en-US/AzAuth.PS.dll-Help.xml
|
<?xml version="1.0" encoding="utf-8"?> <helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Clear-AzTokenCache</command:name> <command:verb>Clear</command:verb> <command:noun>AzTokenCache</command:noun> <maml:description> <maml:para>Clear all tokens from a specified token cache.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Clear all tokens from a specified token cache. By default, this command uses MSAL's safe token removal methods to clear account data while preserving the cache file structure.</maml:para> <maml:para>When the -Force parameter is specified, the command will delete the entire cache directory and all its files. This is more thorough but may cause issues with other applications that are using the same cache.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Clear-AzTokenCache</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Deletes the entire cache directory and all its files instead of just clearing tokens. This is more thorough but may cause issues with other applications using the same cache.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>RootPath</maml:name> <maml:description> <maml:para>Optional parameter to override the default cache directory path (at your own risk). By default, it uses the standard MSAL cache directory (`~/.IdentityService` on Linux and MacOS systems, or `%USERPROFILE%\.IdentityService` on Windows).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Name"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to clear.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Deletes the entire cache directory and all its files instead of just clearing tokens. This is more thorough but may cause issues with other applications using the same cache.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>RootPath</maml:name> <maml:description> <maml:para>Optional parameter to override the default cache directory path (at your own risk). By default, it uses the standard MSAL cache directory (`~/.IdentityService` on Linux and MacOS systems, or `%USERPROFILE%\.IdentityService` on Windows).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Name"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to clear.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Clear-AzTokenCache -TokenCache 'MyCache'</dev:code> <dev:remarks> <maml:para>Clears all tokens from the cache named "MyCache" using MSAL's safe removal methods. The cache directory and structure remain intact.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Clear-AzTokenCache -TokenCache 'MyCache' -Force</dev:code> <dev:remarks> <maml:para>Deletes the entire cache directory and all files for the cache named "MyCache", instead of only clearing tokens within. Use with caution as this may affect other applications.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks /> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-AzToken</command:name> <command:verb>Get</command:verb> <command:noun>AzToken</command:noun> <maml:description> <maml:para>Gets a new Azure access token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Gets a new Azure access token.</maml:para> <maml:para>The token can be retrieved from an existing named cache, interactively from a browser, or non-interactively with specific token sources. If the command is used non-interactively, an attempt will be made to get a token using the following sources in order:</maml:para> <maml:para>- Saved interactive credential if the command was used interactively in the same session (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.interactivebrowsercredential)</maml:para> <maml:para>- Environment variables (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.environmentcredential)</maml:para> <maml:para>- Azure PowerShell (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.azurepowershellcredential)</maml:para> <maml:para>- Azure CLI (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.azureclicredential)</maml:para> <maml:para>- Visual Studio Code (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.visualstudiocodecredential)</maml:para> <maml:para>- Visual Studio (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.visualstudiocredential)</maml:para> <maml:para>- Shared token cache (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.sharedtokencachecredential)</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Broker</maml:name> <maml:description> <maml:para>Get a token using the Web Account Manager (WAM) broker authentication flow for Windows devices.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificate</maml:name> <maml:description> <maml:para>The certificate to be used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue> <dev:type> <maml:name>X509Certificate2</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificatePath</maml:name> <maml:description> <maml:para>The path to a file containing both the certificate and private key, used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>CredentialPrecedence</maml:name> <maml:description> <maml:para>The order of precedence for the credentials to be used for getting a token non-interactively.</maml:para> </maml:description> <command:parameterValueGroup> <command:parameterValue required="false" command:variableLength="false">ManagedIdentity</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">Environment</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">AzurePowerShell</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">AzureCLI</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">VisualStudio</command:parameterValue> <command:parameterValue required="false" command:variableLength="false">SharedTokenCache</command:parameterValue> </command:parameterValueGroup> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Username</maml:name> <maml:description> <maml:para>The username to get the token for in the named cache.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Interactive</maml:name> <maml:description> <maml:para>Get a token using an interactive browser.</maml:para> <maml:para>The authentication record will be saved during the session and used as the first option for a token if the command is used again but non-interactively.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DeviceCode</maml:name> <maml:description> <maml:para>Get a token using a device code login interactively, for example on a different device.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedIdentity</maml:name> <maml:description> <maml:para>Get a token using a managed identity assigned to the environment, such as Azure VMs, App Service or Azure Functions applications.