Fortytwo.IAM.Core.Admin

0.15.1

Public/Connect-IAMCore.ps1

                                function Connect-IAMCore {

    [CmdletBinding(DefaultParameterSetName = 'Interactive')]

    param (

        [Parameter(Mandatory = $false, ParameterSetName = "ATP")]

        [String] $AccessTokenProfile = $null,

        [Parameter(Mandatory = $false, ParameterSetName = "Interactive")]

        [String] $TenantId = "common",

        [Parameter(Mandatory = $false)]

        [ValidateSet("beta")]

        $APIVersion = "beta",

        [Parameter(Mandatory = $false, ParameterSetName = "Interactive")]

        [Parameter(Mandatory = $false, ParameterSetName = "ATP")]

        [ValidateSet("Production", "Development")]

        [String] $Instance = "Production",

        [Parameter(Mandatory = $false)]

        [String] $APIRoot = "https://api.fortytwo.io/iamcore/beta"

    )

    process {

        if ($Instance -eq "Development" -and !$PSBoundParameters.ContainsKey('APIRoot')) {

            $APIRoot = "https://dev-api.byfortytwo.com/iamcore/$($APIVersion)" # Default to dev API root for non-production instances if APIRoot is not explicitly set

        }

        if ([String]::IsNullOrEmpty($AccessTokenProfile)) {

            $AccessTokenProfile = "Fortytwo.IAM.Core.Administrator"

            if ($Instance -eq "Production") {

                Add-EntraIDInteractiveUserAccessTokenProfile -Name $AccessTokenProfile -TenantId $TenantId -ClientId "68bf2f1d-b9e1-4477-8b90-81314861f05f" -Scope "https://api.fortytwo.io/.default"

            }

            else {

                Add-EntraIDInteractiveUserAccessTokenProfile -Name $AccessTokenProfile -TenantId $TenantId -ClientId "b24eb00a-7f91-489b-b321-3b018da0e8a8" -Scope "api://c61cb4dd-35bf-4db9-b152-58e223782c11/.default"

                if (!$PSBoundParameters.ContainsKey('APIRoot')) {

                    $APIRoot = "https://dev-api.byfortytwo.com/iamcore/$($APIVersion)" # Default to dev API root for non-production instances if APIRoot is not explicitly set

                }

            }

        }

        elseif (!(Get-EntraIDAccessTokenProfile -Profile $AccessTokenProfile)) {

            throw "Access token profile '$AccessTokenProfile' not found. Please create it using New-EntraIDAccessTokenProfile."

        }

        if ($APIRoot.EndsWith('/')) {

            $APIRoot = $APIRoot.TrimEnd('/')

        }

        $Script:APIRoot = $APIRoot

        $Script:AccessTokenProfile = $AccessTokenProfile

        Write-Verbose "Connected to Fortytwo IAM Core API at '$APIRoot' using access token profile '$AccessTokenProfile'."

    }

}