Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal
Opens admin consent page in browser for Agent Identity Blueprint Principal to inherit permissions.
Syntax
Default (Default)
Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal
[-AgentBlueprintId <String>]
[-Scopes <String[]>]
[-RedirectUri <String>]
[-State <String>]
[<CommonParameters>]
Description
The Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal cmdlet launches the system browser with the admin consent URL for the Agent Identity Blueprint Principal. This allows the administrator to grant permissions that the blueprint can inherit and use. Uses the stored AgentBlueprintId from the last New-AgentIdentityBlueprint call.
Examples
Example 1: Open admin consent page using stored blueprint ID
Connect-Entra -Scopes 'AgentIdentityBlueprint.ReadWrite.All'
New-EntraBetaAgentIdentityBlueprint -DisplayName "My Blueprint" -SponsorUserIds @("user1@contoso.com")
Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal
This example opens the admin consent page in the browser for the Agent Identity Blueprint that was just created. The cmdlet will prompt for permission scopes if not provided.
Example 2: Open admin consent page with specific scopes
Connect-Entra -Scopes 'AgentIdentityBlueprint.ReadWrite.All'
Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal -Scopes @("user.read", "mail.read", "calendars.read")
This example opens the admin consent page with specific permission scopes (user.read, mail.read, calendars.read).
Example 3: Open admin consent page with specific blueprint ID and scopes
Connect-Entra -Scopes 'AgentIdentityBlueprint.ReadWrite.All'
Add-EntraBetaPermissionsToInheritToAgentIdentityBlueprintPrincipal -AgentBlueprintId "7c0c1226-1e81-41a5-ad6c-532c95504443" -Scopes @("user.read")
This example opens the admin consent page for a specific Agent Identity Blueprint by providing the blueprint ID and requested scopes.
Parameters
-AgentBlueprintId
The Application ID (AppId) of the Agent Identity Blueprint to grant consent for. If not provided, uses the stored ID from the last blueprint creation.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RedirectUri
The redirect URI after consent. Defaults to "https://entra.microsoft.com/TokenAuthorize".
Parameter properties
| Type: | System.String |
| Default value: | https://entra.microsoft.com/TokenAuthorize |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Scopes
The permission scopes to request consent for. If not provided, will prompt for input or use previously configured inheritable scopes.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-State
State parameter for the consent request. Defaults to a random value.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
Outputs
System.Object
Returns an object with the consent URL and parameters used.
Notes
This cmdlet opens the default system browser to the admin consent page. An administrator must complete the consent process in the browser.