az ad sp credential

Manage a service principal's credentials.

The credential update will be applied on the Application object the service principal is associated with. In other words, you can accomplish the same thing using "az ad app credential".

Commands

az ad sp credential delete

Delete a service principal's credential.

az ad sp credential list

List a service principal's credentials.

az ad sp credential reset

Reset a service principal credential.

az ad sp credential delete

Delete a service principal's credential.

az ad sp credential delete --id
                           --key-id
                           [--cert]

Examples

Delete a service principal's credential. (autogenerated)

az ad sp credential delete --id 00000000-0000-0000-0000-000000000000 --key-id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Required Parameters

--id

Service principal name, or object id.

--key-id

Credential key id.

Optional Parameters

--cert

A certificate based credential.

az ad sp credential list

List a service principal's credentials.

az ad sp credential list --id
                         [--cert]
                         [--query-examples]

Examples

List a service principal's credentials. (autogenerated)

az ad sp credential list --id 00000000-0000-0000-0000-000000000000

Required Parameters

--id

Service principal name, or object id.

Optional Parameters

--cert

A certificate based credential.

--query-examples

Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.

az ad sp credential reset

Reset a service principal credential.

Use upon expiration of the service principal's credentials, or in the event that login credentials are lost.

az ad sp credential reset --name
                          [--append]
                          [--cert]
                          [--create-cert]
                          [--credential-description]
                          [--end-date]
                          [--keyvault]
                          [--password]
                          [--years]

Examples

Append a certificate to the service principal with the certificate string.

az ad sp credential reset --name myapp --cert "MIICoT..." --append

Append a certificate to the service principal with the certificate file.

az ad sp credential reset --name myapp --cert "@~/cert.pem" --append
cert.pem contains the following content
-----BEGIN CERTIFICATE-----  <<< this line is optional
MIICoT...
-----END CERTIFICATE-----    <<< this line is optional

Reset a service principal credential. (autogenerated)

az ad sp credential reset --name MyAppURIForCredential

Required Parameters

--name -n

Name or app ID of the service principal.

Optional Parameters

--append

Append the new credential instead of overwriting.

--cert

Certificate to use for credentials.

--create-cert

Create a self-signed certificate to use for the credential.

--credential-description

The description of the password.

--end-date

Finer grain of expiry time if '--years' is insufficient, e.g. '2020-12-31T11:59:59+00:00' or '2299-12-31'.

--keyvault

Name or ID of a KeyVault to use for creating or retrieving certificates.

--password -p

The password used to log in.

--years

Number of years for which the credentials will be valid. Default: 1 year.