Skip to content

aad oauth2grant list

Lists OAuth2 permission grants for the specified service principal


m365 aad oauth2grant list [options]


-i, --clientId <clientId>
objectId of the service principal for which the configured OAuth2 permission grants should be retrieved
-h, --help
output usage information
--query [query]
JMESPath query string. See for more information and examples
-o, --output [output]
Output type. json,text. Default text
Runs command with verbose logging
Runs command with debug logging


In order to list existing OAuth2 permissions granted to a service principal, you need its objectId. You can retrieve it using the aad sp get command.

When using the text output type (default), the command lists only the values of the objectId, resourceId and scope properties of the OAuth grant. When setting the output type to JSON, all available properties are included in the command output.


List OAuth2 permissions granted to service principal with objectId b2307a39-e878-458b-bc90-03bc578531d6.

m365 aad oauth2grant list --clientId b2307a39-e878-458b-bc90-03bc578531d6

More information