAuthorizationPolicy:
{
allowedPrincipals:
{
groups:
[
string ,
]
,
identities:
[
string ,
]
,
}
,
allowedApplications:
[
string ,
]
,
}
,
}
,
isAutoProvisioned: boolean ,
}
,
facebook:
{
enabled: boolean ,
registration:
{
appId: string ,
appSecretSettingName: string ,
}
,
graphApiVersion: string ,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
gitHub:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
google:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
validation:
{
allowedAudiences:
[
string ,
]
,
}
,
}
,
twitter:
{
enabled: boolean ,
registration:
{
consumerKey: string ,
consumerSecretSettingName: string ,
}
,
}
,
apple:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
azureStaticWebApps:
{
enabled: boolean ,
registration:
{
clientId: string ,
}
,
}
,
customOpenIdConnectProviders: object ,
}
,
login:
{
routes:
{
logoutEndpoint: string ,
}
,
tokenStore:
{
enabled: boolean ,
tokenRefreshExtensionHours: number ,
azureBlobStorage:
{
sasUrlSettingName: string ,
}
,
}
,
preserveUrlFragmentsForLogins: boolean ,
allowedExternalRedirectUrls:
[
string ,
]
,
cookieExpiration:
{
convention: enum ,
timeToExpiration: string ,
}
,
nonce:
{
validateNonce: boolean ,
nonceExpirationInterval: string ,
}
,
}
,
httpSettings:
{
requireHttps: boolean ,
routes:
{
apiPrefix: string ,
}
,
forwardProxy:
{
convention: enum ,
customHostHeaderName: string ,
customProtoHeaderName: string ,
}
,
}
,
encryptionSettings:
{
containerAppAuthEncryptionSecretName: string ,
containerAppAuthSigningSecretName: string ,
}
,
}
,
}

⚐ Response (default)

{
error:
{
code: string ,
message: string ,
target: string ,
details:
[
{
code: string ,
message: string ,
target: string ,
}
,
]
,
innererror: string ,
}
,
}
ContainerAppsAuthConfigs_CreateOrUpdate (updated)
Description Create or update the AuthConfig for a Container App.
Reference Link ¶

⚶ Changes

{
  "#id": "ContainerAppsAuthConfigs_CreateOrUpdate",
  "$parameters": {
    "authConfigEnvelope": {
      "$properties": {
        "properties": [
          {
            "identityProviders": [
              {
                "azureActiveDirectory": [
                  {
                    "registration": [
                      {
                        "#name": "openIdIssuer",
                        "Description": {
                          "new": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html",
                          "old": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html"
                        }
                      }
                    ]
                  }
                ]
              }
            ]
          }
        ]
      }
    }
  },
  "$responses": {
    "200": {
      "$properties": {
        "properties": [
          {
            "identityProviders": [
              {
                "azureActiveDirectory": [
                  {
                    "registration": [
                      {
                        "#name": "openIdIssuer",
                        "Description": {
                          "new": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html",
                          "old": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html"
                        }
                      }
                    ]
                  }
                ]
              }
            ]
          }
        ]
      }
    }
  }
}

⚼ Request

PUT:  /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.App/containerApps/{containerAppName}/authConfigs/{authConfigName}
{
subscriptionId: string ,
resourceGroupName: string ,
containerAppName: string ,
authConfigName: string ,
authConfigEnvelope:
{
properties:
{
platform:
{
enabled: boolean ,
runtimeVersion: string ,
}
,
globalValidation:
{
unauthenticatedClientAction: enum ,
redirectToProvider: string ,
excludedPaths:
[
string ,
]
,
}
,
identityProviders:
{
azureActiveDirectory:
{
enabled: boolean ,
registration:
{
openIdIssuer: string ,
clientId: string ,
clientSecretSettingName: string ,
clientSecretCertificateThumbprint: string ,
clientSecretCertificateSubjectAlternativeName: string ,
clientSecretCertificateIssuer: string ,
}
,
login:
{
loginParameters:
[
string ,
]
,
disableWWWAuthenticate: boolean ,
}
,
validation:
{
jwtClaimChecks:
{
allowedGroups:
[
string ,
]
,
allowedClientApplications:
[
string ,
]
,
}
,
allowedAudiences:
[
string ,
]
,
defaultAuthorizationPolicy:
{
allowedPrincipals:
{
groups:
[
string ,
]
,
identities:
[
string ,
]
,
}
,
allowedApplications:
[
string ,
]
,
}
,
}
,
isAutoProvisioned: boolean ,
}
,
facebook:
{
enabled: boolean ,
registration:
{
appId: string ,
appSecretSettingName: string ,
}
,
graphApiVersion: string ,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
gitHub:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
google:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
validation:
{
allowedAudiences:
[
string ,
]
,
}
,
}
,
twitter:
{
enabled: boolean ,
registration:
{
consumerKey: string ,
consumerSecretSettingName: string ,
}
,
}
,
apple:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
azureStaticWebApps:
{
enabled: boolean ,
registration:
{
clientId: string ,
}
,
}
,
customOpenIdConnectProviders: object ,
}
,
login:
{
routes:
{
logoutEndpoint: string ,
}
,
tokenStore:
{
enabled: boolean ,
tokenRefreshExtensionHours: number ,
azureBlobStorage:
{
sasUrlSettingName: string ,
}
,
}
,
preserveUrlFragmentsForLogins: boolean ,
allowedExternalRedirectUrls:
[
string ,
]
,
cookieExpiration:
{
convention: enum ,
timeToExpiration: string ,
}
,
nonce:
{
validateNonce: boolean ,
nonceExpirationInterval: string ,
}
,
}
,
httpSettings:
{
requireHttps: boolean ,
routes:
{
apiPrefix: string ,
}
,
forwardProxy:
{
convention: enum ,
customHostHeaderName: string ,
customProtoHeaderName: string ,
}
,
}
,
encryptionSettings:
{
containerAppAuthEncryptionSecretName: string ,
containerAppAuthSigningSecretName: string ,
}
,
}
,
}
,
api-version: string ,
}

