This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
If you lose your service principal credentials, reset the credentials using az ad sp credential reset. This step details how to reset your service principal password or certificate.
Warning
While learning to manage Azure service principals, returning passwords and credential locations in your terminal, and consequently in your log file, is common. However, when outside of a testing environment, store credential output in a variable.
Use az ad sp credential reset command to create a new password or certificate for your service principal. If you don't know the ID associated with your service principal, use the az ad sp list command as explained in Get an existing service principal.
Reset a service principal password.
az ad sp credential reset --id myServicePrincipalID
Console output showing the new password in the console. This information is also written in the log.
{
"appId": "myServicePrincipalID",
"password": "myServicePrincipalNewPassword",
"tenant": "myTenantID"
}
Reset a service principal credential with a new self-signed certificate.
az ad sp credential reset --id myServicePrincipalID --create-cert
Console output showing the new certificate location in the console. This information is also written in the log.
{
"appId": "myServicePrincipalID",
"fileWithCertAndPrivateKey": "myLocation/myPemFileName.pem",
"password": null,
"tenant": "myTenantID"
}
To avoid storing credentials in your log file, use the --query parameter to store output in a variable. When testing, use the echo command to see the value of your variable, but understand that echo writes to the log.
Reset a service principal credential with a password.
# Bash script
myNewPassword=$(az ad sp credential reset --id myServicePrincipalID --query password --output tsv)
# the echo command writes to the log file
# only use it when testing
echo $myNewPassword
Now that you've learned how to reset your service principal credentials, proceed to the next step to see how to clean up tutorial resources.
Azure CLI feedback
Azure CLI is an open source project. Select a link to provide feedback:
Training
Module
Authenticate your Azure deployment pipeline by using service principals - Training
Learn how to create, manage, and grant permissions to service principals, which enable your deployment pipelines to securely authenticate to Azure.
Certification
Microsoft Certified: Identity and Access Administrator Associate - Certifications
Demonstrate the features of Microsoft Entra ID to modernize identity solutions, implement hybrid solutions, and implement identity governance.
