Setting signInAudience of application registration with azure cli

Question

I'm creating and app registration with azure cli using

az ad app create ...

function.

In the manifest of app registration there is a field:signInAudience which i want to set to: AzureADandPersonalMicrosoftAccount

Calling

az ad app update --id [[APP_ID]] --set signInAudience=AzureADandPersonalMicrosoftAccount

returns

Property 'signInAudience' not found on root. Send it as an additional property .
Updates to converged applications are not allowed in this version.

How can I change it?

Answer 1

You can update the app with --available-to-other-tenants

az ad app update --id xxxx --available-to-other-tenants

This will set signInAudience property in manifest to either AzureADMultipleOrgs or AzureADMyOrg.

Check az ad app update -h for more help or Microsoft Docs

Answer 2

It's possible with version 2.37.0 and above, with the new --sign-in-audience parameter:

az ad app create --display-name "My test app" --sign-in-audience AzureADandPersonalMicrosoftAccount

From the app create documentation:

--sign-in-audience Specifies the Microsoft accounts that are supported for the current application.

accepted values: AzureADMultipleOrgs, AzureADMyOrg, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount