Applies to: Exchange Server 2013
Topic Last Modified: 2012-12-11
Use the New-AuthServer cmdlet to create an authorization server object in Microsoft Exchange Server 2013 and specify its AuthMetadataUrl. Exchange 2013 honors tokens issued by the authorization server for access by a partner application.
For information about the parameter sets in the Syntax section below, see Syntax.
Syntax
New-AuthServer -IssuerIdentifier <String>
-TokenIssuingEndpoint <String> -Type <Unknown |
MicrosoftACS | Facebook | LinkedIn> [-ApplicationIdentifier
<String>] [-AppSecret <String>] [-AuthorizationEndpoint
<String>] <COMMON PARAMETERS>
|
New-AuthServer -AuthMetadataUrl <String>
[-TrustAnySSLCertificate <SwitchParameter>] <COMMON
PARAMETERS>
|
COMMON PARAMETERS: -Name <String> [-Confirm
[<SwitchParameter>]] [-DomainController <Fqdn>]
[-Enabled <$true | $false>] [-WhatIf
[<SwitchParameter>]]
|
Examples
EXAMPLE 1
This command creates an authorization server.
 Copy Code |
|
|---|---|
New-AuthServer HRAppAuth -AuthMetadataUrl http://hrappauth.contoso.com/metadata/json/1 |
|
Detailed Description
In Exchange 2013, partner applications authorized by Exchange can access their resources after they're authenticated using server-to-server authentication. A partner application can authenticate by using self-issued tokens trusted by Exchange or by using an authorization server trusted by Exchange.
The New-AuthServer cmdlet creates a trusted authorization server object in Exchange 2013, which allows it to trust tokens issued by the authorization server.
You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Partner applications - configure" entry in the Sharing and Collaboration Permissions topic.
Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
|
AuthMetadataUrl |
Required |
System.String |
The AuthMetadataUrl parameter specifies the URL for the Microsoft Office 365 authorization server for your cloud-based organization. For details, see the Office 365 documentation. |
|
IssuerIdentifier |
Required |
System.String |
This parameter is reserved for internal Microsoft use. |
|
Name |
Required |
System.String |
The Name parameter specifies a name for the authorization server. |
|
TokenIssuingEndpoint |
Required |
System.String |
This parameter is reserved for internal Microsoft use. |
|
Type |
Required |
Microsoft.Exchange.Data.Directory.SystemConfiguration.AuthServerType |
This parameter is reserved for internal Microsoft use. |
|
ApplicationIdentifier |
Optional |
System.String |
This parameter is reserved for internal Microsoft use. |
|
AppSecret |
Optional |
System.String |
This parameter is reserved for internal Microsoft use. |
|
AuthorizationEndpoint |
Optional |
System.String |
This parameter is reserved for internal Microsoft use. |
|
Confirm |
Optional |
System.Management.Automation.SwitchParameter |
The Confirm switch can be used to suppress the
confirmation prompt that appears by default when this cmdlet is
run. To suppress the confirmation prompt, use the syntax
|
|
DomainController |
Optional |
Microsoft.Exchange.Data.Fqdn |
The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory. |
|
Enabled |
Optional |
System.Boolean |
The Enabled parameter specifies whether the authorization
server is enabled. Set the parameter to |
|
TrustAnySSLCertificate |
Optional |
System.Management.Automation.SwitchParameter |
This parameter is reserved for internal Microsoft use. |
|
WhatIf |
Optional |
System.Management.Automation.SwitchParameter |
The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch. |
Input Types
To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.
Return Types
To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.