Invoke-EntraServicePrincipalSecret
SYNOPSIS
Manages secrets for Microsoft Entra service principals.
SYNTAX
name (Default)
Invoke-EntraServicePrincipalSecret -ServicePrincipalName <String> [-secretKeyId <String>] [-MDAPPGUID <String>]
[-certTemplate <String>] [-TaskNumber <String>] [-update] [-onderwijs] [-test] [<CommonParameters>]
appid
Invoke-EntraServicePrincipalSecret -appid <String> [-secretKeyId <String>] [-MDAPPGUID <String>]
[-certTemplate <String>] [-TaskNumber <String>] [-update] [-onderwijs] [-test] [<CommonParameters>]
DESCRIPTION
The `Invoke-EntraServicePrincipalSecret` function manages secrets for Microsoft Entra service principals. It validates the existence of the service principal, retrieves or renews secrets, and updates the corresponding entries in PasswordState. The function supports connecting to different tenants, generating new secrets, and updating service principal details.
EXAMPLES
EXAMPLE 1
Manages the secret for the service principal "MyApp" with the specified task number.
EXAMPLE 2
Forces the secret update for the service principal with the specified application ID.
EXAMPLE 3
Uses the alias `Reset-EntraServicePrincipalSecret` to manage the secret for the service principal "MyApp" in the "onderwijs" tenant.
PARAMETERS
-appid
The application ID of the service principal.
Type: String
Parameter Sets: appid
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-ServicePrincipalName
The display name of the service principal. If not specified, the `appid` is used to locate the service principal.
Type: String
Parameter Sets: name
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-secretKeyId
The ID of the specific secret key to manage.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-MDAPPGUID
The GUID of the managed application associated with the service principal.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-certTemplate
The certificate template to use for generating a new certificate. Defaults to `_D09-CA2-SHA256-EntraID`.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: _D09-CA2-SHA256-EntraID
Accept pipeline input: False
Accept wildcard characters: False
-TaskNumber
The task number associated with the operation. Defaults to `T0000000`.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: T0000000
Accept pipeline input: False
Accept wildcard characters: False
-update
A switch parameter that, when specified, forces the update of the secret even if it is still valid.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-onderwijs
A switch parameter that, when specified, connects to the "onderwijs" tenant.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-test
{{ Fill test Description }}
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.