Microsoft.Graph.Applications
Microsoft Graph PowerShell Cmdlets
Microsoft.Graph.Applications
| Add-MgApplicationKey |
Add a key credential to an application. This method, along with removeKey can be used by an application to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. Applications that don't have any existing valid certificates (no certificates have been added yet, or all certificates have expired), won't be able to use this service action. You can use the Update application operation to perform an update instead. Note To view the beta release of this cmdlet, view Add-MgBetaApplicationKey |
| Add-MgApplicationPassword |
Adds a strong password or secret to an application. You can also add passwords while creating the application. Note To view the beta release of this cmdlet, view Add-MgBetaApplicationPassword |
| Add-MgServicePrincipalKey |
Adds a key credential to a servicePrincipal. This method along with removeKey can be used by a servicePrincipal to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. ServicePrincipals that don't have any existing valid certificates (i.e.: no certificates have been added yet, or all certificates have expired), won't be able to use this service action. Update servicePrincipal can be used to perform an update instead. |
| Add-MgServicePrincipalPassword |
Add a strong password or secret to a servicePrincipal object. |
| Add-MgServicePrincipalTokenSigningCertificate |
Create a self-signed signing certificate and return a selfSignedCertificate object, which is the public part of the generated certificate. The self-signed signing certificate is composed of the following objects, which are added to the servicePrincipal: + The keyCredentials object with the following objects: + A private key object with usage set to Sign. + A public key object with usage set to Verify.+ The passwordCredentials object. All the objects have the same value of customKeyIdentifier. The passwordCredential is used to open the PFX file (private key). It and the associated private key object have the same value of keyId. When set during creation through the displayName property, the subject of the certificate cannot be updated. The startDateTime is set to the same time the certificate is created using the action. The endDateTime can be up to three years after the certificate is created. Note To view the beta release of this cmdlet, view Add-MgBetaServicePrincipalTokenSigningCertificate |
| Clear-MgApplicationVerifiedPublisher |
Unset the verifiedPublisher previously set on an application, removing all verified publisher properties. For more information, see Publisher verification. Note To view the beta release of this cmdlet, view Clear-MgBetaApplicationVerifiedPublisher |
| Confirm-MgApplicationMemberGroup |
Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct. Note To view the beta release of this cmdlet, view Confirm-MgBetaApplicationMemberGroup |
| Confirm-MgApplicationMemberObject |
Invoke action checkMemberObjects Note To view the beta release of this cmdlet, view Confirm-MgBetaApplicationMemberObject |
| Confirm-MgServicePrincipalMemberGroup |
Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct. Note To view the beta release of this cmdlet, view Confirm-MgBetaServicePrincipalMemberGroup |
| Confirm-MgServicePrincipalMemberObject |
Invoke action checkMemberObjects Note To view the beta release of this cmdlet, view Confirm-MgBetaServicePrincipalMemberObject |
| Find-MgApplicationSynchronizationJobSchemaDirectory |
Discover the latest schema definition for provisioning to an application. Note To view the beta release of this cmdlet, view Find-MgBetaApplicationSynchronizationJobSchemaDirectory |
| Find-MgApplicationSynchronizationTemplateSchemaDirectory |
Discover the latest schema definition for provisioning to an application. Note To view the beta release of this cmdlet, view Find-MgBetaApplicationSynchronizationTemplateSchemaDirectory |
| Find-MgServicePrincipalSynchronizationJobSchemaDirectory |
Discover the latest schema definition for provisioning to an application. Note To view the beta release of this cmdlet, view Find-MgBetaServicePrincipalSynchronizationJobSchemaDirectory |
| Find-MgServicePrincipalSynchronizationTemplateSchemaDirectory |
Discover the latest schema definition for provisioning to an application. Note To view the beta release of this cmdlet, view Find-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectory |
| Get-MgApplication |
Get the properties and relationships of an application object. Note To view the beta release of this cmdlet, view Get-MgBetaApplication |
| Get-MgApplicationAppManagementPolicy |
The appManagementPolicy applied to this application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationAppManagementPolicy |
| Get-MgApplicationAppManagementPolicyByRef |
The appManagementPolicy applied to this application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationAppManagementPolicyByRef |
| Get-MgApplicationAppManagementPolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationAppManagementPolicyCount |
| Get-MgApplicationByAppId |
Get the properties and relationships of an application object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationByAppId |
| Get-MgApplicationById |
Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: Note To view the beta release of this cmdlet, view Get-MgBetaApplicationById |
| Get-MgApplicationByUniqueName |
Get the properties and relationships of an application object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationByUniqueName |
| Get-MgApplicationCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationCount |
| Get-MgApplicationCreatedOnBehalfOf |
Supports $filter (/$count eq 0, /$count ne 0). Read-only. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationCreatedOnBehalfOf |
| Get-MgApplicationDelta |
Get newly created, updated, or deleted applications without performing a full read of the entire resource collection. For details, see Using delta query. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationDelta |
| Get-MgApplicationExtensionProperty |
Read a directory extension definition represented by an extensionProperty object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationExtensionProperty |
| Get-MgApplicationExtensionPropertyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationExtensionPropertyCount |
| Get-MgApplicationFederatedIdentityCredential |
Read the properties and relationships of a federatedIdentityCredential object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationFederatedIdentityCredential |
| Get-MgApplicationFederatedIdentityCredentialByName |
Read the properties and relationships of a federatedIdentityCredential object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationFederatedIdentityCredentialByName |
| Get-MgApplicationFederatedIdentityCredentialCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationFederatedIdentityCredentialCount |
| Get-MgApplicationHomeRealmDiscoveryPolicy |
Get homeRealmDiscoveryPolicies from applications Note To view the beta release of this cmdlet, view Get-MgBetaApplicationHomeRealmDiscoveryPolicy |
| Get-MgApplicationHomeRealmDiscoveryPolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationHomeRealmDiscoveryPolicyCount |
| Get-MgApplicationLogo |
The main logo for the application. Not nullable. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationLogo |
| Get-MgApplicationMemberGroup |
Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationMemberGroup |
| Get-MgApplicationMemberObject |
Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationMemberObject |
| Get-MgApplicationOwner |
Retrieve a list of owners for an application that are directoryObject types. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwner |
| Get-MgApplicationOwnerAsAppRoleAssignment |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment |
| Get-MgApplicationOwnerAsEndpoint |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerAsEndpoint |
| Get-MgApplicationOwnerAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerAsServicePrincipal |
| Get-MgApplicationOwnerAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerAsUser |
| Get-MgApplicationOwnerByRef |
Retrieve a list of owners for an application that are directoryObject types. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerByRef |
| Get-MgApplicationOwnerCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerCount |
| Get-MgApplicationOwnerCountAsAppRoleAssignment |
Get the number of the resource |
| Get-MgApplicationOwnerCountAsEndpoint |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerCountAsEndpoint |
| Get-MgApplicationOwnerCountAsServicePrincipal |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerCountAsServicePrincipal |
| Get-MgApplicationOwnerCountAsUser |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationOwnerCountAsUser |
| Get-MgApplicationSynchronization |
Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronization |
| Get-MgApplicationSynchronizationAccessToken |
Acquire an OAuth access token to authorize the Microsoft Entra provisioning service to provision users into an application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationAccessToken |
| Get-MgApplicationSynchronizationJob |
Performs synchronization by periodically running in the background, polling for changes in one directory, and pushing them to another directory. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJob |
| Get-MgApplicationSynchronizationJobBulkUpload |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobBulkUpload |
| Get-MgApplicationSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobBulkUploadContent |
| Get-MgApplicationSynchronizationJobCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobCount |
| Get-MgApplicationSynchronizationJobSchema |
The synchronization schema configured for the job. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobSchema |
| Get-MgApplicationSynchronizationJobSchemaDirectory |
Contains the collection of directories and all of their objects. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobSchemaDirectory |
| Get-MgApplicationSynchronizationJobSchemaDirectoryCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationJobSchemaDirectoryCount |
| Get-MgApplicationSynchronizationSecretCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationSecretCount |
| Get-MgApplicationSynchronizationTemplate |
Preconfigured synchronization settings for a particular application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationTemplate |
| Get-MgApplicationSynchronizationTemplateCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationTemplateCount |
| Get-MgApplicationSynchronizationTemplateSchema |
Default synchronization schema for the jobs based on this template. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationTemplateSchema |
| Get-MgApplicationSynchronizationTemplateSchemaDirectory |
Contains the collection of directories and all of their objects. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationTemplateSchemaDirectory |
| Get-MgApplicationSynchronizationTemplateSchemaDirectoryCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationSynchronizationTemplateSchemaDirectoryCount |
| Get-MgApplicationTemplate |
Retrieve the properties of an applicationTemplate object. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTemplate |
| Get-MgApplicationTemplateCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTemplateCount |
| Get-MgApplicationTokenIssuancePolicy |
List the tokenIssuancePolicy objects that are assigned to an application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenIssuancePolicy |
| Get-MgApplicationTokenIssuancePolicyByRef |
List the tokenIssuancePolicy objects that are assigned to an application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenIssuancePolicyByRef |
| Get-MgApplicationTokenIssuancePolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenIssuancePolicyCount |
| Get-MgApplicationTokenLifetimePolicy |
List the tokenLifetimePolicy objects that are assigned to an application. Only one object is returned in the collection because only one tokenLifetimePolicy can be assigned to an application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenLifetimePolicy |
| Get-MgApplicationTokenLifetimePolicyByRef |
List the tokenLifetimePolicy objects that are assigned to an application. Only one object is returned in the collection because only one tokenLifetimePolicy can be assigned to an application. Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenLifetimePolicyByRef |
| Get-MgApplicationTokenLifetimePolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaApplicationTokenLifetimePolicyCount |
| Get-MgGroupAppRoleAssignment |
Represents the app roles granted to a group for an application. Supports $expand. Note To view the beta release of this cmdlet, view Get-MgBetaGroupAppRoleAssignment |
| Get-MgGroupAppRoleAssignmentCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaGroupAppRoleAssignmentCount |
| Get-MgServicePrincipal |
Retrieve the properties and relationships of a servicePrincipal object. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipal |
| Get-MgServicePrincipalAppManagementPolicy |
The appManagementPolicy applied to this application. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppManagementPolicy |
| Get-MgServicePrincipalAppManagementPolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppManagementPolicyCount |
| Get-MgServicePrincipalAppRoleAssignedTo |
Read the properties and relationships of an appRoleAssignment object. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppRoleAssignedTo |
| Get-MgServicePrincipalAppRoleAssignedToCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppRoleAssignedToCount |
| Get-MgServicePrincipalAppRoleAssignment |
Read the properties and relationships of an appRoleAssignment object. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppRoleAssignment |
| Get-MgServicePrincipalAppRoleAssignmentCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalAppRoleAssignmentCount |
| Get-MgServicePrincipalByAppId |
Retrieve the properties and relationships of a servicePrincipal object. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalByAppId |
| Get-MgServicePrincipalById |
Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalById |
| Get-MgServicePrincipalClaimMappingPolicy |
List the claimsMappingPolicy objects that are assigned to a servicePrincipal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalClaimMappingPolicy |
| Get-MgServicePrincipalClaimMappingPolicyByRef |
List the claimsMappingPolicy objects that are assigned to a servicePrincipal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalClaimMappingPolicyByRef |
| Get-MgServicePrincipalClaimMappingPolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalClaimMappingPolicyCount |