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ExternalToken</maml:name> <maml:description> <maml:para>The external token used for the federated credential of the workload identity, used together with parameter -WorkloadIdentity for the client assertion flow. For more details, see blog post in related links of this command.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>WorkloadIdentity</maml:name> <maml:description> <maml:para>Get a token using a federated credential, or "workload identity federation". For an example of how to use this in a pipeline, see related links of this command.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-AzToken</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientSecret</maml:name> <maml:description> <maml:para>The client secret to use for getting a token with the client credentials flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Broker</maml:name> <maml:description> <maml:para>Get a token using the Web Account Manager (WAM) broker authentication flow for Windows devices.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Claim</maml:name> <maml:description> <maml:para>Additional claims to be included in the token.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificate</maml:name> <maml:description> <maml:para>The certificate to be used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue> <dev:type> <maml:name>X509Certificate2</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientCertificatePath</maml:name> <maml:description> <maml:para>The path to a file containing both the certificate and private key, used for getting a token with the client certificate flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para>The client id of the application used to authenticate the user or identity. If not specified the user will be authenticated with an Azure development application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ClientSecret</maml:name> <maml:description> <maml:para>The client secret to use for getting a token with the client credentials flow.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>CredentialPrecedence</maml:name> <maml:description> <maml:para>The order of precedence for the credentials to be used for getting a token non-interactively.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DeviceCode</maml:name> <maml:description> <maml:para>Get a token using a device code login interactively, for example on a different device.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ExternalToken</maml:name> <maml:description> <maml:para>The external token used for the federated credential of the workload identity, used together with parameter -WorkloadIdentity for the client assertion flow. For more details, see blog post in related links of this command.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para>Disregard any previous authentication made in this session.</maml:para> <maml:para>This may be required when combining interactive and non-interactive authentication towards different tenants.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Interactive</maml:name> <maml:description> <maml:para>Get a token using an interactive browser.</maml:para> <maml:para>The authentication record will be saved during the session and used as the first option for a token if the command is used again but non-interactively.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedIdentity</maml:name> <maml:description> <maml:para>Get a token using a managed identity assigned to the environment, such as Azure VMs, App Service or Azure Functions applications.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="ResourceId, ResourceUrl"> <maml:name>Resource</maml:name> <maml:description> <maml:para>The resource for the token, such as Microsoft Graph or Azure Key Vault. This can be provided either as a URI or as an id.</maml:para> <maml:para>If not specified, the resource will be set to `https://graph.microsoft.com`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>https://graph.microsoft.com</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>Scope</maml:name> <maml:description> <maml:para>One or several scopes for the token, in the context of the provided resource.</maml:para> <maml:para>If not specified, the scope will be set to `.default`.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String[]</command:parameterValue> <dev:type> <maml:name>String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>.default</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="TenantId"> <maml:name>Tenant</maml:name> <maml:description> <maml:para>The id or name of the tenant that the token should be valid for.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TimeoutSeconds</maml:name> <maml:description> <maml:para>The number of seconds to wait until the login times out.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">Int32</command:parameterValue> <dev:type> <maml:name>Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>120</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to get the token from, or to store the interactively retrieved token in.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Username</maml:name> <maml:description> <maml:para>The username to get the token for in the named cache.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>WorkloadIdentity</maml:name> <maml:description> <maml:para>Get a token using a federated credential, or "workload identity federation". For an example of how to use this in a pipeline, see related links of this command.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token non-interactively for the `.default` scope of Microsoft Graph.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Resource 'https://graph.microsoft.com/' -Scope 'User.Read','LearningContent.Read.All' -ClientId 'a4d5d049-a35c-49a1-ad6e-0a3a94138d32' -Interactive</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively for Microsoft Graph with the scopes `User.Read` and `LearningContent.Read.All`, also specifying a client id.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 3 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Interactive -TokenCache 'AzAuthCache'</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively and stores the token in a new (or existing) token cache named "AzAuthCache".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 4 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -TokenCache 'AzAuthCache'</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token interactively from an existing token cache named "AzAuthCache".