entra oauth2grant set

Update OAuth2 permissions for the service principal

Usage

m365 entra oauth2grant set [options]

Options

-i, --grantId <grantId>: objectId of OAuth2 permission grant to update.
-s, --scope <scope>: Permissions to grant.

-h, --help [help]: Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.
--query [query]: JMESPath query string. See http://jmespath.org/ for more information and examples.
-o, --output [output]: Output type. json, text, csv, md, none. Default json.
--verbose: Runs command with verbose logging.
--debug: Runs command with debug logging.

Remarks

Before you can update service principal's OAuth2 permissions, you need to get the objectId of the permissions grant to update. You can retrieve it using the entra oauth2grant list command.

If the objectId listed when using the entra oauth2grant list command has a minus sign ('-') prefix, you may receive an error indicating --grantId is missing. To resolve this issue simply escape the leading '-'.

m365 entra oauth2grant set --grantId \\-Zc1JRY8REeLxmXz5KtixAYU3Q6noCBPlhwGiX7pxmU

Examples

Update the existing OAuth2 permission grant with ID YgA60KYa4UOPSdc-lpxYEnQkr8KVLDpCsOXkiV8i-ek to the Calendars.Read Mail.Read permissions.

m365 entra oauth2grant set --grantId YgA60KYa4UOPSdc-lpxYEnQkr8KVLDpCsOXkiV8i-ek --scope "Calendars.Read Mail.Read"

Response

The command won't return a response on success.

More information

Application and service principal objects in Microsoft Entra ID: https://learn.microsoft.com/azure/active-directory/develop/active-directory-application-objects
Update a delegated permission grant (oAuth2PermissionGrant): https://learn.microsoft.com/graph/api/oauth2permissiongrant-update?view=graph-rest-1.0

Usage​

Options​

Remarks​

Examples​

Response​

More information​