Skip to content

aad oauth2grant remove

Remove specified service principal OAuth2 permissions


aad oauth2grant remove [options]


Option Description
--help output usage information
-i, --grantId <grantId> objectId of OAuth2 permission grant to remove
--query [query] JMESPath query string. See for more information and examples
-o, --output [output] Output type. json,text. Default text
--pretty Prettifies json output
--verbose Runs command with verbose logging
--debug Runs command with debug logging


Before you can remove service principal's OAuth2 permissions, you need to get the objectId of the permissions grant to remove. You can retrieve it using the aad oauth2grant list command.

If the objectId listed when using the aad oauth2grant list command has a minus sign ('-') prefix, you may receive an error indicating --grantId is missing. To resolve this issue simply escape the leading '-'.

aad oauth2grant remove --grantId \\-Zc1JRY8REeLxmXz5KtixAYU3Q6noCBPlhwGiX7pxmU


Remove the OAuth2 permission grant with ID YgA60KYa4UOPSdc-lpxYEnQkr8KVLDpCsOXkiV8i-ek

aad oauth2grant remove --grantId YgA60KYa4UOPSdc-lpxYEnQkr8KVLDpCsOXkiV8i-ek

More information