Remove-AzADAppCredential

Is this page helpful?

Any additional feedback?

Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy.

Module:

Az.Resources

Removes a credential from an application.

Warning

There are upcoming breaking changes in this cmdlet. These changes are currently in preview with Az.Resources version 5.0.0-preview. They will become generally available with our next major release of the Az PowerShell module, version 7.x in December of 2021. For more information, see Azure AD to Microsoft Graph migration changes in Azure PowerShell.

Note

This is the previous version of our documentation. Please consult the most recent version for up-to-date information.

Syntax

Remove-AzADAppCredential
      -ObjectId <String>
      [-KeyId <Guid>]
      [-PassThru]
      [-Force]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Remove-AzADAppCredential
      -ApplicationId <Guid>
      [-KeyId <Guid>]
      [-PassThru]
      [-Force]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Remove-AzADAppCredential
      -DisplayName <String>
      [-PassThru]
      [-Force]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Remove-AzADAppCredential
      [-KeyId <Guid>]
      -ApplicationObject <PSADApplication>
      [-PassThru]
      [-Force]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Remove-AzADAppCredential cmdlet can be used to remove a credential key from an application in the case of a compromise or as part of credential key rollover expiration. The application is identified by supplying either the object ID or AppId. The credential to be removed is identified by its key ID.

Examples

Example 1: Remove a specific credential from an application

PS C:\> Remove-AzADAppCredential -ObjectId 7663d3fb-6f86-4352-9e6d-cf9d50d5ee82 -KeyId 9044423a-60a3-45ac-9ab1-09534157ebb

Removes the credential with key id '9044423a-60a3-45ac-9ab1-09534157ebb' from the application with object id '7663d3fb-6f86-4352-9e6d-cf9d50d5ee82'.

Example 2: Remove all credentials from an application

PS C:\> Remove-AzADAppCredential -ApplicationId 4589cd6b-3d79-4bb4-93b8-a0b99f3bfc58

Removes all credentials from the application with application id '4589cd6b-3d79-4bb4-93b8-a0b99f3bfc58'.

Example 3: Remove all credentials using piping

PS C:\> Get-AzADApplication -ObjectId 7663d3fb-6f86-4352-9e6d-cf9d50d5ee82 | Remove-AzADAppCredential

Gets the application with object id '7663d3fb-6f86-4352-9e6d-cf9d50d5ee82' and pipes that to the Remove-AzADAppCredential cmdlet and removes all credentials from that application.

Parameters

-ApplicationId

The id of the application to remove the credentials from.

Type:	Guid
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-ApplicationObject

The application object to remove the credentials from.

Type:	PSADApplication
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Type:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-DisplayName

The display name of the application.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Force

Switch to delete credential without a confirmation.

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-KeyId

Specifies the credential key to be removed. The key Ids for the application can be obtained using the Get-AzADAppCredential cmdlet.

Type:	Guid
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-ObjectId

The object id of the application to remove the credentials from.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-PassThru

Specifying this will return true if the command was successful.

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

String

Guid

PSADApplication

Outputs

Boolean

Related Links

• Get-AzADAppCredential
• New-AzADAppCredential
• Get-AzADApplication