Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-EntraBetaPolicy
Creates a policy.
Syntax
Default (Default)
New-EntraBetaPolicy
-Definition <System.Collections.Generic.List`1[System.String]>
-DisplayName <String>
-Type <String>
[-IsOrganizationDefault <Boolean>]
[<CommonParameters>]
Description
The New-EntraBetaPolicy cmdlet creates a policy in Microsoft Entra ID. Specify DisplayName, Definition and Type parameters for create a new policy.
Examples
Example 1: Create a new policy
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$definition = @('{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')
New-EntraBetaPolicy -Definition $definition -DisplayName 'NewPolicy' -Type 'HomeRealmDiscoveryPolicy'
Definition DeletedDateTime Description DisplayName Id IsOrganizationD
efault
---------- --------------- ----------- ----------- -- ---------------
{{"HomeReayPolicy":{"AlternateLoginIDLookup":true, "IncluderIds":["UserID"]}}} NewPolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False
This command creates a new policy in Microsoft Entra ID.
-DefinitionParameter specifies an array of JSON that contains all the rules of the policy.-TypeParameter specifies the type of policy.
Example 2: Create a ClaimsMappingPolicy policy by 'IsOrganizationDefault' parameter
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$definition = @('{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLClaimType\":\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\",\"JwtClaimType\":\"upn\"},{\"Source\":\"user\",\"ID\":\"displayName\",\"SAMLClaimType\":\"http://schemas.microsoft.com/identity/claims/displayname\",\"JwtClaimType\":\"name\"}]}}" ], "displayName": "Custom Claims Issuance Policy", "isOrganizationDefault": false }')
New-EntraBetaPolicy -Definition $definition -DisplayName 'ClaimstestPolicy' -Type 'claimsMappingPolicies' -IsOrganizationDefault $false
Definition
----------
{{ "definition": [ "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"true\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userPrincipalName\",\"SAMLCl…
This command creates a ClaimsMappingPolicy using 'IsOrganizationDefault' parameter in Microsoft Entra ID.
-DefinitionParameter specifies an array of JSON that contains all the rules of the policy.-Type- Parameter specifies the type of policy. In this example,ClaimsMappingPolicyrepresents the type of policy.-IsOrganizationDefaultIf true, activates this policy. Only one policy of the same type can be the organization default. Optional, default is false.
Example 3: Create a TokenLifetimePolicy
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$definition = @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}')
New-EntraBetaPolicy -Definition $definition -DisplayName 'TokenLifetimePolicy' -Type 'TokenLifetimePolicy' -IsOrganizationDefault $false
Definition DeletedDateTime Description DisplayName Id IsOrganizatio
nDefault
---------- --------------- ----------- ----------- -- -------------
{{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"8:00:00"}}} TokenLifetimePolicy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb False
This command creates a TokenLifetimePolicy in Microsoft Entra ID.
-DefinitionParameter specifies an array of JSON that contains all the rules of the policy.-TypeParameter specifies the type of policy.
Example 4: Create a TokenIssuancePolicy
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$definition = @('{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly","EmitSAMLNameFormat":"true"}}')
New-EntraBetaPolicy -Definition $definition -DisplayName 'tokenIssuance' -Type 'TokenIssuancePolicy'
Definition
----------
{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","SamlTokenVersion":1.1,"TokenResponseSigningPolicy":"TokenOnly…
This command creates a TokenIssuancePolicy in Microsoft Entra ID.
-DefinitionParameter specifies an array of JSON that contains all the rules of the policy.-TypeParameter specifies the type of policy.
Example 5: Create a ActivityBasedTimeoutPolicy
Connect-Entra -Scopes 'Policy.ReadWrite.ApplicationConfiguration'
$definition = @('{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}')
New-EntraBetaPolicy -Definition $definition -DisplayName 'ActivityBasedTimeoutPolicyname' -Type 'ActivityBasedTimeoutPolicy'
Definition DeletedDateTime Description DisplayName Id
---------- --------------- ----------- ----------- --
{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}} ActivityBasedTimeoutPolicyname aaaaaaaa-0000-1111-2222...
This command creates a ActivityBasedTimeoutPolicy in Microsoft Entra ID.
-DefinitionParameter specifies an array of JSON that contains all the rules of the policy.-TypeParameter specifies the type of policy.
Parameters
-Definition
Specifies an array of JSON that contains all the rules of the policy, for example: -Definition @("{"TokenLifetimePolicy":{"Version":1,"MaxInactiveTime":"20:00:00"}}").
Parameter properties
| Type: | System.Collections.Generic.List`1[System.String] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DisplayName
String of the policy name.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsOrganizationDefault
True if this policy is the organizational default.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Type
Specifies the type of policy. For token lifetimes, specify "TokenLifetimePolicy."
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Related Links
Feedback
Was this page helpful?