Hi @Milo James
Ok got it. You could use the below cmdlet to filter out Managed Identities as managed identities contain 'https://identity.azure.net' as part of Service Principal Names.
$AzApps = Get-AzADServicePrincipal | Where-Object -FilterScript { ($_.ServicePrincipalNames -notmatch "https://identity.azure.net") }
Please let me know if this helps to achieve your goal.
Thanks
Saurabh
----------
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.