Home
PowerShell
Add-MgApplicationPassword

How to add an application password in Entra ID using Microsoft Graph PowerShell

The Add-MgApplicationPassword cmdlet creates and assigns a new password credential to a specific application registered in Microsoft Entra ID (previously Azure AD). This cmdlet is essential when applications require client secrets for authentication.

Add application password using Microsoft Graph PowerShell

Before using the cmdlet, ensure that the Microsoft Graph PowerShell module is installed. If not, install it using this PowerShell command:
Install-Module Microsoft.Graph -Scope CurrentUser
Also, use the following PowerShell command to connect to Microsoft Graph with the required permissions (e.g., Application.ReadWrite.All):
Connect-MgGraph -Scopes "Application.ReadWrite.All"

Using the Add-MgApplicationPassword cmdlet

Run the following Graph PowerShell command below to add a password (client secret) to an application. Replace <application-id> with the object ID or GUID of the application, and <object> with the properties for the new password credential:


                              Add-MgApplicationPassword -ApplicationId <application-id> -PasswordCredential <object>

Examples

Example 1: Add a new password credential to an application

This Graph PowerShell command adds a password credential with the display name "MyAppSecret" to the specified application:


                              Add-MgApplicationPassword -ApplicationId "12345678-90ab-cdef-1234-567890abcdef" -PasswordCredential @{ displayName="MyAppSecret" }

Example 2: Set a custom password value

This Graph PowerShell command creates a new password credential with a specified value:


                              Add-MgApplicationPassword -ApplicationId "12345678-90ab-cdef-1234-567890abcdef" -PasswordCredential @{ displayName="Secret2"; secretText="CustomPassword123!" }

Supported parameters

The following are some essential parameters that can be used along with the Add-MgApplicationPassword command:

Parameters	Description
-ApplicationId	The object ID or unique identifier for the application
-PasswordCredential	Specifies properties of the new password credential (e.g., displayName, endDateTime)
-PassThru	Returns the created password credential object
-WhatIf	Shows what would happen if the cmdlet ran, without executing it
-Confirm	Prompts for confirmation before running the cmdlet

Limitations of using Microsoft Graph PowerShell to add application password

PowerShell commands can be difficult to manage with complex scenarios.
IT admins can spend a lot of time debugging errors, which in turn negatively impacts productivity.
Delegation can get tricky since technicians require elevated permissions.

How ADManager Plus helps you manage Microsoft Entra ID

ADManager Plus, an identity governance and administration solution with comprehensive Microsoft Entra ID management and reporting capabilities, simplifies complex admin tasks from a single, user-friendly console:

Manage Entra ID users, contacts, groups, licenses, and other objects with a script-free, centralized console.
Reduce human errors by automating user provisioning, deprovisioning, and license assignment across various platforms.
Delegate Entra ID tasks to technicians without elevating their native privileges.
Keep a watchful eye with 200+ prepackaged reports for your Entra ID and AD environments.
Monitor delegated activities through smart workflows.
Ensure business continuity with AD, Entra ID, and Google Workspace backup and recovery.

Perform script-free Microsoft Entra ID management and reporting with ADManager Plus

Try it now for free

Add application password using Microsoft Graph PowerShell
Examples
Supported parameters
Limitations of using Microsoft Graph PowerShell to add application password
How ADManager Plus helps you manage Microsoft Entra ID

Related features:

Related Powershell Guides: