Remove-EntraOAuth2PermissionGrant

Reference

Module:: Microsoft.Graph.Entra

Removes an OAuth2PermissionGrant.

Syntax

Remove-EntraOAuth2PermissionGrant
      -ObjectId <String>
      [<CommonParameters>]

Description

The Remove-EntraOAuth2PermissionGrant cmdlet removes an OAuth2PermissionGrant object in Microsoft Entra ID.

When a delegated permission grant is deleted, the access it granted is revoked. Existing access tokens will continue to be valid for their lifetime, but new access tokens will not be granted for the delegated permissions identified in the deleted OAuth2PermissionGrant.

Examples

Example 1: Remove an OAuth2 permission grant

Connect-Entra -Scopes 'DelegatedPermissionGrant.ReadWrite.All'
$SharePointSP = Get-EntraServicePrincipal | Where-Object {$_.DisplayName -eq 'Microsoft.SharePoint'}
$SharePointOA2AllSitesRead = Get-EntraOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $SharePointSP.ObjectId} | Where-Object {$_.Scope -eq 'AllSites.Read'}
Remove-EntraOAuth2PermissionGrant -ObjectId $SharePointOA2AllSitesRead.ObjectId

This example shows how to remove an OAuth2PermissionGrant object in Microsoft Entra ID.

Parameters

-ObjectId

Specifies the ID of an OAuth2PermissionGrant object in Microsoft Entra ID.

Type:	System.String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

Share via

Remove-EntraOAuth2PermissionGrant

Syntax

Description

Examples

Example 1: Remove an OAuth2 permission grant

Parameters

-ObjectId

Feedback

Additional resources

Share via

Remove-EntraOAuth2PermissionGrant

Syntax

Description

Examples

Example 1: Remove an OAuth2 permission grant

Parameters

-ObjectId

Related Links

Feedback

Additional resources