Fixed docs bugs

Author: merill

src/Get-MsIdCBACertificateUserIdFromCertificate.ps1

@@ -34,8 +34,9 @@
     This command retrieves and returns the PrincipalName property.
 
 .OUTPUTS
-    Returns an object containing the certificateUserIDs that can be used with the givin certificate.
+    Returns an object containing the certificateUserIDs that can be used with the given certificate.
 
+    ```
     @{
         PrincipalName = "X509:<PN>bob@woodgrove.com"
         RFC822Name = "X509:<RFC822>user@woodgrove.com"
@@ -45,6 +46,7 @@
         SHA1PublicKey = "X509:<SHA1-PUKEY>cD2eF3gH4iJ5kL6mN7oP8qR9sT"
         IssuerAndSerialNumber = "X509:<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA<SR>eF3gH4iJ5kL6mN7oP8qR9sT0uV"
     }
+    ```
 
 #>
 
@@ -85,7 +87,7 @@ function Get-MsIdCBACertificateUserIdFromCertificate {
         )
 
         $dn = $distinguishedName.Decode([System.Security.Cryptography.X509Certificates.X500DistinguishedNameFlags]::UseNewLines -bor [System.Security.Cryptography.X509Certificates.X500DistinguishedNameFlags]::DoNotUsePlusSign)
-        
+
         $dn = $dn -replace "(\r\n|\n|\r)", ","
         return $dn.TrimEnd(',')
     }
@@ -157,44 +159,44 @@ function Get-MsIdCBACertificateUserIdFromCertificate {
         $certUserIDs = @{
             "PrincipalName" = ""
             "RFC822Name" = ""
-            "IssuerAndSubject" = "" 
+            "IssuerAndSubject" = ""
             "Subject" = ""
             "SKI" = ""
-            "SHA1PublicKey" = "" 
+            "SHA1PublicKey" = ""
             "IssuerAndSerialNumber" = ""
         }
 
-        if (-not [string]::IsNullOrWhiteSpace($mappingFields.PrincipalName)) 
+        if (-not [string]::IsNullOrWhiteSpace($mappingFields.PrincipalName))
         {
             $certUserIDs.PrincipalName = "X509:<PN>$($mappingFields.PrincipalName)"
         }
 
-        if (-not [string]::IsNullOrWhiteSpace($mappingFields.EmailName)) 
+        if (-not [string]::IsNullOrWhiteSpace($mappingFields.EmailName))
         {
             $certUserIDs.RFC822Name = "X509:<RFC822>$($mappingFields.EmailName)"
         }
 
-        if ((-not [string]::IsNullOrWhiteSpace($mappingFields.IssuerName)) -and (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectName))) 
+        if ((-not [string]::IsNullOrWhiteSpace($mappingFields.IssuerName)) -and (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectName)))
         {
             $certUserIDs.IssuerAndSubject = "X509:<I>$($mappingFields.IssuerName)<S>$($mappingFields.SubjectName)"
         }
 
-        if (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectName)) 
+        if (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectName))
         {
             $certUserIDs.Subject = "X509:<S>$($mappingFields.SubjectName)"
         }
 
-        if (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectKeyIdentifier)) 
+        if (-not [string]::IsNullOrWhiteSpace($mappingFields.SubjectKeyIdentifier))
         {
             $certUserIDs.SKI = "X509:<SKI>$($mappingFields.SubjectKeyIdentifier)"
         }
 
-        if (-not [string]::IsNullOrWhiteSpace($mappingFields.Sha1PublicKey)) 
+        if (-not [string]::IsNullOrWhiteSpace($mappingFields.Sha1PublicKey))
         {
             $certUserIDs.SHA1PublicKey = "X509:<SHA1-PUKEY>$($mappingFields.Sha1PublicKey)"
         }
 
-        if ((-not [string]::IsNullOrWhiteSpace($mappingFields.IssuerName)) -and (-not [string]::IsNullOrWhiteSpace($mappingFields.SerialNumber))) 
+        if ((-not [string]::IsNullOrWhiteSpace($mappingFields.IssuerName)) -and (-not [string]::IsNullOrWhiteSpace($mappingFields.SerialNumber)))
         {
             $certUserIDs.IssuerAndSerialNumber = "X509:<I>$($mappingFields.IssuerName)<SR>$($mappingFields.SerialNumber)"
         }
@@ -211,7 +213,7 @@ function Get-MsIdCBACertificateUserIdFromCertificate {
         }
 
         $mappings = Get-CertificateUserIds -cert $cert
-        
+
         if ($CertificateMapping -eq "")
         {
             return $mappings

src/agentid/Invoke-MsIdAgentIdInteractive.ps1

@@ -1,6 +1,17 @@
 <#
 .SYNOPSIS
-    Invokes an interactive creation of Agent ID identities and users
+    Interactive cmdlet to create and configure an Agent ID.
+
+.DESCRIPTION
+    Demonstrates the full workflow of creating and configuring an Agent ID Blueprint,
+    including creating Agent Identities and Agent Users as needed.
+
+    Includes prompts for user input at key steps to customize the configuration. Including
+    options for
+
+    * interactive agents
+    * permissions scopes and
+    * Agent ID users.
 #>
 
 function Invoke-MsIdAgentIdInteractive {

website/docs/commands/Add-MsIdClientSecretToAgentIdentityBlueprint.mdx

@@ -0,0 +1,88 @@
+---
+sidebar_class_name: hidden
+description: Adds a client secret to the current Agent Identity Blueprint
+id: Add-MsIdClientSecretToAgentIdentityBlueprint
+title: Add-MsIdClientSecretToAgentIdentityBlueprint
+hide_title: false
+hide_table_of_contents: false
+custom_edit_url: https://github.com/azuread/msidentitytools/blob/main/src/Add-MsIdClientSecretToAgentIdentityBlueprint.ps1
+---
+
+## SYNOPSIS
+
+Adds a client secret to the current Agent Identity Blueprint
+
+## SYNTAX
+
+```powershell
+Add-MsIdClientSecretToAgentIdentityBlueprint [[-AgentBlueprintId] <String>]
+ [-ProgressAction <ActionPreference>] [<CommonParameters>]
+```
+
+## DESCRIPTION
+
+Creates an application password for the most recently created Agent Identity Blueprint using New-MgApplicationPassword.
+Uses the stored AgentBlueprintId from the last New-AgentIdentityBlueprint call.
+
+## EXAMPLES
+
+### EXAMPLE 1
+
+```powershell
+New-MsIdAgentIdentityBlueprint -DisplayName "My Blueprint" -SponsorUserIds @("user1")
+Add-MsIdClientSecretToAgentIdentityBlueprint  # Uses the stored blueprint ID
+```
+
+### EXAMPLE 2
+
+```powershell
+Add-MsIdClientSecretToAgentIdentityBlueprint -AgentBlueprintId "12345678-1234-1234-1234-123456789012"  # Uses specific ID
+```
+
+## PARAMETERS
+
+### -AgentBlueprintId
+
+Optional.
+The ID of the Agent Identity Blueprint to add the secret to.
+If not provided, uses the stored ID from the last blueprint creation.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: 1
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ProgressAction
+
+\{\{ Fill ProgressAction Description \}\}
+
+```yaml
+Type: ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+## OUTPUTS
+
+## NOTES
+
+## RELATED LINKS

website/docs/commands/Add-MsIdInheritablePermissionsToAgentIdentityBlueprint.mdx

@@ -0,0 +1,112 @@
+---
+sidebar_class_name: hidden
+description: Adds inheritable permissions to Agent Identity Blueprints
+id: Add-MsIdInheritablePermissionsToAgentIdentityBlueprint
+title: Add-MsIdInheritablePermissionsToAgentIdentityBlueprint
+hide_title: false
+hide_table_of_contents: false
+custom_edit_url: https://github.com/azuread/msidentitytools/blob/main/src/Add-MsIdInheritablePermissionsToAgentIdentityBlueprint.ps1
+---
+
+## SYNOPSIS
+
+Adds inheritable permissions to Agent Identity Blueprints
+
+## SYNTAX
+
+```powershell
+Add-MsIdInheritablePermissionsToAgentIdentityBlueprint [[-Scopes] <String[]>] [[-ResourceAppId] <String>]
+ [-ProgressAction <ActionPreference>] [<CommonParameters>]
+```
+
+## DESCRIPTION
+
+Configures inheritable Microsoft Graph permissions that can be granted to Agent Identity Blueprints.
+This allows agents created from the blueprint to inherit specific Microsoft Graph permissions.
+
+## EXAMPLES
+
+### EXAMPLE 1
+
+```powershell
+Add-MsIdInheritablePermissionsToAgentIdentityBlueprint  # Will prompt for scopes
+```
+
+### EXAMPLE 2
+
+```powershell
+Add-MsIdInheritablePermissionsToAgentIdentityBlueprint -Scopes @("User.Read", "Mail.Read", "Calendars.Read")
+```
+
+### EXAMPLE 3
+
+```powershell
+Add-MsIdInheritablePermissionsToAgentIdentityBlueprint -Scopes @("User.Read") -ResourceAppId "00000003-0000-0000-c000-000000000000"
+```
+
+## PARAMETERS
+
+### -Scopes
+
+Optional.
+Array of Microsoft Graph permission scopes to make inheritable.
+If not provided, will prompt for input.
+Common scopes include: User.Read, Mail.Read, Calendars.Read, etc.
+
+```yaml
+Type: String[]
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: 1
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ResourceAppId
+
+Optional.
+The resource application ID.
+Defaults to Microsoft Graph (00000003-0000-0000-c000-000000000000).
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: 2
+Default value: 00000003-0000-0000-c000-000000000000
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ProgressAction
+
+\{\{ Fill ProgressAction Description \}\}
+
+```yaml
+Type: ActionPreference
+Parameter Sets: (All)
+Aliases: proga
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+## OUTPUTS
+
+## NOTES
+
+## RELATED LINKS