1. Docs
  2. Reference
  3. API
  4. Azure AD
  5. GetApplication

GetApplication

Use this data source to access information about an existing Application within Azure Active Directory.

NOTE: If you’re authenticating using a Service Principal then it must have permissions to both Read and write all (or owned by) applications and Sign in and read user profile within the Windows Azure Active Directory API.

Example Usage

using Pulumi;
using AzureAD = Pulumi.AzureAD;

class MyStack : Stack
{
    public MyStack()
    {
        var example = Output.Create(AzureAD.GetApplication.InvokeAsync(new AzureAD.GetApplicationArgs
        {
            Name = "My First AzureAD Application",
        }));
        this.AzureAdObjectId = example.Apply(example => example.Id);
    }

    [Output("azureAdObjectId")]
    public Output<string> AzureAdObjectId { get; set; }
}

Coming soon!

import pulumi
import pulumi_azuread as azuread

example = azuread.get_application(name="My First AzureAD Application")
pulumi.export("azureAdObjectId", example.id)
import * as pulumi from "@pulumi/pulumi";
import * as azuread from "@pulumi/azuread";

const example = pulumi.output(azuread.getApplication({
    name: "My First AzureAD Application",
}, { async: true }));

export const azureAdObjectId = example.id;

Using GetApplication

function getApplication(args: GetApplicationArgs, opts?: InvokeOptions): Promise<GetApplicationResult>
function  get_application(name=None, oauth2_permissions=None, object_id=None, optional_claims=None, opts=None)
func LookupApplication(ctx *Context, args *LookupApplicationArgs, opts ...InvokeOption) (*LookupApplicationResult, error)

Note: This function is named LookupApplication in the Go SDK.

public static class GetApplication {
    public static Task<GetApplicationResult> InvokeAsync(GetApplicationArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Name string

Specifies the name of the Application within Azure Active Directory.

Oauth2Permissions List<Pulumi.AzureAD.Inputs.GetApplicationOauth2PermissionArgs>

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

ObjectId string

Specifies the Object ID of the Application within Azure Active Directory.

OptionalClaims Pulumi.AzureAD.Inputs.GetApplicationOptionalClaimsArgs

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

Name string

Specifies the name of the Application within Azure Active Directory.

Oauth2Permissions []GetApplicationOauth2Permission

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

ObjectId string

Specifies the Object ID of the Application within Azure Active Directory.

OptionalClaims GetApplicationOptionalClaims

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

name string

Specifies the name of the Application within Azure Active Directory.

oauth2Permissions GetApplicationOauth2Permission[]

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

objectId string

Specifies the Object ID of the Application within Azure Active Directory.

optionalClaims GetApplicationOptionalClaims

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

name str

Specifies the name of the Application within Azure Active Directory.

oauth2_permissions List[GetApplicationOauth2Permission]

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

object_id str

Specifies the Object ID of the Application within Azure Active Directory.

optional_claims Dict[GetApplicationOptionalClaims]

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

GetApplication Result

The following output properties are available:

AppRoles List<Pulumi.AzureAD.Outputs.GetApplicationAppRole>

A collection of app_role blocks as documented below. For more information https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles

ApplicationId string

the Application ID of the Azure Active Directory Application.

AvailableToOtherTenants bool

Is this Azure AD Application available to other tenants?

GroupMembershipClaims string

The groups claim issued in a user or OAuth 2.0 access token that the app expects.

Homepage string
Id string

The provider-assigned unique ID for this managed resource.

IdentifierUris List<string>

A list of user-defined URI(s) that uniquely identify a Web application within it’s Azure AD tenant, or within a verified custom domain if the application is multi-tenant.

LogoutUrl string

The URL of the logout page.

Name string

The name of the optional claim.

Oauth2AllowImplicitFlow bool

Does this Azure AD Application allow OAuth2.0 implicit flow tokens?

Oauth2Permissions List<Pulumi.AzureAD.Outputs.GetApplicationOauth2Permission>

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

ObjectId string

the Object ID of the Azure Active Directory Application.

Owners List<string>

A list of User Object IDs that are assigned ownership of the application registration.

ReplyUrls List<string>

A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.

RequiredResourceAccesses List<Pulumi.AzureAD.Outputs.GetApplicationRequiredResourceAccess>

A collection of required_resource_access blocks as documented below.

Type string

The type of the permission

OptionalClaims Pulumi.AzureAD.Outputs.GetApplicationOptionalClaims

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

AppRoles []GetApplicationAppRole

A collection of app_role blocks as documented below. For more information https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles

ApplicationId string

the Application ID of the Azure Active Directory Application.

AvailableToOtherTenants bool

Is this Azure AD Application available to other tenants?

GroupMembershipClaims string

The groups claim issued in a user or OAuth 2.0 access token that the app expects.

