In this Azure PowerShell article, we will discuss the syntax and usage of the Get-AzureADServicePrincipal PowerShell command with examples of how to use this command.
This PowerShell command helps you retrieve the service principal list from your Azure Active Directory.
Table of Contents
Syntax
Get-AzureADServicePrincipalGet-AzureADServicePrincipal -ObjectId <String>Let’s discuss a few examples of how to use the Get-AzureADServicePrincipal PowerShell command.
Get-AzureADServicePrincipal Examples
Example-1:
You can execute the below command to get the lists of service principals from your Azure Active Directory.
Get-AzureADServicePrincipalAfter executing the above command, I got the below-expected output.
DeletionTimestamp :
ObjectId : 0182eca8-38a2-434b-ac2a-1a26c43f401c
ObjectType : ServicePrincipal
AccountEnabled : true
AddIns : {}
AlternativeNames : {}
AppDisplayName : Marketplace Reviews
AppId : a4c1cdb3-88ab-4d13-bc99-1c46106f0727
AppOwnerTenantId : f8cdef31-a31e-4b4a-93e4-5f571e91255a
AppRoleAssignmentRequired : False
AppRoles : {}
DisplayName : Marketplace Reviews
ErrorUrl :
Homepage :
KeyCredentials : {}
LogoutUrl :
Oauth2Permissions : {}
PasswordCredentials : {}
PreferredTokenSigningKeyThumbprint :
PublisherName : Microsoft Services
ReplyUrls : {}
SamlMetadataUrl :
ServicePrincipalNames : {a4c1cdb3-88ab-4d13-bc99-1c46106f0727}
ServicePrincipalType : Application
Tags : {}
DeletionTimestamp :
ObjectId : 01856548-5313-459d-aaca-3e36ad974bc5
ObjectType : ServicePrincipal
AccountEnabled : true
AddIns : {}
AlternativeNames : {}
AppDisplayName : Azure Virtual Desktop
AppId : 9cdead84-a844-4324-93f2-b2e6bb768d07
AppOwnerTenantId : f8cdef31-a31e-4b4a-93e4-5f571e91255a
AppRoleAssignmentRequired : False
AppRoles : {class AppRole {
AllowedMemberTypes:
System.Collections.Generic.List`1[System.String]
Description: Creators can create Windows
Virtual Desktop Tenants
DisplayName: Tenant.Create
Id: 299dad25-58e3-473d-9733-171fb3034713
IsEnabled: True
Value: Tenant.Create
}
}
DisplayName : Azure Virtual Desktop
ErrorUrl :
Homepage :
KeyCredentials : {}
LogoutUrl :
Oauth2Permissions : {class OAuth2Permission {
AdminConsentDescription: Allow the application
to access Windows Virtual Desktop on your behalf.
AdminConsentDisplayName: Access Windows
Virtual Desktop
Id: 1ea0ab9c-b888-476f-aca9-0fc9a53b483a
IsEnabled: True
Type: User
UserConsentDescription: Allow the application
to access Windows Virtual Desktop on your behalf.
UserConsentDisplayName: Access Windows Virtual
Desktop
Value: User.Access
}
}
PasswordCredentials : {}
PreferredTokenSigningKeyThumbprint :
PublisherName : Microsoft Services
ReplyUrls : {https://rdbroker.wvd.microsoft.com/aadCallback,
https://rdweb.wvd.microsoft.com/webclient/index.h
tml, https://rdweb.wvd.microsoft.com/webclient, h
ttps://www.wvd.microsoft.com/webclient/index.html
...}
SamlMetadataUrl :
ServicePrincipalNames : {9cdead84-a844-4324-93f2-b2e6bb768d07,
https://www.wvd.microsoft.com,
https://www.wvd.azure.us}
ServicePrincipalType : Application
Tags : {disableLegacyUserImpersonationResource,
disableLegacyUserImpersonationClient}
DeletionTimestamp :
ObjectId : 04017fdb-5cfa-42a8-ada9-d6827bff0255
ObjectType : ServicePrincipal
AccountEnabled : false
AddIns : {}
AlternativeNames : {}
AppDisplayName : ConnectionsService
AppId : b7912db9-aa33-4820-9d4f-709830fdd78f
AppOwnerTenantId : f8cdef31-a31e-4b4a-93e4-5f571e91255a
AppRoleAssignmentRequired : False
AppRoles : {}
DisplayName : ConnectionsService
ErrorUrl :
Homepage :
KeyCredentials : {}
LogoutUrl : https://api.connections.ms
Oauth2Permissions : {class OAuth2Permission {
AdminConsentDescription: Access Connections
Service Api
AdminConsentDisplayName: Access Connections
Service Api
Id: 04d2d44f-432b-4f9b-be28-cb651a028099
IsEnabled: True
Type: User
UserConsentDescription: Access Connections
Service Api
UserConsentDisplayName: Access Connections
Service Api
Value: user_impersonation
}
}
PasswordCredentials : {}
PreferredTokenSigningKeyThumbprint :
PublisherName : Microsoft Services
ReplyUrls : {https://api.connections.ms}
SamlMetadataUrl :
ServicePrincipalNames : {b7912db9-aa33-4820-9d4f-709830fdd78f,
https://api.connections.ms}
ServicePrincipalType : Application
Tags : {}Note: The above is a trimmed output as the output is too big so I didn’t add the complete one.
You can see the same output below
Example-2:
You can execute the below Azure PowerShell command that can help you to retrieve the service principal based on the specified Object ID.
Connect-AzureAD -TenantId 5d9d690a-0310-474d-ae8b-42df2d549228
Get-AzureADServicePrincipal -ObjectId 5597888b-c202-4d61-bfbd-1e1993e1b248After executing the above command, I got the expected output below
Example-3:
Execute the below PowerShell command to retrieve the lists of service principals from your Azure Active Directory based on the specified filter condition.
Connect-AzureAD -TenantId 5d9d690a-0310-474d-ae8b-42df2d549228
Get-AzureADServicePrincipal -Filter "startswith(DisplayName,'Connections')"After executing the above PowerShell command, I got the output as expected. You can check out the screenshot below for your reference.
Video Tutorial
Final Thoughts
In this Azure PowerShell article, we discussed the syntax and usage of the Get-AzureADServicePrincipal PowerShell command with examples of how to use this PowerShell command.
I am Rajkishore, and I am a Microsoft Certified IT Consultant. I have over 14 years of experience in Microsoft Azure and AWS, with good experience in Azure Functions, Storage, Virtual Machines, Logic Apps, PowerShell Commands, CLI Commands, Machine Learning, AI, Azure Cognitive Services, DevOps, etc. Not only that, I do have good real-time experience in designing and developing cloud-native data integrations on Azure or AWS, etc. I hope you will learn from these practical Azure tutorials. Read more.
