New-EntraApplicationPasswordCredential

Module:: Microsoft.Entra

Creates a password credential for an application.

Syntax

New-EntraApplicationPasswordCredential
   -ApplicationId <String>
   [-CustomKeyIdentifier <String>]
   [-StartDate <DateTime>]
   [-EndDate <DateTime>]
   [<CommonParameters>]

Description

The New-EntraApplicationPasswordCredential cmdlet creates a password credential for an application in Microsoft Entra ID.

Examples

Example 1: Create a password credential

Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$application = Get-EntraApplication -Filter "displayName eq '<displayName>'"
$secret = New-EntraApplicationPasswordCredential -ApplicationId $application.Id
$secret | Format-List

CustomKeyIdentifier  : 77 97 114 97 32 76 117 120 117 114 121...
Value                : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
DisplayName          : Contoso Automation account
EndDateTime          : 5/9/2027 11:53:40 AM
Hint                 : WBB
KeyId                : tttttttt-0000-2222-0000-aaaaaaaaaaaa
SecretText           : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
StartDateTime        : 5/9/2025 11:53:39 AM

This command creates new password credential for specified application.

-ApplicationId Specifies the ID of an application.

Example 2: Create a password credential using CustomKeyIdentifier parameter

Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$application = Get-EntraApplication -Filter "displayName eq '<displayName>'"
$secret = New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '<userfriendlyDisplayName>'
$secret | Format-List

CustomKeyIdentifier  : 77 97 114 97 32 76 117 120 117 114 121...
Value                : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
DisplayName          : Contoso Automation account
EndDateTime          : 5/9/2027 11:53:40 AM
Hint                 : WBB
KeyId                : tttttttt-0000-2222-0000-aaaaaaaaaaaa
SecretText           : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
StartDateTime        : 5/9/2025 11:53:39 AM

This command creates new password credential for specified application.

-ApplicationId Specifies the ID of an application.
-CustomKeyIdentifier Speicifies unique binary identifier.

Example 3: Create a password credential using StartDate parameter

Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$application = Get-EntraApplication -Filter "displayName eq '<displayName>'"
$startDate = (Get-Date).AddYears(0)
$secret = New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '<userfriendlyDisplayName>' -StartDate $startDate
$secret | Format-List

CustomKeyIdentifier  : 77 97 114 97 32 76 117 120 117 114 121...
Value                : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
DisplayName          : Contoso Automation account
EndDateTime          : 5/9/2027 11:53:40 AM
Hint                 : WBB
KeyId                : tttttttt-0000-2222-0000-aaaaaaaaaaaa
SecretText           : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
StartDateTime        : 5/9/2025 11:53:39 AM

This command creates new password credential for specified application.

-ApplicationId Specifies the ID of an application.
-StartDate Speicifies the date and time at which the password becomes valid.

Example 4: Create a password credential using EndDate parameter

Connect-Entra -Scopes 'Application.ReadWrite.All','Application.ReadWrite.OwnedBy'
$application = Get-EntraApplication -Filter "displayName eq '<displayName>'"
$endDate = (Get-Date).AddYears(2)
$secret = New-EntraApplicationPasswordCredential -ApplicationId $application.Id -CustomKeyIdentifier '<userfriendlyDisplayName>' -EndDate $endDate
$secret | Format-List

CustomKeyIdentifier  : 77 97 114 97 32 76 117 120 117 114 121...
Value                : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
DisplayName          : Contoso Automation account
EndDateTime          : 5/9/2027 11:53:40 AM
Hint                 : WBB
KeyId                : tttttttt-0000-2222-0000-aaaaaaaaaaaa
SecretText           : wbBNW8kCuiPjNRg9NX98W_aaaaaaa
StartDateTime        : 5/9/2025 11:53:39 AM

This command creates new password credential for specified application.

-ApplicationId Specifies the ID of an application.
-EndDate Speicifies The date and time at which the password expires.

Parameters

-ApplicationId

Specifies the ID of an application in Microsoft Entra ID.

Type:	System.String
Aliases:	ObjectId
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-CustomKeyIdentifier

A unique binary identifier.

Type:	System.String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-EndDate

The date and time at which the password expires.

Type:	System.DateTime
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-StartDate

The date and time at which the password becomes valid.

Type:	System.DateTime
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

Share via

New-EntraApplicationPasswordCredential

Syntax

Description

Examples

Example 1: Create a password credential

Example 2: Create a password credential using CustomKeyIdentifier parameter

Example 3: Create a password credential using StartDate parameter

Example 4: Create a password credential using EndDate parameter

Parameters

-ApplicationId

-CustomKeyIdentifier

-EndDate

-StartDate

Related Links

Feedback