Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-EntraIdentityProvider
Configure a new identity provider in the directory.
Syntax
Default (Default)
New-EntraIdentityProvider
-Type <String>
-ClientSecret <String>
-ClientId <String>
[-Name <String>]
[<CommonParameters>]
Description
The New-EntraIdentityProvider cmdlet is used to configure an identity provider in the directory.
Adding an identity provider will allow users to sign up for or sign into applications secured by Azure AD B2C using the identity provider.
Configuring an identity provider in your Microsoft Entra tenant also enables future B2B guest scenarios.
For example, an organization has resources in Microsoft 365 that needs to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents.
The current set of identity providers can be:
- Microsoft
- Amazon
In delegated scenarios using work or school accounts, the signed-in user must have a Microsoft Entra role or custom role with the necessary permissions. The following least privileged roles support this operation:
- External Identity Provider Administrator
Examples
Example 1: Add LinkedIn identity provider
Connect-Entra -Scopes 'IdentityProvider.ReadWrite.All'
New-EntraIdentityProvider -Type 'LinkedIn' -Name 'LinkedInName' -ClientId 'LinkedInAppClientId' -ClientSecret 'LinkedInAppClientSecret'
Id DisplayName
-- -----------
LinkedIn-OAUTH LinkedInName
This example adds a LinkedIn identity provider.
-Typeparameter specifies the identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn.-Nameparameter specifies the display name of the identity provider.-ClientIdparameter specifies the client identifier for the application, obtained during the application's registration with the identity provider.-ClientSecretparameter specifies the client secret for the application, obtained during registration with the identity provider.
Parameters
-ClientId
The client identifier for the application, obtained during the application's registration with the identity provider.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ClientSecret
The client secret for the application, obtained during registration with the identity provider, is write-only. A read operation returns ****.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Name
The display name of the identity provider.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Type
The identity provider type. It must be one of the following values: Microsoft, Google, Facebook, Amazon, or LinkedIn.
For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
None
Outputs
System.Object
Related Links
Feedback
Was this page helpful?