Remove-​Azure​Rm​AD​Sp​Credential

Removes a credential from a service principal.

Syntax

Remove-AzureRmADSpCredential
      [-All]
      [-Force]
      -ObjectId <String>
      [-Confirm]
      [-WhatIf]
      [<CommonParameters>]
Remove-AzureRmADSpCredential
      [-All]
      [-Force]
      -ServicePrincipalName <String>
      [-Confirm]
      [-WhatIf]
      [<CommonParameters>]
Remove-AzureRmADSpCredential
      [-Force]
      -KeyId <Guid>
      -ObjectId <String>
      [-Confirm]
      [-WhatIf]
      [<CommonParameters>]
Remove-AzureRmADSpCredential
      [-Force]
      -KeyId <Guid>
      -ServicePrincipalName <String>
      [-Confirm]
      [-WhatIf]
      [<CommonParameters>]

Description

The Remove-AzureRmADSpCredential cmdlet can be used to remove a credential key from a service principal in the case of a compromise or as part of credential key rollover expiration. The service principal is identified by supplying either the object ID or service principal name (SPN).

The credential to be removed is identified by its key ID if an individual credential is to be removed or with an 'All' switch to delete all credentials associated with the service principal.

Examples

-------------------------- Example 1 --------------------------

PS E:\> Remove-AzureRmADSpCredential -ObjectId 7663d3fb-6f86-4352-9e6d-cf9d50d5ee82 -KeyId 9044423a-60a3-45ac-9ab1-09534157ebb

This command removes a credential key from a service principal. In this example, the key with Id "9044423a-60a3-45ac-9ab1-09534157ebb" will be removed from the service principal.

-------------------------- Example 2 --------------------------

PS E:\> Remove-AzureRmADSpCredential -ServicePrincipalName http://test123 -All

This command removes a credential key from a service principal. In this example, all credentials will be removed from the service principal associated with the service principal name "http://test123".

Required Parameters

-All

Switch to remove all the credentials associated with the service principal.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-KeyId

Specifies the credential key to be removed. The key Ids for a service principal can be obtained using the Get-AzureRmADSpCredential cmdlet.

Type:Guid
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ObjectId

The object id of the service principal to remove the credentials from.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ServicePrincipalName

The name (SPN) of the service principal to remove the credentials from.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Force

Switch to delete credential without a confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WhatIf
Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False