⚐ Response (200)

{
properties:
{
platform:
{
enabled: boolean ,
runtimeVersion: string ,
}
,
globalValidation:
{
unauthenticatedClientAction: enum ,
redirectToProvider: string ,
excludedPaths:
[
string ,
]
,
}
,
identityProviders:
{
azureActiveDirectory:
{
enabled: boolean ,
registration:
{
openIdIssuer: string ,
clientId: string ,
clientSecretSettingName: string ,
clientSecretCertificateThumbprint: string ,
clientSecretCertificateSubjectAlternativeName: string ,
clientSecretCertificateIssuer: string ,
}
,
login:
{
loginParameters:
[
string ,
]
,
disableWWWAuthenticate: boolean ,
}
,
validation:
{
jwtClaimChecks:
{
allowedGroups:
[
string ,
]
,
allowedClientApplications:
[
string ,
]
,
}
,
allowedAudiences:
[
string ,
]
,
defaultAuthorizationPolicy:
{
allowedPrincipals:
{
groups:
[
string ,
]
,
identities:
[
string ,
]
,
}
,
allowedApplications:
[
string ,
]
,
}
,
}
,
isAutoProvisioned: boolean ,
}
,
facebook:
{
enabled: boolean ,
registration:
{
appId: string ,
appSecretSettingName: string ,
}
,
graphApiVersion: string ,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
gitHub:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
google:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
validation:
{
allowedAudiences:
[
string ,
]
,
}
,
}
,
twitter:
{
enabled: boolean ,
registration:
{
consumerKey: string ,
consumerSecretSettingName: string ,
}
,
}
,
apple:
{
enabled: boolean ,
registration:
{
clientId: string ,
clientSecretSettingName: string ,
}
,
login:
{
scopes:
[
string ,
]
,
}
,
}
,
azureStaticWebApps:
{
enabled: boolean ,
registration:
{
clientId: string ,
}
,
}
,
customOpenIdConnectProviders: object ,
}
,
login:
{
routes:
{
logoutEndpoint: string ,
}
,
tokenStore:
{
enabled: boolean ,
tokenRefreshExtensionHours: number ,
azureBlobStorage:
{
sasUrlSettingName: string ,
}
,
}
,
preserveUrlFragmentsForLogins: boolean ,
allowedExternalRedirectUrls:
[
string ,
]
,
cookieExpiration:
{
convention: enum ,
timeToExpiration: string ,
}
,
nonce:
{
validateNonce: boolean ,
nonceExpirationInterval: string ,
}
,
}
,
httpSettings:
{
requireHttps: boolean ,
routes:
{
apiPrefix: string ,
}
,
forwardProxy:
{
convention: enum ,
customHostHeaderName: string ,
customProtoHeaderName: string ,
}
,
}
,
encryptionSettings:
{
containerAppAuthEncryptionSecretName: string ,
containerAppAuthSigningSecretName: string ,
}
,
}
,
}

⚐ Response (default)

{
error:
{
code: string ,
message: string ,
target: string ,
details:
[
{
code: string ,
message: string ,
target: string ,
}
,
]
,
innererror: string ,
}
,
}