Manage Azure AD service principals

Updated: July 30, 2015

Applies To: Azure, Azure Active Directory, Office 365, Windows Intune

Manage service principals

Use the following cmdlets to perform a variety of tasks related to service principals.

Windows PowerShell cmdlet Description

Set-MsolServicePrincipal

The Set-MsolServicePrincipal cmdlet updates a service principal in Azure AD. It can be used to update the display name, enable/disable the service principal, trusted for delegation, the service principal names (SPNs) or the addresses.

New-MsolServicePrincipal

The New-MsolServicePrincipal cmdlet creates a service principal that can be used to represent a Line Of Business (LOB) application or an on-premises server such as Microsoft Exchange, SharePoint or Lync in Azure AD as "service principal" objects. Adding a new application as a service principal allows that application to authenticate to other Microsoft Online Services.

Get-MsolServicePrincipal

The Get-MsolServicePrincipal cmdlet can be used to retrieve a service principal or a list of service principals from Azure AD.

Remove-MsolServicePrincipal

The Remove-MsolServicePrincipal cmdlet removes a service principal from Azure AD.

New-MsolServicePrincipalAddresses

The New-MsolServicePrincipalAddress cmdlet creates a new service principal address object that can be used to update the addresses for a service principal.

Get-MsolServicePrincipalCredential

The Get-MsolServicePrincipalCredential cmdlet can be used to retrieve a list of credentials associated with a service principal.

New-MsolServicePrincipalCredential

The New-MsolServicePrincipalCredential cmdlet can be used to add a new credential to a service principal or to add or roll credential keys for an application. The service principal is identified by supplying either the object ID, application ID, or service principal name (SPN).

Remove-MsolServicePrincipalCredential

The Remove-MsolServicePrincipalCredential cmdlet can be used to remove a credential key from a service principal in the case of a compromise or as part of credential key rollover expiration. The service principal is identified by supplying either the object ID, application ID, or service principal name (SPN). The credential to be removed is identified by its key ID.

See Also

Concepts

Manage Azure AD using Windows PowerShell