Public/generated/Get-KriticalUtcmAADDomainFederation.ps1
|
# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit # (c) 2026 Kritical Pty Ltd | https://kritical.net # Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner. function Get-KriticalUtcmAADDomainFederation { <# .SYNOPSIS Kritical.UTCM shim for M365DSC resource AADDomainFederation. .DESCRIPTION Search-replace safe: callers that today invoke Get-M365DSCAADDomainFederation -Credential $cred -TenantId $tid can rename to Get-KriticalUtcmAADDomainFederation -Credential $cred -TenantId $tid with ZERO other edits. Parameter shape matches the M365DSC .schema.mof exactly. By default -PreferM365DscBehavior is true. Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge. Bridge maps resource → Graph endpoint per per-resource wave; where mapping is not yet shipped, bridge returns an object with Verdict='UNMAPPED'. .NOTES Workload: Entra Param count: 24 #> [CmdletBinding()] param( # The domain ID for which the federation configuration is being managed. [Parameter(Mandatory)] [string]$DomainId, # The unique identifier of the federation configuration. [string]$Id, # The display name of the federation configuration. [string]$DisplayName, # Issuer URI of the federation server. [string]$IssuerUri, # URI of the metadata exchange endpoint used for authentication. [string]$MetadataExchangeUri, # Current certificate used to sign tokens passed to the Microsoft identity platform. The certificate is formatted as a Base64 encoded string of the public portion of the federated IdP's token signing certificate. [string]$SigningCertificate, # Next signing certificate that can be used to sign tokens passed to the Microsoft identity platform. The certificate is formatted as a Base64 encoded string of the public portion of the federated IdP's token signing certificate. [string]$NextSigningCertificate, # URI that web-based clients are directed to when signing in to Microsoft Entra services. [string]$PassiveSignInUri, # URI that active clients are directed to when signing in to Microsoft Entra services. [string]$ActiveSignInUri, # URI to which clients are redirected when signing out of Microsoft Entra services. [string]$SignOutUri, # Preferred authentication protocol. Supported values are wsFed and saml. [string]$PreferredAuthenticationProtocol, # Prompt login behavior of the federated IdP. [string]$PromptLoginBehavior, # Determines whether Microsoft Entra ID accepts the MFA performed by the federated IdP. Supported values are acceptIfMfaDoneByFederatedIdp, enforceMfaByFederatedIdp, rejectMfaByFederatedIdp. [string]$FederatedIdpMfaBehavior, # URI that clients are redirected to for resetting their password. [string]$PasswordResetUri, # Specifies whether the federation requires signed authentication requests. [bool]$IsSignedAuthenticationRequestRequired, # Present ensures the instance exists, absent ensures it is removed. [ValidateSet('Absent','Present')] [string]$Ensure, # Credentials of the workload's Admin [string]$Credential, # Id of the Azure Active Directory application to authenticate with. [string]$ApplicationId, # Id of the Azure Active Directory tenant used for authentication. [string]$TenantId, # Secret of the Azure Active Directory application to authenticate with. [string]$ApplicationSecret, # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. [string]$CertificateThumbprint, # Username can be made up to anything but password will be used for CertificatePassword [string]$CertificatePassword, # Path to certificate used in service principal usually a PFX file. [string]$CertificatePath, # Managed ID being used for authentication. [bool]$ManagedIdentity ) Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'AADDomainFederation' -Workload 'Entra' -Verb 'Get' -CallerParams $PSBoundParameters } |