Created
December 9, 2025 17:02
-
-
Save joerodgers/533764d9aeb62f540d29c2faff1cc823 to your computer and use it in GitHub Desktop.
Updates the pfx value, password and ClientId of a Entra HTTP Preauthorized connection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #requires -modules "Microsoft.PowerApps.Administration.PowerShell" | |
| function Get-PowerPlatformEntraHttpConnection | |
| { | |
| [CmdletBinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $EnvironmentId, | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $ConnectionName | |
| ) | |
| begin | |
| { | |
| $token = Get-JwtToken -Audience "https://api.powerplatform.com/" | |
| $environmentString = $EnvironmentId.Replace("-", "") | |
| $shortEnvId = $environmentString.Substring($environmentString.Length - 2, 2) | |
| $remainingEnvId = $environmentString.Substring(0, $environmentString.Length - 2) | |
| $apiHost = "https://{0}.{1}.environment.api.powerplatform.com" -f $remainingEnvId, $shortEnvId | |
| $uri = "{0}/connectivity/connectors/shared_webcontents/connections/{1}?`$filter=environment eq '{2}'&api-version=1" -f $apiHost, $ConnectionName, $EnvironmentId | |
| } | |
| process | |
| { | |
| Invoke-RestMethod -Method GET -Uri $uri -Headers @{ Authorization = "Bearer $token"; "content-type" = "application/json" } | |
| } | |
| end | |
| { | |
| } | |
| } | |
| function Set-PowerPlatformEntraHttpConnectionCertificate | |
| { | |
| [CmdletBinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $EnvironmentId, | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $ConnectionName, | |
| [Parameter(Mandatory=$true)] | |
| [Guid] | |
| $ClientId, | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $CertificateBase64, | |
| [Parameter(Mandatory=$true)] | |
| [string] | |
| $CertificatePassword | |
| ) | |
| begin | |
| { | |
| $token = Get-JwtToken -Audience "https://api.powerplatform.com/" | |
| $environmentString = $EnvironmentId.Replace("-", "") | |
| $shortEnvId = $environmentString.Substring($environmentString.Length - 2, 2) | |
| $remainingEnvId = $environmentString.Substring(0, $environmentString.Length - 2) | |
| $apiHost = "https://{0}.{1}.environment.api.powerplatform.com" -f $remainingEnvId, $shortEnvId | |
| $uri = "{0}/connectivity/connectors/shared_webcontents/connections/{1}?`$filter=environment eq '{2}'&api-version=1" -f $apiHost, $ConnectionName, $EnvironmentId | |
| } | |
| process | |
| { | |
| $connection = Get-PowerPlatformEntraHttpConnection -EnvironmentId $EnvironmentId -ConnectionName $ConnectionName -ErrorAction Stop | |
| if( $connection.properties.connectionParametersSet ) | |
| { | |
| $connection = $connection | Select-Object name, id, type, properties | |
| $connection.properties.connectionParametersSet.values.'token:clientCertificateSecret' = $null | |
| $connection.properties.connectionParametersSet.values.'token:clientCertificateSecret' = [PSCustomObject] @{ value = [PSCustomObject] @{ password = $CertificatePassword; pfx = $CertificateBase64 } } | |
| $connection.properties.connectionParametersSet.values.'token:clientId' = $ClientId | |
| $json = $connection | ConvertTo-Json -Depth 10 | |
| $response = Invoke-RestMethod -Method PUT -Uri $uri -Headers @{ Authorization = "Bearer $token"; "Content-Type" = "application/json" } -Body $json.ToString() -ErrorAction SilentlyContinue | |
| return $response | |
| } | |
| Write-Error "Unable to retrieve connection parameters properties for connection: '$ConnectionName'" | |
| } | |
| end | |
| { | |
| } | |
| } | |
| Add-PowerAppsAccount -Endpoint prod | |
| if( $PSVersionTable.PSVersion.Major -le 5 ) | |
| { | |
| $bytes = Get-Content -Encoding Byte -Path "C:\_temp\certificate.pfx" | |
| $certificateBase64 = [Convert]::ToBase64String( $bytes ) | |
| } | |
| else | |
| { | |
| $bytes = Get-Content -AsByteStream -Path "C:\_temp\certificate.pfx" | |
| $certificateBase64 = [Convert]::ToBase64String( $bytes ) | |
| } | |
| $response = Set-PowerPlatformEntraHttpConnectionCertificate ` | |
| -EnvironmentId "00000000-0000-0000-0000-000000000000" ` | |
| -ConnectionName "shared-webcontents-00000000-0000-0000-0000-000000000000" ` | |
| -ClientId "00000000-0000-0000-0000-000000000000" ` | |
| -CertificateBase64 $certificateBase64 ` | |
| -CertificatePassword "<secret password>" | |
| if( $response.properties.connectionParametersSet.values.'token:clientCertificateSecret' ) | |
| { | |
| $response.properties.connectionParametersSet.values.'token:clientCertificateSecret'.value | FL * | |
| } | |
| else | |
| { | |
| $response | FL * | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment