New-​Azure​Rm​AD​Sp​Credential

Adds a credential to an existing service principal.

Syntax

New-AzureRmADSpCredential
   -ObjectId <String>
   -Password <String>
   [-StartDate <DateTime>]
   [-EndDate <DateTime>]
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   [-WhatIf]
   [-Confirm]
New-AzureRmADSpCredential
   -ObjectId <String>
   [-StartDate <DateTime>]
   [-EndDate <DateTime>]
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   [-WhatIf]
   [-Confirm]
   -CertValue <String>
New-AzureRmADSpCredential
   -Password <String>
   [-StartDate <DateTime>]
   [-EndDate <DateTime>]
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   [-WhatIf]
   [-Confirm]
   -ServicePrincipalName <String>
New-AzureRmADSpCredential
   [-StartDate <DateTime>]
   [-EndDate <DateTime>]
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   [-WhatIf]
   [-Confirm]
   -CertValue <String>
   -ServicePrincipalName <String>

Description

The New-AzureRmADSpCredential cmdlet can be used to add a new credential or to roll credentials for a service principal. The service principal is identified by supplying either the object id or service principal name.

Examples

-------------------------- Example 1 --------------------------

@{paragraph=PS C:\>}

PS E:\> New-AzureRmADSpCredential -ObjectId 1f99cf81-0146-4f4e-beae-2007d0668476 -Password "P@ssw0rd!"

A new password credential is added to an existing service principal. In this example, the supplied password value is added to the service principal using the objectId.

-------------------------- Example 2 --------------------------

@{paragraph=PS C:\>}

$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate 

$cer.Import("C:\myapp.cer") 

$binCert = $cer.GetRawCertData() 

$credValue = [System.Convert]::ToBase64String($binCert)

PS E:\> New-AzureRmADSpCredential -ServicePrincipalName "http://test123" -CertValue $credValue -StartDate $cer.GetEffectiveDateString() -EndDate $cer.GetExpirationDateString()

A new key credential is added to an existing service principal. In this example, the supplied base64 encoded public X509 certificate ("myapp.cer") is added to the service principal using its SPN.

-------------------------- Example 3 --------------------------

@{paragraph=PS C:\>}

PS E:\> New-AzureRmADSpCredential -ServicePrincipalName "http://test123" -CertValue $credValue

Required Parameters

-CertValue

The value of the "asymmetric" credential type. It represents the base 64 encoded certificate.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ObjectId

The object id of the service principal to add the credentials to.

Type:String
Aliases:ServicePrincipalObjectId
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-Password

The password to be associated with the application.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ServicePrincipalName

The name (SPN) of the service principal to add the credentials to.

Type:String
Aliases:SPN
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EndDate

The effective end date of the credential usage. The default end date value is one year from today. For an "asymmetric" type credential, this must be set to on or before the date that the X509 certificate is valid.

Type:DateTime
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-InformationAction

Specifies how this cmdlet responds to an information event.The acceptable values for this parameter are:- Continue

  • Ignore
  • Inquire
  • SilentlyContinue
  • Stop
  • Suspend
Type:ActionPreference
Aliases:infa
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-InformationVariable

Specifies an information variable.

Type:String
Aliases:iv
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-StartDate

The effective start date of the credential usage. The default start date value is today. For an "asymmetric" type credential, this must be set to on or after the date that the X509 certificate is valid from.

Type:DateTime
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-WhatIf
Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False