Remove-MgServicePrincipalOwnerByRef
Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners.
Note
To view the beta release of this cmdlet, view Remove-MgBetaServicePrincipalOwnerDirectoryObjectByRef
Syntax
Delete (Default)
Remove-MgServicePrincipalOwnerByRef
-DirectoryObjectId <String>
-ServicePrincipalId <String>
[-IfMatch <String>]
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
DeleteViaIdentity
Remove-MgServicePrincipalOwnerByRef
-InputObject <IApplicationsIdentity>
[-IfMatch <String>]
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-PassThru]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners.
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Application.ReadWrite.All, Directory.ReadWrite.All, |
| Delegated (personal Microsoft account) | Not supported |
| Application | Application.ReadWrite.OwnedBy, Directory.ReadWrite.All, Application.ReadWrite.All, |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Applications
$params = @{
"@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/{id}"
}
Remove-MgServicePrincipalOwnerByRef -ServicePrincipalId $servicePrincipalId -DirectoryObjectId $directoryObjectId -BodyParameter $params
This example shows how to use the Remove-MgServicePrincipalOwnerByRef Cmdlet.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DirectoryObjectId
The unique identifier of directoryObject
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Delete
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Headers
Optional headers that will be added to the request.
Parameter properties
| Type: | IDictionary |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IfMatch
ETag
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Parameter properties
| Type: | IApplicationsIdentity |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
DeleteViaIdentity
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PassThru
Returns true when the command succeeds
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RHV |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ServicePrincipalId
The unique identifier of servicePrincipal
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Delete
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Graph.PowerShell.Models.IApplicationsIdentity
System.Collections.IDictionary
Outputs
System.Boolean
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
INPUTOBJECT <IApplicationsIdentity>: Identity Parameter
[AppId <String>]: Alternate key of application[AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy[AppRoleAssignmentId <String>]: The unique identifier of appRoleAssignment[ApplicationId <String>]: The unique identifier of application[ApplicationTemplateId <String>]: The unique identifier of applicationTemplate[ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy[DelegatedPermissionClassificationId <String>]: The unique identifier of delegatedPermissionClassification[DirectoryDefinitionId <String>]: The unique identifier of directoryDefinition[DirectoryObjectId <String>]: The unique identifier of directoryObject[EndpointId <String>]: The unique identifier of endpoint[ExtensionPropertyId <String>]: The unique identifier of extensionProperty[FederatedIdentityCredentialId <String>]: The unique identifier of federatedIdentityCredential[GroupId <String>]: The unique identifier of group[HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy[Name <String>]: Alternate key of federatedIdentityCredential[OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant[ServicePrincipalId <String>]: The unique identifier of servicePrincipal[SynchronizationJobId <String>]: The unique identifier of synchronizationJob[SynchronizationTemplateId <String>]: The unique identifier of synchronizationTemplate[TargetDeviceGroupId <String>]: The unique identifier of targetDeviceGroup[TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy[TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy[UniqueName <String>]: Alternate key of application[UserId <String>]: The unique identifier of user