| Get-MgServicePrincipalCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalCount |
| Get-MgServicePrincipalCreatedObject |
Directory objects created by this service principal. Read-only. Nullable. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalCreatedObject |
| Get-MgServicePrincipalCreatedObjectAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalCreatedObjectAsServicePrincipal |
| Get-MgServicePrincipalCreatedObjectCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalCreatedObjectCount |
| Get-MgServicePrincipalCreatedObjectCountAsServicePrincipal |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalCreatedObjectCountAsServicePrincipal |
| Get-MgServicePrincipalDelegatedPermissionClassification |
Get delegatedPermissionClassifications from servicePrincipals Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalDelegatedPermissionClassification |
| Get-MgServicePrincipalDelegatedPermissionClassificationCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalDelegatedPermissionClassificationCount |
| Get-MgServicePrincipalDelta |
Get newly created, updated, or deleted service principals without having to perform a full read of the entire resource collection. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalDelta |
| Get-MgServicePrincipalEndpoint |
Get endpoints from servicePrincipals Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalEndpoint |
| Get-MgServicePrincipalEndpointCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalEndpointCount |
| Get-MgServicePrincipalHomeRealmDiscoveryPolicy |
List the homeRealmDiscoveryPolicy objects that are assigned to a servicePrincipal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalHomeRealmDiscoveryPolicy |
| Get-MgServicePrincipalHomeRealmDiscoveryPolicyByRef |
List the homeRealmDiscoveryPolicy objects that are assigned to a servicePrincipal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalHomeRealmDiscoveryPolicyByRef |
| Get-MgServicePrincipalHomeRealmDiscoveryPolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalHomeRealmDiscoveryPolicyCount |
| Get-MgServicePrincipalMemberGroup |
Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberGroup |
| Get-MgServicePrincipalMemberObject |
Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberObject |
| Get-MgServicePrincipalMemberOf |
Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOf |
| Get-MgServicePrincipalMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfAsAdministrativeUnit |
| Get-MgServicePrincipalMemberOfAsDirectoryRole |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.directoryRole Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfAsDirectoryRole |
| Get-MgServicePrincipalMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfAsGroup |
| Get-MgServicePrincipalMemberOfCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfCount |
| Get-MgServicePrincipalMemberOfCountAsAdministrativeUnit |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfCountAsAdministrativeUnit |
| Get-MgServicePrincipalMemberOfCountAsDirectoryRole |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfCountAsDirectoryRole |
| Get-MgServicePrincipalMemberOfCountAsGroup |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalMemberOfCountAsGroup |
| Get-MgServicePrincipalOauth2PermissionGrant |
Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOauth2PermissionGrant |
| Get-MgServicePrincipalOauth2PermissionGrantCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOauth2PermissionGrantCount |
| Get-MgServicePrincipalOwnedObject |
Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObject |
| Get-MgServicePrincipalOwnedObjectAsApplication |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.application Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectAsApplication |
| Get-MgServicePrincipalOwnedObjectAsAppRoleAssignment |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment |
| Get-MgServicePrincipalOwnedObjectAsEndpoint |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectAsEndpoint |
| Get-MgServicePrincipalOwnedObjectAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectAsGroup |
| Get-MgServicePrincipalOwnedObjectAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectAsServicePrincipal |
| Get-MgServicePrincipalOwnedObjectCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectCount |
| Get-MgServicePrincipalOwnedObjectCountAsApplication |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectCountAsApplication |
| Get-MgServicePrincipalOwnedObjectCountAsAppRoleAssignment |
Get the number of the resource |
| Get-MgServicePrincipalOwnedObjectCountAsEndpoint |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectCountAsEndpoint |
| Get-MgServicePrincipalOwnedObjectCountAsGroup |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectCountAsGroup |
| Get-MgServicePrincipalOwnedObjectCountAsServicePrincipal |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnedObjectCountAsServicePrincipal |
| Get-MgServicePrincipalOwner |
Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwner |
| Get-MgServicePrincipalOwnerAsAppRoleAssignment |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment |
| Get-MgServicePrincipalOwnerAsEndpoint |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerAsEndpoint |
| Get-MgServicePrincipalOwnerAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerAsServicePrincipal |
| Get-MgServicePrincipalOwnerAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerAsUser |
| Get-MgServicePrincipalOwnerByRef |
Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerByRef |
| Get-MgServicePrincipalOwnerCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerCount |
| Get-MgServicePrincipalOwnerCountAsAppRoleAssignment |
Get the number of the resource |
| Get-MgServicePrincipalOwnerCountAsEndpoint |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerCountAsEndpoint |
| Get-MgServicePrincipalOwnerCountAsServicePrincipal |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerCountAsServicePrincipal |
| Get-MgServicePrincipalOwnerCountAsUser |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalOwnerCountAsUser |
| Get-MgServicePrincipalRemoteDesktopSecurityConfiguration |
Read the properties and relationships of a remoteDesktopSecurityConfiguration object on a servicePrincipal. Use this configuration to view the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices. Additionally you can view any targetDeviceGroups that have been configured for SSO. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration |
| Get-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
Read the properties and relationships of a targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
| Get-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroupCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroupCount |
| Get-MgServicePrincipalSynchronization |
Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronization |
| Get-MgServicePrincipalSynchronizationAccessToken |
Acquire an OAuth access token to authorize the Microsoft Entra provisioning service to provision users into an application. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationAccessToken |
| Get-MgServicePrincipalSynchronizationJob |
Retrieve the existing synchronization job and its properties. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJob |
| Get-MgServicePrincipalSynchronizationJobBulkUpload |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobBulkUpload |
| Get-MgServicePrincipalSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobBulkUploadContent |
| Get-MgServicePrincipalSynchronizationJobCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobCount |
| Get-MgServicePrincipalSynchronizationJobSchema |
Retrieve the schema for a given synchronization job or template. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobSchema |
| Get-MgServicePrincipalSynchronizationJobSchemaDirectory |
Contains the collection of directories and all of their objects. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobSchemaDirectory |
| Get-MgServicePrincipalSynchronizationJobSchemaDirectoryCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationJobSchemaDirectoryCount |
| Get-MgServicePrincipalSynchronizationSecretCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationSecretCount |
| Get-MgServicePrincipalSynchronizationTemplate |
Preconfigured synchronization settings for a particular application. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationTemplate |
| Get-MgServicePrincipalSynchronizationTemplateCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationTemplateCount |
| Get-MgServicePrincipalSynchronizationTemplateSchema |
Default synchronization schema for the jobs based on this template. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationTemplateSchema |
| Get-MgServicePrincipalSynchronizationTemplateSchemaDirectory |
Contains the collection of directories and all of their objects. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectory |
| Get-MgServicePrincipalSynchronizationTemplateSchemaDirectoryCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectoryCount |
| Get-MgServicePrincipalTokenIssuancePolicy |
The tokenIssuancePolicies assigned to this service principal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTokenIssuancePolicy |
| Get-MgServicePrincipalTokenIssuancePolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTokenIssuancePolicyCount |
| Get-MgServicePrincipalTokenLifetimePolicy |
The tokenLifetimePolicies assigned to this service principal. Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTokenLifetimePolicy |
| Get-MgServicePrincipalTokenLifetimePolicyCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTokenLifetimePolicyCount |
| Get-MgServicePrincipalTransitiveMemberOf |
Get transitiveMemberOf from servicePrincipals Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOf |
| Get-MgServicePrincipalTransitiveMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfAsAdministrativeUnit |
| Get-MgServicePrincipalTransitiveMemberOfAsDirectoryRole |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.directoryRole Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfAsDirectoryRole |
| Get-MgServicePrincipalTransitiveMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfAsGroup |
| Get-MgServicePrincipalTransitiveMemberOfCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfCount |
| Get-MgServicePrincipalTransitiveMemberOfCountAsAdministrativeUnit |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfCountAsAdministrativeUnit |
| Get-MgServicePrincipalTransitiveMemberOfCountAsDirectoryRole |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfCountAsDirectoryRole |
| Get-MgServicePrincipalTransitiveMemberOfCountAsGroup |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaServicePrincipalTransitiveMemberOfCountAsGroup |
| Get-MgUserAppRoleAssignment |
Represents the app roles a user is granted for an application. Supports $expand. Note To view the beta release of this cmdlet, view Get-MgBetaUserAppRoleAssignment |
| Get-MgUserAppRoleAssignmentCount |
Get the number of the resource Note To view the beta release of this cmdlet, view Get-MgBetaUserAppRoleAssignmentCount |
| Invoke-MgFilterApplicationSynchronizationJobSchemaOperator |
List all operators supported in the scoping filters. Note To view the beta release of this cmdlet, view Invoke-MgBetaFilterApplicationSynchronizationJobSchemaOperator |
| Invoke-MgFilterApplicationSynchronizationTemplateSchemaOperator |
List all operators supported in the scoping filters. Note To view the beta release of this cmdlet, view Invoke-MgBetaFilterApplicationSynchronizationTemplateSchemaOperator |
| Invoke-MgFilterServicePrincipalSynchronizationJobSchemaOperator |
List all operators supported in the scoping filters. Note To view the beta release of this cmdlet, view Invoke-MgBetaFilterServicePrincipalSynchronizationJobSchemaOperator |
| Invoke-MgFilterServicePrincipalSynchronizationTemplateSchemaOperator |
List all operators supported in the scoping filters. Note To view the beta release of this cmdlet, view Invoke-MgBetaFilterServicePrincipalSynchronizationTemplateSchemaOperator |
| Invoke-MgFunctionApplicationSynchronizationJobSchema |
List all the functions currently supported in the attributeMappingSource. Note To view the beta release of this cmdlet, view Invoke-MgBetaFunctionApplicationSynchronizationJobSchema |
| Invoke-MgFunctionApplicationSynchronizationTemplateSchema |
List all the functions currently supported in the attributeMappingSource. Note To view the beta release of this cmdlet, view Invoke-MgBetaFunctionApplicationSynchronizationTemplateSchema |
| Invoke-MgFunctionServicePrincipalSynchronizationJobSchema |
List all the functions currently supported in the attributeMappingSource. Note To view the beta release of this cmdlet, view Invoke-MgBetaFunctionServicePrincipalSynchronizationJobSchema |
| Invoke-MgFunctionServicePrincipalSynchronizationTemplateSchema |
List all the functions currently supported in the attributeMappingSource. Note To view the beta release of this cmdlet, view Invoke-MgBetaFunctionServicePrincipalSynchronizationTemplateSchema |
| Invoke-MgInstantiateApplicationTemplate |
Add an instance of an application from the Microsoft Entra application gallery into your directory. The application template with ID 8adf8e6e-67b2-4cf2-a259-e3dc5476c621 can be used to add a non-gallery app that you can configure different single-sign on (SSO) modes like SAML SSO and password-based SSO. Note To view the beta release of this cmdlet, view Invoke-MgBetaInstantiateApplicationTemplate |
| Invoke-MgParseApplicationSynchronizationJobSchemaExpression |
Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. Note To view the beta release of this cmdlet, view Invoke-MgBetaParseApplicationSynchronizationJobSchemaExpression |
| Invoke-MgParseApplicationSynchronizationTemplateSchemaExpression |
Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. Note To view the beta release of this cmdlet, view Invoke-MgBetaParseApplicationSynchronizationTemplateSchemaExpression |
| Invoke-MgParseServicePrincipalSynchronizationJobSchemaExpression |
Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. Note To view the beta release of this cmdlet, view Invoke-MgBetaParseServicePrincipalSynchronizationJobSchemaExpression |
| Invoke-MgParseServicePrincipalSynchronizationTemplateSchemaExpression |
Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. Note To view the beta release of this cmdlet, view Invoke-MgBetaParseServicePrincipalSynchronizationTemplateSchemaExpression |
| New-MgApplication |
Create a new application object. Note To view the beta release of this cmdlet, view New-MgBetaApplication |
| New-MgApplicationAppManagementPolicyByRef |
Assign an appManagementPolicy policy object to an application or service principal object. The application or service principal adopts this policy over the tenant-wide tenantAppManagementPolicy setting. Only one policy object can be assigned to an application or service principal. Note To view the beta release of this cmdlet, view New-MgBetaApplicationAppManagementPolicyByRef |
| New-MgApplicationExtensionProperty |
Create a new directory extension definition, represented by an extensionProperty object. Note To view the beta release of this cmdlet, view New-MgBetaApplicationExtensionProperty |
| New-MgApplicationFederatedIdentityCredential |
Create a new federatedIdentityCredential object for an application. By configuring a trust relationship between your Microsoft Entra application registration and the identity provider for your compute platform, you can use tokens issued by that platform to authenticate with Microsoft identity platform and call APIs in the Microsoft ecosystem. Maximum of 20 objects can be added to an application. Note To view the beta release of this cmdlet, view New-MgBetaApplicationFederatedIdentityCredential |
| New-MgApplicationOwnerByRef |
Add an owner to an application. Currently, only individual users are supported as owners of applications. Note To view the beta release of this cmdlet, view New-MgBetaApplicationOwnerByRef |
| New-MgApplicationSynchronizationJob |
Create new navigation property to jobs for applications Note To view the beta release of this cmdlet, view New-MgBetaApplicationSynchronizationJob |
| New-MgApplicationSynchronizationJobOnDemand |
Select a user and provision the account on-demand. The rate limit for this API is 5 requests per 10 seconds. Note To view the beta release of this cmdlet, view New-MgBetaApplicationSynchronizationJobOnDemand |
| New-MgApplicationSynchronizationJobSchemaDirectory |
Create new navigation property to directories for applications Note To view the beta release of this cmdlet, view New-MgBetaApplicationSynchronizationJobSchemaDirectory |
| New-MgApplicationSynchronizationTemplate |
Create new navigation property to templates for applications Note To view the beta release of this cmdlet, view New-MgBetaApplicationSynchronizationTemplate |
| New-MgApplicationSynchronizationTemplateSchemaDirectory |
Create new navigation property to directories for applications Note To view the beta release of this cmdlet, view New-MgBetaApplicationSynchronizationTemplateSchemaDirectory |
| New-MgApplicationTokenIssuancePolicyByRef |
Assign a tokenIssuancePolicy to an application. Note To view the beta release of this cmdlet, view New-MgBetaApplicationTokenIssuancePolicyByRef |
| New-MgApplicationTokenLifetimePolicyByRef |
Assign a tokenLifetimePolicy to an application. You can have multiple tokenLifetimePolicy policies in a tenant but can assign only one tokenLifetimePolicy per application. Note To view the beta release of this cmdlet, view New-MgBetaApplicationTokenLifetimePolicyByRef |
| New-MgGroupAppRoleAssignment |
Use this API to assign an app role to a security group. All direct members of the group will be considered assigned. Security groups with dynamic memberships are supported. To grant an app role assignment to a group, you need three identifiers: Additional licenses might be required to use a group to manage access to applications. Note To view the beta release of this cmdlet, view New-MgBetaGroupAppRoleAssignment |
| New-MgServicePrincipal |
Create a new servicePrincipal object. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipal |
| New-MgServicePrincipalAppRoleAssignedTo |
Assign an app role for a resource service principal, to a user, group, or client service principal. App roles that are assigned to service principals are also known as application permissions. Application permissions can be granted directly with app role assignments, or through a consent experience. To grant an app role assignment, you need three identifiers: Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalAppRoleAssignedTo |
| New-MgServicePrincipalAppRoleAssignment |
Assign an app role to a client service principal. App roles that are assigned to service principals are also known as application permissions. Application permissions can be granted directly with app role assignments, or through a consent experience. To grant an app role assignment to a client service principal, you need three identifiers: Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalAppRoleAssignment |
| New-MgServicePrincipalClaimMappingPolicyByRef |
Assign a claimsMappingPolicy to a servicePrincipal. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalClaimMappingPolicyByRef |
| New-MgServicePrincipalDelegatedPermissionClassification |
Classify a delegated permission by adding a delegatedPermissionClassification to the servicePrincipal representing the API. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalDelegatedPermissionClassification |
| New-MgServicePrincipalEndpoint |
Create new navigation property to endpoints for servicePrincipals Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalEndpoint |
| New-MgServicePrincipalHomeRealmDiscoveryPolicyByRef |
Assign a homeRealmDiscoveryPolicy to a servicePrincipal. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalHomeRealmDiscoveryPolicyByRef |
| New-MgServicePrincipalOwnerByRef |
Use this API to add an owner for the servicePrincipal. Service principal owners can be users, the service principal itself, or other service principals. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalOwnerByRef |
| New-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
Create a new targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. You can configure a maximum of 10 target device groups for the remoteDesktopSecurityConfiguraiton object on the servicePrincipal. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
| New-MgServicePrincipalSynchronizationJob |
Create new synchronization job with a default synchronization schema. The job is created in a disabled state. Call Start job to start synchronization. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalSynchronizationJob |
| New-MgServicePrincipalSynchronizationJobOnDemand |
Select a user and provision the account on-demand. The rate limit for this API is 5 requests per 10 seconds. Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalSynchronizationJobOnDemand |
| New-MgServicePrincipalSynchronizationJobSchemaDirectory |
Create new navigation property to directories for servicePrincipals Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalSynchronizationJobSchemaDirectory |
| New-MgServicePrincipalSynchronizationTemplate |
Create new navigation property to templates for servicePrincipals Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalSynchronizationTemplate |
| New-MgServicePrincipalSynchronizationTemplateSchemaDirectory |
Create new navigation property to directories for servicePrincipals Note To view the beta release of this cmdlet, view New-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectory |
| New-MgUserAppRoleAssignment |
Assign an app role to a user, creating an appRoleAssignment object. To grant an app role assignment to a user, you need three identifiers: Note To view the beta release of this cmdlet, view New-MgBetaUserAppRoleAssignment |
| Remove-MgApplication |
Delete an application object. When deleted, apps are moved to a temporary container and can be restored within 30 days. After that time, they are permanently deleted. Note To view the beta release of this cmdlet, view Remove-MgBetaApplication |
| Remove-MgApplicationAppManagementPolicyAppManagementPolicyByRef |
Remove an appManagementPolicy policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide tenantAppManagementPolicy setting. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationAppManagementPolicyAppManagementPolicyByRef |
| Remove-MgApplicationAppManagementPolicyByRef |
Remove an appManagementPolicy policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide tenantAppManagementPolicy setting. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationAppManagementPolicyAppManagementPolicyByRef |
| Remove-MgApplicationByAppId |
Delete an application object. When deleted, apps are moved to a temporary container and can be restored within 30 days. After that time, they are permanently deleted. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationByAppId |
| Remove-MgApplicationByUniqueName |
Delete an application object. When deleted, apps are moved to a temporary container and can be restored within 30 days. After that time, they are permanently deleted. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationByUniqueName |
| Remove-MgApplicationExtensionProperty |
Delete a directory extension definition represented by an extensionProperty object. You can delete only directory extensions that aren't synced from on-premises active directory (AD). Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationExtensionProperty |
| Remove-MgApplicationFederatedIdentityCredential |
Delete a federatedIdentityCredential object from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationFederatedIdentityCredential |
| Remove-MgApplicationFederatedIdentityCredentialByName |
Delete a federatedIdentityCredential object from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationFederatedIdentityCredentialByName |
| Remove-MgApplicationKey |
Remove a key credential from an application. This method along with addKey can be used by an application to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationKey |
| Remove-MgApplicationLogo |
The main logo for the application. Not nullable. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationLogo |
| Remove-MgApplicationOwnerByRef |
Remove an owner from an application. As a recommended best practice, apps should have at least two owners. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationOwnerDirectoryObjectByRef |
| Remove-MgApplicationOwnerDirectoryObjectByRef |
Remove an owner from an application. As a recommended best practice, apps should have at least two owners. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationOwnerDirectoryObjectByRef |
| Remove-MgApplicationPassword |
Remove a password from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationPassword |
| Remove-MgApplicationSynchronization |
Delete navigation property synchronization for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronization |
| Remove-MgApplicationSynchronizationJob |
Delete navigation property jobs for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationJob |
| Remove-MgApplicationSynchronizationJobBulkUpload |
Delete navigation property bulkUpload for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationJobBulkUpload |
| Remove-MgApplicationSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationJobBulkUploadContent |
| Remove-MgApplicationSynchronizationJobSchema |
Delete navigation property schema for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationJobSchema |
| Remove-MgApplicationSynchronizationJobSchemaDirectory |
Delete navigation property directories for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationJobSchemaDirectory |
| Remove-MgApplicationSynchronizationTemplate |
Delete navigation property templates for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationTemplate |
| Remove-MgApplicationSynchronizationTemplateSchema |
Delete navigation property schema for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationTemplateSchema |
| Remove-MgApplicationSynchronizationTemplateSchemaDirectory |
Delete navigation property directories for applications Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationSynchronizationTemplateSchemaDirectory |
| Remove-MgApplicationTokenIssuancePolicyByRef |
Remove a tokenIssuancePolicy from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationTokenIssuancePolicyTokenIssuancePolicyByRef |
| Remove-MgApplicationTokenIssuancePolicyTokenIssuancePolicyByRef |
Remove a tokenIssuancePolicy from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationTokenIssuancePolicyTokenIssuancePolicyByRef |
| Remove-MgApplicationTokenLifetimePolicyByRef |
Remove a tokenLifetimePolicy from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationTokenLifetimePolicyTokenLifetimePolicyByRef |
| Remove-MgApplicationTokenLifetimePolicyTokenLifetimePolicyByRef |
Remove a tokenLifetimePolicy from an application. Note To view the beta release of this cmdlet, view Remove-MgBetaApplicationTokenLifetimePolicyTokenLifetimePolicyByRef |
| Remove-MgGroupAppRoleAssignment |
Deletes an appRoleAssignment that a group has been granted. Note To view the beta release of this cmdlet, view Remove-MgBetaGroupAppRoleAssignment |
| Remove-MgServicePrincipal |
Delete a servicePrincipal object. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipal |
| Remove-MgServicePrincipalAppRoleAssignedTo |
Deletes an appRoleAssignment that a user, group, or client service principal has been granted for a resource service principal. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalAppRoleAssignedTo |
| Remove-MgServicePrincipalAppRoleAssignment |
Deletes an appRoleAssignment that a service principal has been granted. App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalAppRoleAssignment |
| Remove-MgServicePrincipalByAppId |
Delete a servicePrincipal object. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalByAppId |
| Remove-MgServicePrincipalClaimMappingPolicyByRef |
Remove a claimsMappingPolicy from a servicePrincipal. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalClaimMappingPolicyClaimMappingPolicyByRef |
| Remove-MgServicePrincipalClaimMappingPolicyClaimMappingPolicyByRef |
Remove a claimsMappingPolicy from a servicePrincipal. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalClaimMappingPolicyClaimMappingPolicyByRef |
| Remove-MgServicePrincipalDelegatedPermissionClassification |
Deletes a delegatedPermissionClassification which had previously been set for a delegated permission. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalDelegatedPermissionClassification |
| Remove-MgServicePrincipalEndpoint |
Delete navigation property endpoints for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalEndpoint |
| Remove-MgServicePrincipalHomeRealmDiscoveryPolicyByRef |
Remove a homeRealmDiscoveryPolicy from a servicePrincipal. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalHomeRealmDiscoveryPolicyHomeRealmDiscoveryPolicyByRef |
| Remove-MgServicePrincipalHomeRealmDiscoveryPolicyHomeRealmDiscoveryPolicyByRef |
Remove a homeRealmDiscoveryPolicy from a servicePrincipal. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalHomeRealmDiscoveryPolicyHomeRealmDiscoveryPolicyByRef |
| Remove-MgServicePrincipalKey |
Remove a key credential from a servicePrincipal. This method along with addKey can be used by a servicePrincipal to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. |
| Remove-MgServicePrincipalOwnerByRef |
Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalOwnerDirectoryObjectByRef |
| Remove-MgServicePrincipalOwnerDirectoryObjectByRef |
Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalOwnerDirectoryObjectByRef |
| Remove-MgServicePrincipalPassword |
Remove a password from a servicePrincipal object. |
| Remove-MgServicePrincipalRemoteDesktopSecurityConfiguration |
Delete a remoteDesktopSecurityConfiguration object on a servicePrincipal. Removing remoteDesktopSecurityConfiguration object on the servicePrincipal disables the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices, and removes any target device groups that you configured for SSO. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration |
| Remove-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
Delete a targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. Any user authenticating using the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to a Microsoft Entra joined or Microsoft Entra hybrid joined device that's in the removed targetDeviceGroup doesn't get SSO prompts. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
| Remove-MgServicePrincipalSynchronization |
Delete navigation property synchronization for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronization |
| Remove-MgServicePrincipalSynchronizationJob |
Stop the synchronization job, and permanently delete all the state associated with it. Synchronized accounts are left as-is. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationJob |
| Remove-MgServicePrincipalSynchronizationJobBulkUpload |
Delete navigation property bulkUpload for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationJobBulkUpload |
| Remove-MgServicePrincipalSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationJobBulkUploadContent |
| Remove-MgServicePrincipalSynchronizationJobSchema |
Delete navigation property schema for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationJobSchema |
| Remove-MgServicePrincipalSynchronizationJobSchemaDirectory |
Delete navigation property directories for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationJobSchemaDirectory |
| Remove-MgServicePrincipalSynchronizationTemplate |
Delete navigation property templates for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationTemplate |
| Remove-MgServicePrincipalSynchronizationTemplateSchema |
Delete navigation property schema for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationTemplateSchema |
| Remove-MgServicePrincipalSynchronizationTemplateSchemaDirectory |
Delete navigation property directories for servicePrincipals Note To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectory |
| Remove-MgUserAppRoleAssignment |
Delete an appRoleAssignment that has been granted to a user. Note To view the beta release of this cmdlet, view Remove-MgBetaUserAppRoleAssignment |
| Restart-MgApplicationSynchronizationJob |
Restart a stopped synchronization job, forcing it to reprocess all the objects in the directory. Optionally clears existing the synchronization state and previous errors. Note To view the beta release of this cmdlet, view Restart-MgBetaApplicationSynchronizationJob |
| Restart-MgServicePrincipalSynchronizationJob |
Restart a stopped synchronization job, forcing it to reprocess all the objects in the directory. Optionally clears existing the synchronization state and previous errors. Note To view the beta release of this cmdlet, view Restart-MgBetaServicePrincipalSynchronizationJob |
| Set-MgApplicationLogo |
The main logo for the application. Not nullable. Note To view the beta release of this cmdlet, view Set-MgBetaApplicationLogo |
| Set-MgApplicationSynchronization |
Update the navigation property synchronization in applications Note To view the beta release of this cmdlet, view Set-MgBetaApplicationSynchronization |
| Set-MgApplicationSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Set-MgBetaApplicationSynchronizationJobBulkUploadContent |
| Set-MgApplicationSynchronizationSecret |
Update property secrets value. Note To view the beta release of this cmdlet, view Set-MgBetaApplicationSynchronizationSecret |
| Set-MgApplicationVerifiedPublisher |
Set the verifiedPublisher on an application. For more information, including prerequisites to setting a verified publisher, see Publisher verification. Note To view the beta release of this cmdlet, view Set-MgBetaApplicationVerifiedPublisher |
| Set-MgServicePrincipalSynchronization |
Update the navigation property synchronization in servicePrincipals Note To view the beta release of this cmdlet, view Set-MgBetaServicePrincipalSynchronization |
| Set-MgServicePrincipalSynchronizationJobBulkUploadContent |
The bulk upload operation for the job. Note To view the beta release of this cmdlet, view Set-MgBetaServicePrincipalSynchronizationJobBulkUploadContent |
| Set-MgServicePrincipalSynchronizationSecret |
Provide credentials for establishing connectivity with the target system. Note To view the beta release of this cmdlet, view Set-MgBetaServicePrincipalSynchronizationSecret |
| Start-MgApplicationSynchronizationJob |
Start an existing synchronization job. If the job is in a paused state, it continues processing changes from the point where it was paused. If the job is in quarantine, the quarantine status is cleared. Don't create scripts to call the start job continuously while it's running because that can cause the service to stop running. Use the start job only when the job is currently paused or in quarantine. Note To view the beta release of this cmdlet, view Start-MgBetaApplicationSynchronizationJob |
| Start-MgServicePrincipalSynchronizationJob |
Start an existing synchronization job. If the job is in a paused state, it continues processing changes from the point where it was paused. If the job is in quarantine, the quarantine status is cleared. Don't create scripts to call the start job continuously while it's running because that can cause the service to stop running. Use the start job only when the job is currently paused or in quarantine. Note To view the beta release of this cmdlet, view Start-MgBetaServicePrincipalSynchronizationJob |
| Suspend-MgApplicationSynchronizationJob |
Temporarily stop a running synchronization job. All the progress, including job state, is persisted, and the job will continue from where it left off when a start call is made. Note To view the beta release of this cmdlet, view Suspend-MgBetaApplicationSynchronizationJob |
| Suspend-MgServicePrincipalSynchronizationJob |
Temporarily stop a running synchronization job. All the progress, including job state, is persisted, and the job will continue from where it left off when a start call is made. Note To view the beta release of this cmdlet, view Suspend-MgBetaServicePrincipalSynchronizationJob |
| Test-MgApplicationProperty |
Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you are only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy. Note To view the beta release of this cmdlet, view Test-MgBetaApplicationProperty |
| Test-MgApplicationSynchronizationJobCredential |
Validate that the credentials are valid in the tenant. Note To view the beta release of this cmdlet, view Test-MgBetaApplicationSynchronizationJobCredential |
| Test-MgServicePrincipalProperty |
Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you are only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy. Note To view the beta release of this cmdlet, view Test-MgBetaServicePrincipalProperty |
| Test-MgServicePrincipalSynchronizationJobCredential |
Validate that the credentials are valid in the tenant. Note To view the beta release of this cmdlet, view Test-MgBetaServicePrincipalSynchronizationJobCredential |
| Update-MgApplication |
Create a new application object if it doesn't exist, or update the properties of an existing application object. Note To view the beta release of this cmdlet, view Update-MgBetaApplication |
| Update-MgApplicationByAppId |
Create a new application object if it doesn't exist, or update the properties of an existing application object. Note To view the beta release of this cmdlet, view Update-MgBetaApplicationByAppId |
| Update-MgApplicationByUniqueName |
Create a new application object if it doesn't exist, or update the properties of an existing application object. Note To view the beta release of this cmdlet, view Update-MgBetaApplicationByUniqueName |
| Update-MgApplicationExtensionProperty |
Update the navigation property extensionProperties in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationExtensionProperty |
| Update-MgApplicationFederatedIdentityCredential |
Create a new federatedIdentityCredential object for an application if it doesn't exist, or update the properties of an existing federatedIdentityCredential object. By configuring a trust relationship between your Microsoft Entra application registration and the identity provider for your compute platform, you can use tokens issued by that platform to authenticate with Microsoft identity platform and call APIs in the Microsoft ecosystem. Maximum of 20 objects can be added to an application. Note To view the beta release of this cmdlet, view Update-MgBetaApplicationFederatedIdentityCredential |
| Update-MgApplicationFederatedIdentityCredentialByName |
Create a new federatedIdentityCredential object for an application if it doesn't exist, or update the properties of an existing federatedIdentityCredential object. By configuring a trust relationship between your Microsoft Entra application registration and the identity provider for your compute platform, you can use tokens issued by that platform to authenticate with Microsoft identity platform and call APIs in the Microsoft ecosystem. Maximum of 20 objects can be added to an application. Note To view the beta release of this cmdlet, view Update-MgBetaApplicationFederatedIdentityCredentialByName |
| Update-MgApplicationSynchronizationJob |
Update the navigation property jobs in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationJob |
| Update-MgApplicationSynchronizationJobBulkUpload |
Update the navigation property bulkUpload in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationJobBulkUpload |
| Update-MgApplicationSynchronizationJobSchema |
Update the navigation property schema in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationJobSchema |
| Update-MgApplicationSynchronizationJobSchemaDirectory |
Update the navigation property directories in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationJobSchemaDirectory |
| Update-MgApplicationSynchronizationTemplate |
Update (override) the synchronization template associated with a given application. Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationTemplate |
| Update-MgApplicationSynchronizationTemplateSchema |
Update the navigation property schema in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationTemplateSchema |
| Update-MgApplicationSynchronizationTemplateSchemaDirectory |
Update the navigation property directories in applications Note To view the beta release of this cmdlet, view Update-MgBetaApplicationSynchronizationTemplateSchemaDirectory |
| Update-MgGroupAppRoleAssignment |
Update the navigation property appRoleAssignments in groups Note To view the beta release of this cmdlet, view Update-MgBetaGroupAppRoleAssignment |
| Update-MgServicePrincipal |
Create a new servicePrincipal object if it doesn't exist, or update the properties of an existing servicePrincipal object. Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipal |
| Update-MgServicePrincipalAppRoleAssignedTo |
Update the navigation property appRoleAssignedTo in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalAppRoleAssignedTo |
| Update-MgServicePrincipalAppRoleAssignment |
Update the navigation property appRoleAssignments in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalAppRoleAssignment |
| Update-MgServicePrincipalByAppId |
Create a new servicePrincipal object if it doesn't exist, or update the properties of an existing servicePrincipal object. Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalByAppId |
| Update-MgServicePrincipalDelegatedPermissionClassification |
Update the navigation property delegatedPermissionClassifications in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalDelegatedPermissionClassification |
| Update-MgServicePrincipalEndpoint |
Update the navigation property endpoints in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalEndpoint |
| Update-MgServicePrincipalRemoteDesktopSecurityConfiguration |
Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices. Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration |
| Update-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
Update the properties of a targetDeviceGroup object for remoteDesktopSecurityConfiguration object on the servicePrincipal. You can configure a maximum of 10 target device groups for the remoteDesktopSecurityConfiguraiton object on the servicePrincipal. Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup |
| Update-MgServicePrincipalSynchronizationJob |
Update the navigation property jobs in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationJob |
| Update-MgServicePrincipalSynchronizationJobBulkUpload |
Update the navigation property bulkUpload in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationJobBulkUpload |
| Update-MgServicePrincipalSynchronizationJobSchema |
Update the synchronization schema for a given job or template. This method fully replaces the current schema with the one provided in the request. To update the schema of a template, make the call on the application object. You must be the owner of the application. Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationJobSchema |
| Update-MgServicePrincipalSynchronizationJobSchemaDirectory |
Update the navigation property directories in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationJobSchemaDirectory |
| Update-MgServicePrincipalSynchronizationTemplate |
Update the navigation property templates in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationTemplate |
| Update-MgServicePrincipalSynchronizationTemplateSchema |
Update the navigation property schema in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationTemplateSchema |
| Update-MgServicePrincipalSynchronizationTemplateSchemaDirectory |
Update the navigation property directories in servicePrincipals Note To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalSynchronizationTemplateSchemaDirectory |
| Update-MgUserAppRoleAssignment |
Update the navigation property appRoleAssignments in users Note To view the beta release of this cmdlet, view Update-MgBetaUserAppRoleAssignment |