Homepage string
Id string

The provider-assigned unique ID for this managed resource.

IdentifierUris []string

A list of user-defined URI(s) that uniquely identify a Web application within it’s Azure AD tenant, or within a verified custom domain if the application is multi-tenant.

LogoutUrl string

The URL of the logout page.

Name string

The name of the optional claim.

Oauth2AllowImplicitFlow bool

Does this Azure AD Application allow OAuth2.0 implicit flow tokens?

Oauth2Permissions []GetApplicationOauth2Permission

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

ObjectId string

the Object ID of the Azure Active Directory Application.

Owners []string

A list of User Object IDs that are assigned ownership of the application registration.

ReplyUrls []string

A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.

RequiredResourceAccesses []GetApplicationRequiredResourceAccess

A collection of required_resource_access blocks as documented below.

Type string

The type of the permission

OptionalClaims GetApplicationOptionalClaims

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

appRoles GetApplicationAppRole[]

A collection of app_role blocks as documented below. For more information https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles

applicationId string

the Application ID of the Azure Active Directory Application.

availableToOtherTenants boolean

Is this Azure AD Application available to other tenants?

groupMembershipClaims string

The groups claim issued in a user or OAuth 2.0 access token that the app expects.

homepage string
id string

The provider-assigned unique ID for this managed resource.

identifierUris string[]

A list of user-defined URI(s) that uniquely identify a Web application within it’s Azure AD tenant, or within a verified custom domain if the application is multi-tenant.

logoutUrl string

The URL of the logout page.

name string

The name of the optional claim.

oauth2AllowImplicitFlow boolean

Does this Azure AD Application allow OAuth2.0 implicit flow tokens?

oauth2Permissions GetApplicationOauth2Permission[]

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

objectId string

the Object ID of the Azure Active Directory Application.

owners string[]

A list of User Object IDs that are assigned ownership of the application registration.

replyUrls string[]

A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.

requiredResourceAccesses GetApplicationRequiredResourceAccess[]

A collection of required_resource_access blocks as documented below.

type string

The type of the permission

optionalClaims GetApplicationOptionalClaims

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

app_roles List[GetApplicationAppRole]

A collection of app_role blocks as documented below. For more information https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles

application_id str

the Application ID of the Azure Active Directory Application.

available_to_other_tenants bool

Is this Azure AD Application available to other tenants?

group_membership_claims str

The groups claim issued in a user or OAuth 2.0 access token that the app expects.

homepage str
id str

The provider-assigned unique ID for this managed resource.

identifier_uris List[str]

A list of user-defined URI(s) that uniquely identify a Web application within it’s Azure AD tenant, or within a verified custom domain if the application is multi-tenant.

logout_url str

The URL of the logout page.

name str

The name of the optional claim.

oauth2_allow_implicit_flow bool

Does this Azure AD Application allow OAuth2.0 implicit flow tokens?

oauth2_permissions List[GetApplicationOauth2Permission]

A collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. Each permission is covered by a oauth2_permission block as documented below.

object_id str

the Object ID of the Azure Active Directory Application.

owners List[str]

A list of User Object IDs that are assigned ownership of the application registration.

reply_urls List[str]

A list of URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.

required_resource_accesses List[GetApplicationRequiredResourceAccess]

A collection of required_resource_access blocks as documented below.

type str

The type of the permission

optional_claims Dict[GetApplicationOptionalClaims]

A collection of access_token or id_token blocks as documented below which list the optional claims configured for each token type. For more information see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims

Supporting Types

GetApplicationAppRole

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

AllowedMemberTypes List<string>

Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are: User and Application, or both.

Description string

Permission help text that appears in the admin app assignment and consent experiences.

DisplayName string

Display name for the permission that appears in the admin consent and app assignment experiences.

Id string

The unique identifier of the app_role.

IsEnabled bool

Determines if the app role is enabled.

Value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

AllowedMemberTypes []string

Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are: User and Application, or both.

Description string

Permission help text that appears in the admin app assignment and consent experiences.

DisplayName string

Display name for the permission that appears in the admin consent and app assignment experiences.

Id string

The unique identifier of the app_role.

IsEnabled bool

Determines if the app role is enabled.

Value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

allowedMemberTypes string[]

Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are: User and Application, or both.

description string

Permission help text that appears in the admin app assignment and consent experiences.

displayName string

Display name for the permission that appears in the admin consent and app assignment experiences.

id string

The unique identifier of the app_role.

isEnabled boolean

Determines if the app role is enabled.

value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

allowedMemberTypes List[str]

Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in daemon service scenarios). Possible values are: User and Application, or both.

description str

Permission help text that appears in the admin app assignment and consent experiences.

display_name str

Display name for the permission that appears in the admin consent and app assignment experiences.

id str

The unique identifier of the app_role.

isEnabled bool

Determines if the app role is enabled.

value str

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

GetApplicationOauth2Permission

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

AdminConsentDescription string

The description of the admin consent

AdminConsentDisplayName string

The display name of the admin consent

Id string

The unique identifier of the app_role.

