az ad sp credential
Manage a service principal's credentials.
The credential update will be applied on the Application object the service principal is associated with. In other words, you can accomplish the same thing using "az ad app credential".
Commands
| az ad sp credential delete |
Delete a service principal's credential. |
| az ad sp credential list |
List a service principal's credentials. |
| az ad sp credential reset |
Reset a service principal credential. |
az ad sp credential delete
Delete a service principal's credential.
az ad sp credential delete --id
--key-id
[--cert]Examples
Delete a service principal's credential. (autogenerated)
az ad sp credential delete --id 00000000-0000-0000-0000-000000000000 --key-id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxRequired Parameters
Service principal name, or object id.
Credential key id.
Optional Parameters
A certificate based credential.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad sp credential list
List a service principal's credentials.
az ad sp credential list --id
[--cert]
[--query-examples]Examples
List a service principal's credentials. (autogenerated)
az ad sp credential list --id 00000000-0000-0000-0000-000000000000Required Parameters
Service principal name, or object id.
Optional Parameters
A certificate based credential.
Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad sp credential reset
Reset a service principal credential.
Use upon expiration of the service principal's credentials, or in the event that login credentials are lost.
az ad sp credential reset --name
[--append]
[--cert]
[--create-cert]
[--credential-description]
[--end-date]
[--keyvault]
[--password]
[--years]Examples
Append a certificate to the service principal with the certificate string.
az ad sp credential reset --name myapp --cert "MIICoT..." --appendAppend a certificate to the service principal with the certificate file.
az ad sp credential reset --name myapp --cert "@~/cert.pem" --append
cert.pem contains the following content
-----BEGIN CERTIFICATE----- <<< this line is optional
MIICoT...
-----END CERTIFICATE----- <<< this line is optionalReset a service principal credential. (autogenerated)
az ad sp credential reset --name MyAppURIForCredentialRequired Parameters
Name or app ID of the service principal.
Optional Parameters
Append the new credential instead of overwriting.
Certificate to use for credentials.
Create a self-signed certificate to use for the credential.
The description of the password.
Finer grain of expiry time if '--years' is insufficient, e.g. '2020-12-31T11:59:59+00:00' or '2299-12-31'.
Name or ID of a KeyVault to use for creating or retrieving certificates.
The password used to log in.
Number of years for which the credentials will be valid. Default: 1 year.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.