< Back
New-DbaAzAccessToken
Post
NAME New-DbaAzAccessToken
SYNOPSIS
Simplifies the generation of Azure oauth2 tokens.
SYNTAX
New-DbaAzAccessToken [-Type] <String> [[-Subtype] <String>] [[-Config] <System.Object>] [[-Credential]
<Pscredential>] [[-Tenant] <String>] [[-Thumbprint] <String>] [[-Store] <String>] [-EnableException <Switch>]
[<CommonParameters>]
DESCRIPTION
Generates an oauth2 access token. Currently supports Managed Identities, Service Principals and IRenewableToken.
Want to know more about Access Tokens? This page explains it well:
https://dzone.com/articles/using-manage ... s-azure-re
PARAMETERS
-Config [<System.Object>]
The hashtable or json configuration.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Credential [<Pscredential>]
When using the ServicePrincipal type, a Credential is required. The username is the App ID and Password is the
App Password
https://docs.microsoft.com/en-us/azure/ ... r-app-pass
words
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default in most of our commands, when something goes wrong we try to catch it, interpret it and give you a
friendly warning message.
This command, however, gifts you with "sea of red" exceptions, by default, because it is useful for advanced
scripting.
Using this switch turns our "nice by default" feature on which makes errors into pretty warnings.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Store [<String>]
Store where the Azure MSI certificate is stored
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Subtype [<String>]
The subtype. Options include:
AzureSqlDb (default)
ResourceManager
DataLake
EventHubs
KeyVault
ResourceManager
ServiceBus
Storage
Read more here: https://docs.microsoft.com/en-us/azure/ ... urces/tuto
rial-windows-vm-access-sql
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Tenant [<String>]
When using the ServicePrincipal or RenewableServicePrincipal types, a tenant name or ID is required. This
field works with both.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Thumbprint [<String>]
Thumbprint for connections to Azure MSI
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Type [<String>]
The type of request:
ManagedIdentity
ServicePrincipal
RenewableServicePrincipal
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Connect, Connection, Azure
Author: Chrissy LeMaire (@cl), netnerds.net
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>New-DbaAzAccessToken -Type ManagedIdentity
Returns a plain-text token for Managed Identities for SQL Azure Db.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$token = New-DbaAzAccessToken -Type ManagedIdentity -Subtype AzureSqlDb
PS C:\\> $server = Connect-DbaInstance -SqlInstance myserver.database.windows.net -Database mydb -AccessToken
$token -DisableException
Generates a token then uses it to connect to Azure SQL DB then connects to an Azure SQL Db
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$token = New-DbaAzAccessToken -Type ServicePrincipal -Tenant whatup.onmicrosoft.com -Credential
ee590f55-9b2b-55d4-8bca-38ab123db670
PS C:\\> $server = Connect-DbaInstance -SqlInstance myserver.database.windows.net -Database mydb -AccessToken
$token -DisableException
PS C:\\> Invoke-DbaQuery -SqlInstance $server -Query "select 1 as test"
Generates a token then uses it to connect to Azure SQL DB then connects to an Azure SQL Db.
Once the connection is made, it is used to perform a test query.
RELATED LINKS
https://dbatools.io/New-DbaAzAccessToken
SYNOPSIS
Simplifies the generation of Azure oauth2 tokens.
SYNTAX
New-DbaAzAccessToken [-Type] <String> [[-Subtype] <String>] [[-Config] <System.Object>] [[-Credential]
<Pscredential>] [[-Tenant] <String>] [[-Thumbprint] <String>] [[-Store] <String>] [-EnableException <Switch>]
[<CommonParameters>]
DESCRIPTION
Generates an oauth2 access token. Currently supports Managed Identities, Service Principals and IRenewableToken.
Want to know more about Access Tokens? This page explains it well:
https://dzone.com/articles/using-manage ... s-azure-re
PARAMETERS
-Config [<System.Object>]
The hashtable or json configuration.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Credential [<Pscredential>]
When using the ServicePrincipal type, a Credential is required. The username is the App ID and Password is the
App Password
https://docs.microsoft.com/en-us/azure/ ... r-app-pass
words
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default in most of our commands, when something goes wrong we try to catch it, interpret it and give you a
friendly warning message.
This command, however, gifts you with "sea of red" exceptions, by default, because it is useful for advanced
scripting.
Using this switch turns our "nice by default" feature on which makes errors into pretty warnings.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Store [<String>]
Store where the Azure MSI certificate is stored
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Subtype [<String>]
The subtype. Options include:
AzureSqlDb (default)
ResourceManager
DataLake
EventHubs
KeyVault
ResourceManager
ServiceBus
Storage
Read more here: https://docs.microsoft.com/en-us/azure/ ... urces/tuto
rial-windows-vm-access-sql
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Tenant [<String>]
When using the ServicePrincipal or RenewableServicePrincipal types, a tenant name or ID is required. This
field works with both.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Thumbprint [<String>]
Thumbprint for connections to Azure MSI
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Type [<String>]
The type of request:
ManagedIdentity
ServicePrincipal
RenewableServicePrincipal
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Connect, Connection, Azure
Author: Chrissy LeMaire (@cl), netnerds.net
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>New-DbaAzAccessToken -Type ManagedIdentity
Returns a plain-text token for Managed Identities for SQL Azure Db.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$token = New-DbaAzAccessToken -Type ManagedIdentity -Subtype AzureSqlDb
PS C:\\> $server = Connect-DbaInstance -SqlInstance myserver.database.windows.net -Database mydb -AccessToken
$token -DisableException
Generates a token then uses it to connect to Azure SQL DB then connects to an Azure SQL Db
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$token = New-DbaAzAccessToken -Type ServicePrincipal -Tenant whatup.onmicrosoft.com -Credential
ee590f55-9b2b-55d4-8bca-38ab123db670
PS C:\\> $server = Connect-DbaInstance -SqlInstance myserver.database.windows.net -Database mydb -AccessToken
$token -DisableException
PS C:\\> Invoke-DbaQuery -SqlInstance $server -Query "select 1 as test"
Generates a token then uses it to connect to Azure SQL DB then connects to an Azure SQL Db.
Once the connection is made, it is used to perform a test query.
RELATED LINKS
https://dbatools.io/New-DbaAzAccessToken