IsEnabled bool

Determines if the app role is enabled.

Type string

The type of the permission

UserConsentDescription string

The description of the user consent

UserConsentDisplayName string

The display name of the user consent

Value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

AdminConsentDescription string

The description of the admin consent

AdminConsentDisplayName string

The display name of the admin consent

Id string

The unique identifier of the app_role.

IsEnabled bool

Determines if the app role is enabled.

Type string

The type of the permission

UserConsentDescription string

The description of the user consent

UserConsentDisplayName string

The display name of the user consent

Value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

adminConsentDescription string

The description of the admin consent

adminConsentDisplayName string

The display name of the admin consent

id string

The unique identifier of the app_role.

isEnabled boolean

Determines if the app role is enabled.

type string

The type of the permission

userConsentDescription string

The description of the user consent

userConsentDisplayName string

The display name of the user consent

value string

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

adminConsentDescription str

The description of the admin consent

adminConsentDisplayName str

The display name of the admin consent

id str

The unique identifier of the app_role.

isEnabled bool

Determines if the app role is enabled.

type str

The type of the permission

userConsentDescription str

The description of the user consent

userConsentDisplayName str

The display name of the user consent

value str

Specifies the value of the roles claim that the application should expect in the authentication and access tokens.

GetApplicationOptionalClaims

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

AccessTokens List<Pulumi.AzureAD.Inputs.GetApplicationOptionalClaimsAccessTokenArgs>
IdTokens List<Pulumi.AzureAD.Inputs.GetApplicationOptionalClaimsIdTokenArgs>
AccessTokens []GetApplicationOptionalClaimsAccessToken
IdTokens []GetApplicationOptionalClaimsIdToken
accessTokens GetApplicationOptionalClaimsAccessToken[]
idTokens GetApplicationOptionalClaimsIdToken[]
accessTokens List[GetApplicationOptionalClaimsAccessToken]
idTokens List[GetApplicationOptionalClaimsIdToken]

GetApplicationOptionalClaimsAccessToken

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Name string

Specifies the name of the Application within Azure Active Directory.

AdditionalProperties List<string>

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

Essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

Source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

Name string

Specifies the name of the Application within Azure Active Directory.

AdditionalProperties []string

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

Essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

Source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

name string

Specifies the name of the Application within Azure Active Directory.

additionalProperties string[]

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

essential boolean

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

name str

Specifies the name of the Application within Azure Active Directory.

additionalProperties List[str]

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

source str

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

GetApplicationOptionalClaimsIdToken

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Name string

Specifies the name of the Application within Azure Active Directory.

AdditionalProperties List<string>

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

Essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

Source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

Name string

Specifies the name of the Application within Azure Active Directory.

AdditionalProperties []string

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

Essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

Source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

name string

Specifies the name of the Application within Azure Active Directory.

additionalProperties string[]

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

essential boolean

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

source string

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

name str

Specifies the name of the Application within Azure Active Directory.

additionalProperties List[str]

List of Additional Properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim.

essential bool

Whether the claim specified by the client is necessary to ensure a smooth authorization experience.

source str

The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object.

GetApplicationRequiredResourceAccess

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

ResourceAccesses List<Pulumi.AzureAD.Inputs.GetApplicationRequiredResourceAccessResourceAccessArgs>

A collection of resource_access blocks as documented below

ResourceAppId string

The unique identifier for the resource that the application requires access to.

ResourceAccesses []GetApplicationRequiredResourceAccessResourceAccess

A collection of resource_access blocks as documented below

ResourceAppId string

The unique identifier for the resource that the application requires access to.

resourceAccesses GetApplicationRequiredResourceAccessResourceAccess[]

A collection of resource_access blocks as documented below

resourceAppId string

The unique identifier for the resource that the application requires access to.

resourceAccesses List[GetApplicationRequiredResourceAccessResourceAccess]

A collection of resource_access blocks as documented below

resourceAppId str

The unique identifier for the resource that the application requires access to.

GetApplicationRequiredResourceAccessResourceAccess

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

Id string

The unique identifier of the app_role.

Type string

The type of the permission

Id string

The unique identifier of the app_role.

Type string

The type of the permission

id string

The unique identifier of the app_role.

type string

The type of the permission

id str

The unique identifier of the app_role.

type str

The type of the permission

Package Details

Repository
https://github.com/pulumi/pulumi-azuread
License
Apache-2.0
Notes
This Pulumi package is based on the azuread Terraform Provider.