Share via

How can I tag Service Principals or App Registrations (or whatever they're called)?

ExtraLargeFork 1 Reputation point
2025-01-22T16:06:16.0833333+00:00

I have app registrations with secrets/certs I want to programmatically track in terms of expiration. But to do this, I need to somehow tag either the secrets/certs themselves of the app registration with ownership information (so I can inform the right people).

I've been unable to find clear documentation on the process. The manifest for app registrations clearly shows a "tags" field.

User's image

But how do I actually add, update, and remove tags? I've tried a number of CLI options including:

az ad sp update --id $appID --add $tags


az tag update --resource-id $appID --operation Merge --tags owner=
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,934 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,236 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. CarlZhao-MSFT 45,021 Reputation points
    2025-01-23T02:42:28.3733333+00:00

    Hi @ExtraLargeFork

    You can try the following command to update the tags of your application.

    mgc applications patch --application-id {application-id} --body '
\
"{\"tags\": [\"ProductionApp\"]}"'

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.