Export (0) Print
Expand All
Expand Minimize

Get-MsolServicePrincipal

Published: April 18, 2013

Updated: September 17, 2014

Applies To: Azure, Office 365, Windows Intune

noteNote
  • This topic provides online help content for cloud services, such as Windows Intune and Office 365, which rely on Microsoft Azure Active Directory for identity and directory services.

  • The Microsoft Azure Active Directory Module for Windows PowerShell cmdlets were previously known as the Microsoft Online Services Module for Windows PowerShell cmdlets.

The Get-MsolServicePrincipal cmdlet can be used to retrieve a service principal or a list of service principals from Microsoft Azure Active Directory (Microsoft Azure AD).

Get-MsolServicePrincipal [-All] [-MaxResults <int>] [-TenantId <Guid>] [<CommonParameters>]
Get-MsolServicePrincipal -ObjectId <Guid> [-TenantId <Guid>] [<CommonParameters>]
Get-MsolServicePrincipal -AppPrincipalId <Guid> [-TenantId <Guid>] [<CommonParameters>]
Get-MsolServicePrincipal -ServicePrincipalName <string> [-TenantId <Guid>] [<CommonParameters>]

    -All [<SwitchParameter>]
        If present then all results will be returned. Cannot be used with the 
        MaxResults parameter.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       false
        Accept wildcard characters?  false
        
    -AppPrincipalId <Guid>
        The application ID associated with the service principal to retrieve.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -MaxResults <int>
        The maximum number of results returned for a search result. If not 
        specified, 500 results will be returned.
        
        Required?                    false
        Position?                    named
        Default value                500
        Accept pipeline input?       false
        Accept wildcard characters?  false
        
    -ObjectId <Guid>
        The object ID associated with the service principal to retrieve.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -ServicePrincipalName <string>
        The unique name of the service principal to retrieve.
        An SPN must use one of the following formats "appName" or 
        "appName/hostname" or be a valid URL.  AppName represents the name of 
        the application and hostname represents the URI authority for the 
        application.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -TenantId <Guid>
        The unique ID of the tenant to perform the operation on. If this is 
        not provided, then the value will default to the tenant of the current 
        user. This parameter is only applicable to partner users.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer, PipelineVariable, and OutVariable. For more information, 
    see 
        about_CommonParameters 
    (http://go.microsoft.com/fwlink/?LinkID=113216).

Output is provided by Microsoft.Online.Administration.ServicePrincipal. The output provided will retrieve a service principal or a list of service principals from Azure AD. Each service principal contains the following information:

  • ObjectId - The unique identifier of the service principal

  • AppPrincipalId - The application identifier of the service principal

  • DisplayName - The friendly name of the service principal

  • ServicePrincipalName - The list of service principal names (SPNs) associated with the service principal

  • AccountEnabled - The value indicating if the account is enabled

The following command will list all of the existing service principals in the organization's tenant.

Get-MsolServicePrincipal

This command lists all of the existing service principals that have a ServicePrincipalName that start with "MyApp". Note: This is an exact match of the appClass portion of the ServicePrincipalName up to the forward slash. In many cases this is equivalent to the DisplayName.

Get-MsolServicePrincipal -ServicePrincipalName "Microsoft.Azure.ActiveDirectoryUX"

This command gets a service principal with a specific AppPrincipalId. In this example, the value of "00000012-0000-0000-c000-000000000000" returns a service principal with display name "Microsoft.Azure.RMS".

Get-MsolServicePrincipal -AppPrincipalId 00000012-0000-0000-c000-000000000000

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft