How to remove deleted directory items using Microsoft Graph PowerShell

The Remove-MgDirectoryDeletedItem cmdlet permanently deletes an item from the deleted objects container in Microsoft Entra ID. When directory objects such as users, groups, or applications are deleted, they are first moved to a soft-deleted state (the recycle bin), from which they can be restored if needed. This cmdlet bypasses the recovery option and ensures that the object is hard-deleted, meaning it cannot be restored. Administrators typically use this for cleanup tasks, such as removing obsolete test accounts, decommissioned applications, or eliminating groups that should no longer exist in the environment. Since permanent deletion may also have implications for auditing and compliance, it is recommended to use this cmdlet cautiously and only when you are certain that the object should not be recovered.

This article shows how you can remove deleted objects using both Microsoft Entra admin center and Microsoft Graph PowerShell:

Remove deleted directory items using Microsoft Graph PowerShell

Prerequisites

Ensure you have sufficient permissions and the Graph module installed:

Using the Remove-MgDirectoryDeletedItem cmdlet

Run the cmdlet below by replacing with the deleted object's ID.

Examples

Example 1: Permanently delete a user

Example 2: Preview deletion without executing

Example 3: Confirm before deleting

Supported parameters

The following are some essential parameters that can be used along with theRemove-MgDirectoryDeletedItem cmdlet:

Limitations of using native tools to remove deleted objects

• PowerShell commands can get complex with different use cases and scenarios.
• IT admins can spend a lot of time troubleshooting errors, which negatively impacts productivity.
• Delegation can get tricky since technicians require elevated permissions.