< Back
New-AzureRmADServicePrincipal
Post
NAME New-AzureRmADServicePrincipal
SYNOPSIS
Creates a new azure active directory service principal.
SYNTAX
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] [-EndDate <DateTime>] -Password <SecureString>
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] -PasswordCredentials <PSADPasswordCredential[]>
[-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> -CertValue <String> [-DefaultProfile <IAzureContextContainer>] [-EndDate <DateTime>]
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] -KeyCredentials <PSADKeyCredential[]> [-Confirm]
[-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -CertValue <String> [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-EndDate <DateTime>]
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-EndDate <DateTime>] -Password <SecureString>
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> -PasswordCredentials <PSADPasswordCredential[]>
[-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> -KeyCredentials <PSADKeyCredential[]> [-Confirm]
[-WhatIf] [<CommonParameters>]
DESCRIPTION
Creates a new azure active directory service principal.
Note: The cmdlet also implicitly creates an application and sets its properties (if the ApplicationId is not provided). In order to update the
application specific parameters please use Set-AzureRmADApplication cmdlet.
PARAMETERS
-ApplicationId <Guid>
The unique application id for a service principal in a tenant. Once created this property cannot be changed. If an application id is not
specified, one will be generated.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-CertValue <String>
The value of the "asymmetric" credential type. It represents the base 64 encoded certificate.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-DisplayName <String>
The friendly name of the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EndDate <DateTime>
The effective end date of the credential usage. The default end date value is one year from today. For an "asymmetric" type credential, this
must be set to on or before the date that the X509 certificate is valid.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyCredentials <PSADKeyCredential[]>
The list of certificate credentials associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Password <SecureString>
The password to be associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PasswordCredentials <PSADPasswordCredential[]>
The list of password credentials associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-StartDate <DateTime>
The effective start date of the credential usage. The default start date value is today. For an "asymmetric" type credential, this must be
set to on or after the date that the X509 certificate is valid from.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory.PSADServicePrincipal
NOTES
Keywords: azure, azurerm, arm, resource, management, manager, resource, group, template, deployment
Example 1
New-AzureRmADServicePrincipal -ApplicationId 34a28ad2-dec4-4a41-bc3b-d22ddf90000e
Creates a new azure active directory service principal.
DisplayName Type ObjectId ----------- ---- --------
DemoApp ServicePrincipal f95b6f5c-fc98-4af0-bb8a-34a14ca1dca1
Example 2
$SecureStringPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force
New-AzureRmADServicePrincipal -DisplayName SPForNoExistingApp -Password $SecureStringPassword
Creates a new service principal. The cmdlet also implicitly creates an application since one is not provided.
DisplayName Type ObjectId ----------- ---- --------
SPForNoExistingApp ServicePrincipal 784136ca-3ae2-4fdd-a388-89d993e7c780
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... eprincipal
Remove-AzureRmADServicePrincipal
Get-AzureRmADServicePrincipal
New-AzureRmADApplication
Remove-AzureRmADApplication
Get-AzureRmADSpCredential
New-AzureRmADSpCredential
Remove-AzureRmADSpCredential
SYNOPSIS
Creates a new azure active directory service principal.
SYNTAX
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] [-EndDate <DateTime>] -Password <SecureString>
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] -PasswordCredentials <PSADPasswordCredential[]>
[-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> -CertValue <String> [-DefaultProfile <IAzureContextContainer>] [-EndDate <DateTime>]
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] -KeyCredentials <PSADKeyCredential[]> [-Confirm]
[-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal -CertValue <String> [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-EndDate <DateTime>]
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> [-EndDate <DateTime>] -Password <SecureString>
[-StartDate <DateTime>] [-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> -PasswordCredentials <PSADPasswordCredential[]>
[-Confirm] [-WhatIf] [<CommonParameters>]
New-AzureRmADServicePrincipal [-DefaultProfile <IAzureContextContainer>] -DisplayName <String> -KeyCredentials <PSADKeyCredential[]> [-Confirm]
[-WhatIf] [<CommonParameters>]
DESCRIPTION
Creates a new azure active directory service principal.
Note: The cmdlet also implicitly creates an application and sets its properties (if the ApplicationId is not provided). In order to update the
application specific parameters please use Set-AzureRmADApplication cmdlet.
PARAMETERS
-ApplicationId <Guid>
The unique application id for a service principal in a tenant. Once created this property cannot be changed. If an application id is not
specified, one will be generated.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-CertValue <String>
The value of the "asymmetric" credential type. It represents the base 64 encoded certificate.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-DisplayName <String>
The friendly name of the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-EndDate <DateTime>
The effective end date of the credential usage. The default end date value is one year from today. For an "asymmetric" type credential, this
must be set to on or before the date that the X509 certificate is valid.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-KeyCredentials <PSADKeyCredential[]>
The list of certificate credentials associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Password <SecureString>
The password to be associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PasswordCredentials <PSADPasswordCredential[]>
The list of password credentials associated with the service principal.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-StartDate <DateTime>
The effective start date of the credential usage. The default start date value is today. For an "asymmetric" type credential, this must be
set to on or after the date that the X509 certificate is valid from.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory.PSADServicePrincipal
NOTES
Keywords: azure, azurerm, arm, resource, management, manager, resource, group, template, deployment
Example 1
New-AzureRmADServicePrincipal -ApplicationId 34a28ad2-dec4-4a41-bc3b-d22ddf90000e
Creates a new azure active directory service principal.
DisplayName Type ObjectId ----------- ---- --------
DemoApp ServicePrincipal f95b6f5c-fc98-4af0-bb8a-34a14ca1dca1
Example 2
$SecureStringPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force
New-AzureRmADServicePrincipal -DisplayName SPForNoExistingApp -Password $SecureStringPassword
Creates a new service principal. The cmdlet also implicitly creates an application since one is not provided.
DisplayName Type ObjectId ----------- ---- --------
SPForNoExistingApp ServicePrincipal 784136ca-3ae2-4fdd-a388-89d993e7c780
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... eprincipal
Remove-AzureRmADServicePrincipal
Get-AzureRmADServicePrincipal
New-AzureRmADApplication
Remove-AzureRmADApplication
Get-AzureRmADSpCredential
New-AzureRmADSpCredential
Remove-AzureRmADSpCredential