servicePrincipalLockConfiguration resource type

Namespace: microsoft.graph

Specifies the sensitive properties of the app that are locked for editing on the service principal. You can disable this configuration to allow the properties to be updated.

For more information about managing this object, see Lock sensitive properties for service principals

Properties

Property Type Description
isEnabled Boolean Enables or disables service principal lock configuration. To allow the sensitive properties to be updated, update this property to false to disable the lock on the service principal.
allProperties Boolean Enables locking all sensitive properties. The sensitive properties are keyCredentials, passwordCredentials, and tokenEncryptionKeyId.
credentialsWithUsageVerify Boolean Locks the keyCredentials and passwordCredentials properties for modification where credential usage type is Verify. This locks OAuth service principals.
credentialsWithUsageSign Boolean Locks the keyCredentials and passwordCredentials properties for modification where credential usage type is Sign.
tokenEncryptionKeyId Boolean Locks the tokenEncryptionKeyId property for modification on the service principal.

JSON representation

The following JSON representation shows the resource type.

{
   "@odata.type": "#microsoft.graph.servicePrincipalLockConfiguration",
   "isEnabled": "Boolean",
   "allProperties": "Boolean",
   "credentialsWithUsageVerify": "Boolean",
   "credentialsWithUsageSign": "Boolean",
   "tokenEncryptionKeyId": "Boolean"
}