`az ad sp create-for-rbac` before 2.25.0 will stop working after 2021-10-15

## Context

According to the announcement of 

- https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-breaking-changes#appid-uri-in-single-tenant-applications-will-require-use-of-default-scheme-or-verified-domains
- https://docs.microsoft.com/en-us/azure/active-directory/develop/security-best-practices-for-app-registration#appid-uri-configuration

AAD service will block creating single tenant applications with invalid `idefntifierUris` after 2021-10-15.

## Impact

Azure CLI command `az ad sp create-for-rbac` before 2.25.0 which sets invalid `idefntifierUris` will fails with **400 badrequest**, such as

```
Values of identifierUris property must use a verified domain of the organization or its subdomain: 'http://azure-cli-2021-10-20-03-53-05'
```

## Solution

`az ad sp create-for-rbac` has been updated so that now it doesn't create `identifierUris` at all (#18312). Please update to Azure CLI 2.25.0 or newer. We recommend always using the latest version.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`az ad sp create-for-rbac` before 2.25.0 will stop working after 2021-10-15 #19892

Context

Impact

Solution

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

az ad sp create-for-rbac before 2.25.0 will stop working after 2021-10-15 #19892

Description

Context

Impact

Solution

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

`az ad sp create-for-rbac` before 2.25.0 will stop working after 2021-10-15 #19892