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 5 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -Scope 'Directory.Read.All' -ClientId $ClientId -ManagedIdentity</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a managed identity, valid for Microsoft Graph with the scope `Directory.Read.All`, also specifying a client id.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 6 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientId $ClientId -ClientSecret $ClientSecret -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client credentials flow by specifying a client secret, valid for the default Microsoft Graph scope, also specifying the tenant as a mandatory parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 7 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientCertificate (Get-Item "Cert:\CurrentUser\My\$Thumbprint") -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client certificate flow by getting and providing an installed certificate from the user certificate store.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 8 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -ClientCertificatePath ".\certAndPrivateKey.pem" -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the client certificate flow by specifying a path to a file containing both the certificate and the private key.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 9 --------------------------</maml:title> <dev:code>PS C:\> Get-AzToken -WorkloadIdentity -ExternalToken $OidcToken -ClientId $ClientId -TenantId $TenantId</dev:code> <dev:remarks> <maml:para>Gets a new Azure access token for a client using the workload identity federation pattern by specifying a valid id token. For more details, see blog post in related links of this command.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Blog Post "OAuth 2.0 Fundamentals for Azure APIs"</maml:linkText> <maml:uri>https://pipe.how/connect-azure/</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Blog Post "Azure Workload Identity Federation"</maml:linkText> <maml:uri>https://pipe.how/get-oidctoken/</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-AzTokenCache</command:name> <command:verb>Get</command:verb> <command:noun>AzTokenCache</command:noun> <maml:description> <maml:para>Lists all available token caches in the default cache directory.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The Get-AzTokenCache command discovers and lists all token caches stored in a cache directory. This includes caches created by interactive authentication, device code flows, and other cache types managed by the AzAuth module.</maml:para> <maml:para>The command scans the cache directory (by default `~/.IdentityService` on Unix-like systems or `%USERPROFILE%\.IdentityService` on Windows) and provides information about each cache:</maml:para> <maml:para>- Cache name and path to the cache directory</maml:para> <maml:para>- Creation and modification dates</maml:para> <maml:para>- Number of accounts found including usernames (if -IncludeAccounts is specified)</maml:para> <maml:para></maml:para> <maml:para>Using the parameter -IncludeAccounts may prompt for access permissions to read account information from secure storage.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-AzTokenCache</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IncludeAccounts</maml:name> <maml:description> <maml:para>When specified, includes account information such as account count and usernames stored in each cache. This may prompt for access credentials depending on the platform.</maml:para> </maml:description> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>RootPath</maml:name> <maml:description> <maml:para>Optional parameter to override the default cache directory path (at your own risk). By default, it uses the standard MSAL cache directory (`~/.IdentityService` on Linux and MacOS systems, or `%USERPROFILE%\.IdentityService` on Windows).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Name"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to find. If not specified, all caches found in the RootPath will be listed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IncludeAccounts</maml:name> <maml:description> <maml:para>When specified, includes account information such as account count and usernames stored in each cache. This may prompt for access credentials depending on the platform.</maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>RootPath</maml:name> <maml:description> <maml:para>Optional parameter to override the default cache directory path (at your own risk). By default, it uses the standard MSAL cache directory (`~/.IdentityService` on Linux and MacOS systems, or `%USERPROFILE%\.IdentityService` on Windows).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Name"> <maml:name>TokenCache</maml:name> <maml:description> <maml:para>The name of the token cache to find. If not specified, all caches found in the RootPath will be listed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>TokenCacheInfo[]</maml:name> </dev:type> <maml:description> <maml:para>Returns an array of TokenCacheInfo objects containing information about each discovered cache.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para>- The command only discovers caches in the default MSAL cache directory</maml:para> <maml:para>- Some cache information may not be available if the cache files are corrupted or inaccessible</maml:para> <maml:para>- Account information is retrieved by attempting to initialize each cache, which may not succeed for all cache types</maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------------------- Example 1 --------------------------</maml:title> <dev:code>PS C:\> Get-AzTokenCache</dev:code> <dev:remarks> <maml:para>Lists all available token caches with complete details including file information, but without account data.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 2 --------------------------</maml:title> <dev:code>PS C:\> Get-AzTokenCache -IncludeAccounts</dev:code> <dev:remarks> <maml:para>Lists all available token caches including account information. May prompt for access credentials to secure storage depending on the platform.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------------- Example 3 --------------------------</maml:title> <dev:code>PS C:\> Get-AzTokenCache -RootPath "C:\CustomRootCachePath"</dev:code> <dev:remarks> <maml:para>Lists all available token caches in a custom directory, overriding the default cache directory.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-AzToken</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Clear-AzTokenCache</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |