Delete an enterprise application
In this article, you learn how to delete an enterprise application that was added to your Microsoft Entra tenant.
When you delete and enterprise application, it remains in a suspended state in the recycle bin for 30 days. During the 30 days, you can Restore the application. Deleted items are automatically hard deleted after the 30-day period. For more information on frequently asked questions about deletion and recovery of applications, see Deleting and recovering applications FAQs.
Prerequisites
To delete an enterprise application, you need:
- A Microsoft Entra user account. If you don't already have one, you can Create an account for free.
- One of the following roles: Cloud Application Administrator, Application Administrator, or owner of the service principal.
- An enterprise application added to your tenant
Delete an enterprise application using Microsoft Entra admin center
Tip
Steps in this article might vary slightly based on the portal you start from.
Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
Browse to Identity > Applications > Enterprise applications > All applications.
Enter the name of the existing application in the search box, and then select the application from the search results. In this article, we use the Microsoft Entra SAML Toolkit 1 as an example.
In the Manage section of the left menu, select Properties.
At the top of the Properties pane, select Delete, and then select Yes to confirm you want to delete the application from your Microsoft Entra tenant.
Delete an enterprise application using Azure AD PowerShell
Make sure you're using the Azure AD PowerShell module. This is important if you've installed both the Azure AD PowerShell module and the AzureADPreview module.
Run the following commands:
Remove-Module AzureADPreview Import-Module AzureAD
Connect to Azure AD PowerShell and sign in as at least a Cloud Application Administrator:
Connect-AzureAD
Get the list of enterprise applications in your tenant.
Get-AzureADServicePrincipal
Record the object ID of the enterprise app you want to delete.
Delete the enterprise application.
Remove-AzureADServicePrincipal -ObjectId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
Delete an enterprise application using Microsoft Graph PowerShell
Connect to Microsoft Graph PowerShell and sign in as at least a Cloud Application Administrator:
Connect-MgGraph -Scopes 'Application.ReadWrite.All'
Get the list of enterprise applications in your tenant.
Get-MgServicePrincipal
Record the object ID of the enterprise app you want to delete.
Delete the enterprise application.
Remove-MgServicePrincipal -ServicePrincipalId 'aaaaaaaa-bbbb-cccc-1111-222222222222'
Delete an enterprise application using Microsoft Graph API
To delete an enterprise application using Graph Explorer, you need to sign in as at least a Cloud Application Administrator.
To get the list of service principals in your tenant, run the following query.
GET https://graph.microsoft.com/v1.0/servicePrincipals
Record the ID of the enterprise app you want to delete.
Delete the enterprise application.
DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{servicePrincipal-id}