Home
PowerShell
Get-MgServicePrincipal

How to get Microsoft Entra ID service principals using Get-MgServicePrincipal

Getting service principals in Microsoft Entra ID

Service principals represent applications, services, or automation tools in Microsoft Entra ID. They're essential for managing app identities and permissions within your tenant. IT admins use service principals to configure SSO, grant API permissions, and control access to resources. The Get-MgServicePrincipal command in Microsoft Graph PowerShell helps list and inspect these identities, but it requires familiarity with scripting and interpreting raw property data.

Get service principals in Microsoft Entra ID using Microsoft Graph PowerShell

Prerequisites

Before running the cmdlet, ensure the following requirements are met:

Install the Microsoft Graph PowerShell module.
If not already installed, run:

Install-Module Microsoft.Graph -Scope CurrentUser
Connect to Microsoft Graph with the necessary permissions.
You'll need directory read access. Connect using:

Connect-MgGraph -Scopes "Directory.Read.All"

Using the Get-MgServicePrincipal cmdlet to get service principals in Microsoft Entra ID

Use the Get-MgServicePrincipal cmdlet in Microsoft Graph PowerShell to get service principals in Entra ID. The syntax is as follows:


                              Get-MgServicePrincipal 

                                [-Property <String[]>] 

                                [-ExpandProperty <String[]>] 

                                [-Filter <String>] 

                                [-Search <String>] 

                                [-Skip <Int32>] 

                                [-Sort <String[]>] 

                                [-Top <Int32>] 

                                [-ResponseHeadersVariable <String>] 

                                [-Headers <IDictionary>] 

                                [-PageSize <Int32>] 

                                [-All] 

                                [-CountVariable <String>] 

                                [<CommonParameters>]

Example use case and script using the Get-MgServicePrincipal cmdlet

Example: Get the service principal by display name.


                              Get-MgServicePrincipal -Filter "DisplayName eq 'Microsoft Teams'" | 

                              Format-List Id, DisplayName, AppId, SignInAudience

Supported parameters

The table below lists key parameters that can be used with the Get-MgServicePrincipal cmdlet to get service principals in Entra ID.

Parameters	Description
-Property	Specifies which properties to return in the response.
-ExpandProperty	Expands related entities inline (like owners or appRoleAssignments).
-Filter	Filters the results based on property values (OData filter syntax).
-Search	Searches across indexed properties.
-Skip	Skips a specified number of results.
-Sort	Sorts the results by one or more properties.
-Top	Limits the number of results returned.
-ResponseHeadersVariable	Stores response headers in a variable.

Challenges of using Graph PowerShell scripts to get service principals in Microsoft Entra ID

Not every Microsoft Graph function has a dedicated PowerShell cmdlet. Some tasks still require direct API calls to fill the gaps.
Graph API has throttling limits. When querying large datasets or running scripts continuously, those limits can slow things down or block operations.
With the move from Azure AD PowerShell to Microsoft Graph, admins need to adapt to new syntax, modules, and command structure to stay effective.
Some service principal attributes aren't returned by default, so you'll need to fetch them explicitly.

Why use ADManager Plus for management and reporting

Manage Microsoft Entra ID with an intuitive GUI, eliminating the need for PowerShell coding.
ADManager Plus facilitates streamlined user life cycle management across integrated enterprise applications.
Automate critical identity life cycle actions across applications from a single console.
Delegate tasks securely to help desk technicians without granting full administrative access.
Generate detailed Microsoft 365 reports in just a few clicks.

Simplify Microsoft Entra ID administration with ADManager Plus

Try it now for free

Getting service principals in Microsoft Entra ID
Get service principals in Microsoft Entra ID using Microsoft Graph PowerShell
Supported parameters
Challenges of using Graph PowerShell scripts to get service principals in Microsoft Entra ID
Why use ADManager Plus for management and reporting

Related features:

Related Powershell Guides: