Get-EntraServicePrincipalOwner

Reference

Module:: Microsoft.Graph.Entra

Get the owner of a service principal.

Syntax

Get-EntraServicePrincipalOwner
   -ServicePrincipalId <String>
   [-All]
   [-Top <Int32>]
   [-Property <String[]>]
   [<CommonParameters>]

Description

The Get-EntraServicePrincipalOwner cmdlet gets the owners of a service principal in Microsoft Entra ID.

Examples

Example 1: Retrieve the owner of a service principal

Connect-Entra -Scopes 'Application.Read.All'
$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq '<service-principal-displayName>'"
Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId

Id                                   DeletedDateTime
--                                   ---------------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb
bbbbbbbb-1111-2222-3333-cccccccccccc
cccccccc-2222-3333-4444-dddddddddddd

This example gets the owners of a specified service principal. You can use the command Get-EntraServicePrincipal to get service principal object ID.

-ServicePrincipalId parameter specifies the unique identifier of a service principal.

Example 2: Retrieve all the owners of a service principal

Connect-Entra -Scopes 'Application.Read.All'
$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq '<service-principal-displayName>'"
Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All

Id                                   DeletedDateTime
--                                   ---------------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb
bbbbbbbb-1111-2222-3333-cccccccccccc
cccccccc-2222-3333-4444-dddddddddddd

This command gets all the owners of a service principal. You can use the command Get-EntraServicePrincipal to get service principal object ID.

-ServicePrincipalId parameter specifies the unique identifier of a service principal.

Example 3: Retrieve top two owners of a service principal

Connect-Entra -Scopes 'Application.Read.All'
$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq '<service-principal-displayName>'"
Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -Top 2

Id                                   DeletedDateTime
--                                   ---------------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb
bbbbbbbb-1111-2222-3333-cccccccccccc

This command gets top two owners of a service principal. You can use the command Get-EntraServicePrincipal to get service principal object ID.

-ServicePrincipalId parameter specifies the unique identifier of a service principal.

Example 4: Retrieve service principal owner details

Connect-Entra -Scopes 'Application.Read.All'
$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq '<service-principal-displayName>'"
# Get the owners of the service principal
$owners = Get-EntraServicePrincipalOwner -ServicePrincipalId $servicePrincipal.ObjectId -All
$result = @()

# Loop through each owner and get their UserPrincipalName and DisplayName
foreach ($owner in $owners) {
    $userId = $owner.Id
    $user = Get-EntraUser -UserId $userId
    $userDetails = [PSCustomObject]@{
        Id                = $owner.Id
        UserPrincipalName = $user.UserPrincipalName
        DisplayName       = $user.DisplayName
    }
    $result += $userDetails
}

# Output the result in a table format
$result | Format-Table -AutoSize

Id                                   UserPrincipalName             DisplayName
--                                   -----------------             -----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb AlexW@contoso.com  Alex Wilber
bbbbbbbb-1111-2222-3333-cccccccccccc AdeleV@contoso.com Adele Vance

This example shows how to retrieve more details of a service principal owner such as displayName, userPrincipalName.

Parameters

-All

List all pages.

Type:	System.Management.Automation.SwitchParameter
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Property

Specifies properties to be returned.

Type:	System.String[]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ServicePrincipalId

Specifies the ID of a service principal in Microsoft Entra ID.

Type:	System.String
Aliases:	ObjectId
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Top

Specifies the maximum number of records to return.

Type:	System.Int32
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

Share via

Get-EntraServicePrincipalOwner

Syntax

Description

Examples

Example 1: Retrieve the owner of a service principal

Example 2: Retrieve all the owners of a service principal

Example 3: Retrieve top two owners of a service principal

Example 4: Retrieve service principal owner details

Parameters

-All

-Property

-ServicePrincipalId

-Top

Feedback

Additional resources

Share via

Get-EntraServicePrincipalOwner

Syntax

Description

Examples

Example 1: Retrieve the owner of a service principal

Example 2: Retrieve all the owners of a service principal

Example 3: Retrieve top two owners of a service principal

Example 4: Retrieve service principal owner details

Parameters

-All

-Property

-ServicePrincipalId

-Top

Related Links

Feedback

Additional resources