Remove-MsolServicePrincipalCredential
Removes a credential key from a service principal.
Syntax
Remove-MsolServicePrincipalCredential
-ObjectId <Guid>
-KeyIds <Guid[]>
[-TenantId <Guid>]
[<CommonParameters>] Remove-MsolServicePrincipalCredential
-KeyIds <Guid[]>
-ServicePrincipalName <String>
[-TenantId <Guid>]
[<CommonParameters>] Remove-MsolServicePrincipalCredential
-KeyIds <Guid[]>
-AppPrincipalId <Guid>
[-TenantId <Guid>]
[<CommonParameters>] Description
The Remove-MsolServicePrincipalCredential cmdlet removes a credential key from a service principal in the case of a compromise or as part of credential key rollover expiration. The service principal is identified by supplying either the object ID, application ID, or service principal name (SPN). The credential to be removed is identified by its key ID.
Examples
Example 1: Remove a credential from a service principal
PS C:\> Remove-MsolServicePrincipalCredential -KeyIds @("aaaaaaaa-0b0b-1c1c-2d2d-333333333333") -ServicePrincipalName "MyApp2/myApp.com"This command removes a credential key from a service principal. In this example, the key ID aaaaaaaa-0b0b-1c1c-2d2d-333333333333 is removed from the service principal associated with the service principal name MyApp2/myApp.com. To show a list of key IDs associated with a service principal, use the Get-MsolServicePrincipalCredential cmdlet.
Parameters
-AppPrincipalId
Specifies the application ID of the service principal from which to remove the credential.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-KeyIds
Specifies an array of unique IDs of credential keys to remove. The key IDs for a service principal can be obtained by using the Get-MsolServicePrincipalCredential cmdlet.
| Type: | Guid[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ObjectId
Specifies the unique object ID of the service principal from which to remove the credential.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ServicePrincipalName
Specifies the name of the service principal from which to remove the credential. An SPN must use one of the following formats:
appNameappName/hostname- a valid URL
AppName represents the name of the application. Hostname represents the URI authority for the application.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TenantId
Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |