Remove-AzureRmADAppCredential

Module:: AzureRM.Resources Module

Removes a credential from an application.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

ApplicationObjectIdWithKeyIdParameterSet (Default)

Remove-AzureRmADAppCredential
    -ObjectId <Guid>
    [-KeyId <Guid>]
    [-PassThru]
    [-Force]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

ApplicationIdWithKeyIdParameterSet

Remove-AzureRmADAppCredential
    -ApplicationId <Guid>
    [-KeyId <Guid>]
    [-PassThru]
    [-Force]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

ApplicationDisplayNameParameterSet

Remove-AzureRmADAppCredential
    -DisplayName <String>
    [-PassThru]
    [-Force]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

ApplicationObjectWithKeyIdParameterSet

Remove-AzureRmADAppCredential
    -ApplicationObject <PSADApplication>
    [-KeyId <Guid>]
    [-PassThru]
    [-Force]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

The Remove-AzureRmADAppCredential cmdlet can be used to remove a credential key from an application in the case of a compromise or as part of credential key rollover expiration. The application is identified by supplying either the object ID or AppId. The credential to be removed is identified by its key ID.

Examples

Example 1 - Remove a specific credential from an application

PS C:\> Remove-AzureRmADAppCredential -ObjectId 00001111-aaaa-2222-bbbb-3333cccc4444 -KeyId 9044423a-60a3-45ac-9ab1-09534157ebb

Removes the credential with key id '9044423a-60a3-45ac-9ab1-09534157ebb' from the application with object id '00001111-aaaa-2222-bbbb-3333cccc4444'.

Example 2 - Remove all credentials from an application

PS C:\> Remove-AzureRmADAppCredential -ApplicationId 00001111-aaaa-2222-bbbb-3333cccc4444

Removes all credentials from the application with application id '00001111-aaaa-2222-bbbb-3333cccc4444'.

Example 3 - Remove all credentials using piping

PS C:\> Get-AzureRmADApplication -ObjectId 00001111-aaaa-2222-bbbb-3333cccc4444 | Remove-AzureRmADAppCredential

Gets the application with object id '00001111-aaaa-2222-bbbb-3333cccc4444' and pipes that to the Remove-AzureRmADAppCredential cmdlet and removes all credentials from that application.

Parameters

-ApplicationId

The id of the application to remove the credentials from.

Parameter properties

Type:	Guid
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ApplicationIdWithKeyIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-ApplicationObject

The application object to remove the credentials from.

Parameter properties

Type:	PSADApplication
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ApplicationObjectWithKeyIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	True
Value from pipeline by property name:	False
Value from remaining arguments:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	cf

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Parameter properties

Type:	IAzureContextContainer
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	AzureRmContext, AzureCredential

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DisplayName

The display name of the application.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ApplicationDisplayNameParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-Force

Switch to delete credential without a confirmation.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-KeyId

Specifies the credential key to be removed. The key Ids for the application can be obtained using the Get-AzureRmADAppCredential cmdlet.

Parameter properties

Type:	Guid
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ApplicationObjectIdWithKeyIdParameterSet

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

ApplicationIdWithKeyIdParameterSet

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-ObjectId

The object id of the application to remove the credentials from.

Parameter properties

Type:	Guid
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ApplicationObjectIdWithKeyIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-PassThru

Specifying this will return true if the command was successful.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	wi

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Share via

Remove-AzureRmADAppCredential

Syntax

ApplicationObjectIdWithKeyIdParameterSet (Default)

ApplicationIdWithKeyIdParameterSet

ApplicationDisplayNameParameterSet

ApplicationObjectWithKeyIdParameterSet

Description

Examples

Example 1 - Remove a specific credential from an application

Example 2 - Remove all credentials from an application

Example 3 - Remove all credentials using piping

Parameters

-ApplicationId

Parameter properties

Parameter sets

-ApplicationObject

Parameter properties

Parameter sets

-Confirm

Parameter properties

Parameter sets

-DefaultProfile

Parameter properties

Parameter sets

-DisplayName

Parameter properties

Parameter sets

-Force

Parameter properties

Parameter sets

-KeyId

Parameter properties

Parameter sets

-ObjectId

Parameter properties

Parameter sets

-PassThru

Parameter properties

Parameter sets

-WhatIf

Parameter properties

Parameter sets

CommonParameters

Inputs

Guid

String

PSADApplication

Outputs

Boolean

Related Links